CS 4393 Computer and Network Security

Spring 2010. Time: TBD

(This page is under construction)
A comprehensive study of security vulnerabilities in computer and networking systems and the basic techniques for developing secure applications and practicing safe computing. Topics including Common attacking techniques such as buffer overflow, Trojan, virus, etc. OS security. Conventional encryption. Hashing functions and data integrity. Public-key encryption. Digital signature. Security standards and applications. Building secure software and systems.

Information security has grown into a rich and diversified area. But I believe that it is very important for students to learn fundamental issues first. It covers all the basic areas of security and will not only focus on a particular domain so students by taking this course will have an invaluable broad knowledge of security. This course involves theories, algorithms and programming of cryptography (encryption/decryption), computer systems security, secure software, and basic network security, etc. After taking this course, students will have the knowledge to study more specialized security issues such as Network Security.

Pre-requisite: Only one: CS4348 OS. I will cover the required networking knowledge in class so you do not need to take computer networks as a pre-requisite. CS4390 has been removed from pre-req. list.

Professor

Dr. Edwin Sha (edsha@utdallas.edu) Office hour: Tuesday 2:15 - 3:20pm.

TA

Aaron Hu, hujingtong@gmail.com , TA office hours: 3-5pm and 8-9pm Wednesday. Location: ES 3.222.

More detailed information can be found in course syllabus.

Information related to Presentations and Term Projects are listed.

Here is the Group Order List. Each team will present their term project in classes on April 20 (Tuesday) and April 22 (Thursday). Email me your powerpoint file (edsha@utdallas.edu) after your presentation. The term project report is due by 11am, April 29, 2010 (Thursday). Give a hard copy to my office ES 3.226. If I am not in the office, insert your report under the door and then send an email to me (edsha).

The final exam will be held at 10am, IN CLASS TIME on April 27, 2010 (Tuesday). YOU MUST NOT MISS IT. I will tell you how to prepare for the exam.

Some on-line stuffs

Assignments

Several interesting homeworks and programming projects will be given. They are important for this course. You will have fun.
Class participation is important for this course. You should not miss any of the classes.
Homework 0 : I want to know my students better. If you are attending my class, send me an email with the requested information before the due date.
Programming Assignment 1 ; Please form a team with two members.
- The Table of ASCII Code for your programming assignment 1.
- English letter distribution for your reference.
Homework 1 ;
- Internet Worm Tour paper .
- Internet Worm paper by MIT .

Reference Resources (UTD provides very good Electronic Database.)

Some links to security:

These links might be useful for the references of student's projects.

Vulnerability Notes Database
Home Network Security
National Security Institute - Security Resource Net
Network Security Library
NIST (National Institute of Standards and Technology)
- AES (Advanced Encryption Standard) page
- Computer Security Division Projects
- Computer Security Resource Clearinghouse
- Secure Hash Standard (SHA-1, SHA-256, SHA-384, and SHA-512)
Some good security articles
Internet RFC's
RSA Security
- RSA Laboratories
- RSA's Cryptography FAQ.
- Factoring Challenge
- CryptoBytes
Ron Rivest's good collection of Links
Cryptography: Theory and Practice, by Doug Stinson.
Handbook of Applied Cryptography, by Menezes, van Oorschot, and Vanstone.
Cryptolog collection of links
SSH Communications Security (Tatu Ylonen)
Oded Goldreich's Theory of Cryptography Library
IACR Cryptography ePrint Archive
Yahoo's Security And Encryption Page
John Young's crypto page and NYA (JYA).
Schlumberger Smart Cards
CERT (Computer Emergency Response Center at CMU) and ASSIST - Automated Systems Security Incident Support Team (DOD-CERT)
Anonymous remailer FAQ
Cipher, the newsletter of the Technical Committee on Security and Privacy of the Computer Society of the IEEE. Their calendar of upcoming events.
sci.crypt (FAQ)
sci.crypt.research
Coderpunks Archive
talk.politics.crypto
comp.security.misc (FAQ) (FAQ)
alt.security
comp.security.announce
alt.security.pgp
alt.security.keydist
alt.security.ripem
comp.security.unix (FAQ)
comp.protocols.kerberos
comp.virus (FAQ)
comp.risks
FAQ for Firewalls
Cryptography FAQ

Students

Student links will be put here.

Revised by Edwin Sha - 2008.