CSE 410/565 Spring 2022: Computer Security
General Information
Class Schedule
- Tue Thu 12:30-1:50pm Jan 31 - May 13 in Alumni Arena 97
- Midterm exam: Apr 12 12:30-1:50pm in Alumni Arena 97
- Final exam: May 19, 11:45am-2:45pm, Alumni Arena 97
Instructor
- Marina Blanton
Email: mblanton at buffalo.edu
Office: 333 Davis Hall
Office hours: Mon 2-3pm via Zoom, Thu 10-11am in Davis 333, or by appointment
Teaching Assistant
- Dennis Murphy
Email: dpm29 at buffalo.edu
Office: 302 Davis Hall
Office hours: Wed 2-3pm in or near Davis 302 and Fri 3-5pm via Zoom
Course Objectives and Description
The objectives of this course consist of developing a solid understanding of
fundamental principles of the security field and building knowledge of tools
and mechanisms to safeguard a wide range of software and computing systems.
It is intended for upper-level undergraduate and graduate students, and a tentative list of the covered
topics is:
- cryptographic background and tools
- access control
- authentication
- software security, malware
- Internet security protocols and standards (SSL/TLS, IPsec, secure email)
- intrusion detection and intrusion prevention systems (firewalls)
- database security
- privacy
- identity management
- security management and risk assessment
- legal and ethical aspects (cybercrime, intellectual property)
Grading
Grading for this course will be based on homework assignments and projects
(HW), one midterm exam (ME), and the final exam (FE). The grade
will consist of 35% HW, 30% ME, and 35% FE. You can expect that performance
at 90% or higher earns an A, 80% or higher earns a B, etc. The scale might
be adjusted by the instructor if deemed necessary.
There will be six homework assignments, some of which will be
programming assignments. The current plan is to have the assignments
due on Feb 17, Mar 3, Mar 17, Apr 7, Apr 28, and May 12 and have the
midterm exam on Apr 12.
Textbooks
Required textbook: - William Stallings and Lawrie Brown, Computer Security:
Principles and Practice, 4th edition, Pearson, 2017.
Additional resources:
- Charles Pfleeger and Shari Pfleeger, Security in Computing.
- William Stallings, Cryptography and Network Security, Principles and
Practice.
- Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security:
Private Communication in a Public World.
- Edward Skoudis and Tom Liston, Counter Hack Reloaded: A Step-by-Step
Guide to Computer Attacks and Effective Defenses.
- Ross Anderson, Security Engineering: A Guide to Building Dependable
Distributed Systems.
Course Policies
- Lectures and quizzes
- Lectures will be posted on the course web page prior to the class time.
- The academic integrity quiz must be answered correctly within the two weeks of classes to pass the course.
- Homework assignments
- All assignments must be done individually unless announced
otherwise; no collaboration on solving or writing assignments.
- Searching for homework answers online is not permitted.
- The use of any external resources should be properly documented
when answering the question (i.e., not at the end of the homework)
and the nature of the help the document provided (i.e., what
information it contained and how it helped with answering the question).
- If you come across an answer to a homework question online, you
receive 70% of the question's credit.
- Homeworks will be submitted via UBlearns; they must be typed (diagrams
can be hand-drawn) and normally would need to be submitted as a PDF.
- Late submissions
- Each student receives three days that can be used to turn
assignments in late. Each extra day extends the deadline by 24 hours.
Whenever using one or more of these days on an
assignment, you must communicate this to the instructor prior to the
deadline.
- No late assignments beyond the three extra days is accepted.
Grading
- Homework or exam regrade requests need to be submitted within
two weeks of releasing the graded material to the class.
- The request needs to be in writing clearly describing the
error in grading.
Course materials
- Sharing of the course materials provided by the instructor with
someone who is not currently enrolled in this course or in a forum
accessible to someone not currently enrolled in this course is not
allowed without the instructor's permission.
Academic Integrity
Computer science, as a profession, requires us to seek truth not only in
scientific discoveries, but also in dealing with the public, as the public
depends on our expertise and honesty to construct their computing
infrastructure. Thus, competence and trust are essential to being a scholar
and a computing professional in particular.
Your instructor will treat you as a professional, and you should plan on
conducting yourself in an appropriate way. No behavior that compromises
academic honesty (such as use of someone else's work or code, using
prohibited materials during tests, or making your work available to others)
will be tolerated in this course. If you need assistance with anything, do
not hesitate to contact the instructor.
It is expected that your work represents your own understanding of the
problem. If work of others is used, it must be properly cited. Use of
properly cited material is acceptable, but no referencing is treated as
claiming the work as your own.
Academic integrity is a fundamental university value. Through the honest completion of academic work, students sustain the integrity of the university and of themselves while facilitating the university's imperative for the transmission of knowledge and culture based upon the generation of new and innovative ideas.
Academic dishonesty will not be tolerated in this course. It is the
CSE policy that each case of academic integrity violation is recorded.
The standing policy of the department is that all students involved in
an academic integrity violation will receive an F grade for the
course. Repeated violations always result in a failure in the course
with possibly more severe actions imposed by the university.
For more information, please refer to the CSE academic integrity policy, graduate link and undergraduate link, and UB academic
integrity policies.
Accessibility Resources
If you have any disability which requires reasonable accommodations to enable you to participate in this course, please contact the Office of Accessibility Resources in 60 Capen Hall, 716-645-2608 and also the instructor of this course during the first week of class. The office will provide you with information and review appropriate arrangements for reasonable accommodations, which can be found on the web at: http://www.buffalo.edu/studentlife/who-we-are/departments/accessibility.html.
Equity, Diversity and Inclusion
The Office of Equity,
Diversity and Inclusion provides guidance and
help with respect to discrimination, harassment, accommodations and
related issues.
Additional Support Services
The department provides a list of additional
resources at UB and in the area to help with mental and other health
issues, equity, and diversity.
Detailed Course Schedule
Homework assignments and other course-related materials not posted on
this web page are available through UBlearns.
|
Tuesday |
Thursday |
Week 1 (Jan 31 - Feb 5) |
|
- Lecture: Symmetric Encryption I
- Recommended reading: Sections 2.1 and 20.2
- Academic integrity quiz is assigned
|
Week 2 (Feb 7 - 11) |
|
|
Week 3 (Feb 14 - 18) |
- Lecture: previous lecture continued
|
|
Week 4 (Feb 21 - 25) |
|
|
Week 5 (Feb 28 - Mar 4) |
|
- Lecture: Access Control II
- Recommended reading: Sections 4.5 through 4.8
- Homework 3 is assigned
|
Week 6 (Mar 7 - 11) |
|
|
Week 7 (Mar 14 - 18) |
|
|
Week 8 (Mar 21 - 25) |
|
|
Week 9 (Mar 28 - Apr 1) |
|
|
Week 10 (Apr 4 - 9) |
- Lecture: Previous lecture continued
|
|
Week 11 (Apr 11 - 15) |
|
|
Week 12 (Apr 18 - 22) |
- Lecture: Malware
- Recommended reading:
|
|
Week 13 (Apr 25 - 29) |
|
|
Week 14 (May 2 - 6) |
|
|
Week 15 (May 9 - 13) |
|
|