CS 6324 Information Security

Fall 2009; Time: 10am-11:15am, Location: ECSS 2.410

If you took CS4393 Computer and Network Security, you should NOT take this course.

(This page is under construction)
A comprehensive study of security vulnerabilities in computer and networking systems and the basic techniques for developing secure applications and practicing safe computing. Topics including Common attacking techniques such as buffer overflow, Trojan, virus, etc. UNIX, Windows and Java security. Conventional encryption. Hashing functions and data integrity. Public-key encryption (RSA, Elliptic-Curve). Digital signature. Watermarking for multimedia. Security standards and applications. Building secure software and systems. Management and analysis of security. Legal and ethical issues in computer security.

Information security has grown into a rich and diversified area. But I believe that it is very important for students to learn fundamental issues first. It is very appropriate for students to take this couese as the FIRST one to learn security. It covers all the basic areas of security and will not only focus on a particular domain so students by taking this course will have an invaluable broad knowledge of security. This course involves theories, algorithms and programming of cryptography (encryption/decryption), computer systems security, secure software, and basic network security, etc. After taking this course, students will have the knowledge to study more specialized security issues such as Network Security.

My style of graduate teaching is to give students motivations and directions. Homework and projects play an inportant role of the course work. A few interesting homework and programming projects will be given, and term projects will be developed through a team work. Students will give presentations in class. You will find that this course will be quite different from other grad. courses offered in UTD. And I am sure that you will enjoy it. Feel free to come to chat with me at anytime for anything.

The students should know operating systems. If you have any questions, let me know.

Professor

• Dr. Edwin Sha (edsha@utdallas.edu) Office hour: 11:15am to 12:15pm, Tuesday.

TA

• Aaron (Jingtong) Hu, hujingtong@student.utdallas.edu, TA office hours: 3-5PM Monday ECSS 2.104 and 7-8PM Wednesday ECSS 3.222..

More detailed information can be found in course syllabus (pdf version) .

Term Project Presentation: Nov. 19 and Nov. 24, 2009.
Info. related to Term Projects and Term Project Presentation Order of 2009 Fall. The term project report is due by 11am Dec. 3, 2009.

We will have many in-class quizes and the final test held in class on Dec. 1, 2009. The grading will be based on homework, projects, quizes, test and term-project report and presentation.

Some on-line stuffs

• Basic introduction of cryptosystems
• Chapter 3

Homework and Programming Assignments

• Several interesting homework and programming projects will be given.
• Programming projects can be done by teams of two students, and term project can be conducted through teamwork, too.
• Class participation is important for this course. You should not miss any of the classes.
• If you want to attend the class, you must send me an email with the requested information before the due date. Homework 0
• Programming Assignment 1 ; Due time: 10am, Sept. 22, 2009, Please form a team with two members.
  • The Table of ASCII Code for your programming assignment 1.
  • English letter distribution for your reference. You may consdier the inclusion of spaces.
• Homework 1
  • Internet Worm Tour paper .
  • Internet Worm paper by MIT .
• Programming Assignment 2
• Homework 2
  • A good UNIX password security paper .
  • Another password document .
• HW for term project information (Due Nov. 10, 2009)
• Homework and Programming Assignment 3 (Due Nov. 17, 2009)
  • Stack Overflow for Sparc machines .
  • A very good article about stack overflow .
  • A helping note for SUN Sparc stack frame.

Reference Resources (UTD provides very good Electronic Database.)

• UTD Engineering Database
• IEEE Resource
• An Amazing paper finder

Some links to security:

• Vulnerability Notes Database
• Home Network Security
• National Security Institute - Security Resource Net
• Network Security Library
• NIST (National Institute of Standards and Technology)
  • AES (Advanced Encryption Standard) page
  • Computer Security Division Projects
  • Computer Security Resource Clearinghouse
  • Secure Hash Standard (SHA-1, SHA-256, SHA-384, and SHA-512)
• Some good security articles
• Internet RFC's
• RSA Security
  • RSA Laboratories
  • RSA's Cryptography FAQ.
  • Factoring Challenge
  • CryptoBytes
• Ron Rivest's good collection of Links
• Cryptography: Theory and Practice, by Doug Stinson.
• Handbook of Applied Cryptography, by Menezes, van Oorschot, and Vanstone.
• Cryptolog collection of links
• SSH Communications Security (Tatu Ylonen)
• Oded Goldreich's Theory of Cryptography Library
• IACR Cryptography ePrint Archive
• Yahoo's Security And Encryption Page
• John Young's crypto page and NYA (JYA).
• Schlumberger Smart Cards
• CERT (Computer Emergency Response Center at CMU) and ASSIST - Automated Systems Security Incident Support Team (DOD-CERT)
• Anonymous remailer FAQ
• Cipher, the newsletter of the Technical Committee on Security and Privacy of the Computer Society of the IEEE. Their calendar of upcoming events.
• sci.crypt (FAQ)
• sci.crypt.research
• Coderpunks Archive
• talk.politics.crypto
• comp.security.misc (FAQ) (FAQ)
• alt.security
• comp.security.announce
• alt.security.pgp
• alt.security.keydist
• alt.security.ripem
• comp.security.unix (FAQ)
• comp.protocols.kerberos
• comp.virus (FAQ)
• comp.risks
• FAQ for Firewalls
• Cryptography FAQ

Other Intersting Links

• A Beginner Guide to HTML
• WWW Computer Architecture

Students

• Student links will be put here.

Revised by Edwin Sha - 2008.