CSCI 430 - Fall 2020
Introduction to Computer and Network Security
M 2:00 - 5:20 pm on Zoom

Announcements
  • CTF groups are shown in the table below:
    ConstellationGalaxyPulsarSupernovaComet
    Laurence FongZohar RabinovichAnthony DamoreJonathan HoltmannSean Syed
    Nicholaus StadlerAnkita GuptaHa Young KongLazlo EisnerKarthik Sivanadyan
    James ButtlerAshwin BhumblaAhmed OsmanVatsal DoshiBarry Best
    Winston WeiShannon CameronDenny ShenRami HammoudAlexander Baker
    Didunoluwa AyodejiAlex GertelMaegan ChewCathy DingMelina Eliyasan
    Bryan HoPhilip JungIsaiah KimLauren KrikorianLonghuy Nguyen
    Kelley NguyenBenjamin SextonAnna ShottMicah SteinbergCaitlin Swanson
    John Van LiereJames WolfeDae Ro WonAo XuKevin Zhang
  • Sample midterm one and two and solved versions one and two.
  • We will be using Piazza for class discussion. Please try this first before emailing the instructor or TA.
    https://piazza.com/usc/fall2020/csci430/home
  • People/Contact
    • Instructor:
      Prof Jelena Mirkovic (Contact: sunshine@isi.edu)
      Office hours: W 9 - 10, F 11 - 12 via Zoom link on Blackboard
    • TA:Nicolaas Weideman (Contact: csci430.nicolaas@gmail.com)
      Office hours: M 10 - 11 via Zoom link on Blackboard
    Course Description
    Computers and networking are crucial to many aspects of our daily lives: entertainment, business, personal communication, healthcare, transportation, utilities, etc. Security of such systems is thus of paramount importance for protecting our assets or even our lives. This course will give students an overview of systems security, its workings, and its role in protecting data and computing resources. Students will receive both theoretical knowledge of threats and defenses and practical skills allowing them to implement some popular threats and defenses in a laboratory setting.

    After successfully completing this course, you should be able to:

    • Describe and assess a broad range of security problems and solutions
    • Understand the fundamental mathematics and engineering underlying security systems, as well as basic networking and operating systems
    • Judge the suitability of security systems for various applications
    • Install and configure some basic, open-source security systems
    • Know how to develop new security systems and features

    In addition to lectures students will be engaged through a number of hands-on homeworks and capture-the-flag (CTF) exercises, where they will apply the knowledge from the class in realistic security scenarios, attacking or defending real servers on the DeterLab testbed for security experimentation.

    Prerequisites: CSCI 201 or equivalent (e.g. EE classes on the same topics), or permission of the instructor. Please contact the instructor if you wish to enroll and don't have the prerequisites.

     
    Textbook
    Stallings and Brown, Computer Security (Required), Any edition
    ISBN: 9780134794105
    Syllabus / Topics Covered
    DateTopics coveredSlidesReading/LinksHomework
    8/17Class logistics
    Intro to security
    Network primer
    Intro to DeterLab
    Class logistics
    Introduction
    Read Student introduction to DeterLab
    Read Core Quickstart guide.
    Read Student guidelines for DeterLab
    Homework 1 assigned
    8/24 Cryptography Cryptography
    8/31Key management
    Authentication
    Access control
    Key management
    Authentication and access control
    Homework 1 due
    9/14Intrusions
    CTF1 prep
    Intrusions CCTF 1
    9/21Intrusions
    Midterm
    Homework 2 assigned
    9/28Passwords
    10/5CTF1
    CTF2 prep
    Homework 2 due
    10/12DDoS Homework 3 assigned
    10/19DNS and routing attacks Homework 4 assigned
    10/26CTF2 Homework 3 due
    11/2Article presentations Homework 4 due
    11/9Final review Last day to submit homeworks
    Exams, Homeworks and CTF Exercises
    There will be four homeworks assigned according to the class schedule and due 1-2 weeks afterwards. These homeworks are to be done individually, by each student. They require up to 8 hours to complete and are done remotely on the DeterLab testbed (http://www.deterlab.net). There will be two CTF (capture-the-flag) exercises that will be performed in class. Each student will be assigned to a 6-8 member team. Each team will have to simultaneously protect their own data/servers and attack data/servers from one other team. These exercises require 1-2 weeks of preparation (roughly 1-2 h per day, each work day).
    Grading
    Grades will be calculated based on the following formula:
    Class tasksPercentage of the final grade
    CTF Exercises (2)20%
    Homeworks (4)20%
    Participation10%
    Midterm exam20%
    Final exam30%
    Late homework policy: Please start homework early and come to office hours if you need help. Since the year 2020 is challenging for everyone, I am going to accept your homework at any time up to the end of the last week of class. That being said, the schedule of homeworks is such that you exercise concepts we learned in class and prepare for CTFs. If you let the work pile up until the end of the class, it will be much harder to do it than if you follow the schedule outlined in the syllabus.

    Students who submit their homework on time, according to the syllabus, will earn 2 extra credit points per homework (in addition to 5 points they can earn per homework if they do everything correctly).

    Final exam: November 20, 2 - 4 pm PST via Blackboard.

    Students with Disabilities
    Any student requesting academic accommodations based on a disability is required to register with Disability Services and Programs (DSP) each semester. A letter of verification for approved accommodations can be obtained from DSP. Please be sure the letter is delivered to me as early in the semester as possible. DSP is located in STU 301 and is open 8:30 a.m - 5:00 p.m., Monday through Friday. The phone number for DSP is (213) 740-0776.
    Academic Integrity
    USC seeks to maintain an optimal learning environment. General principles of academic honesty include the concept of respect for the intellectual property of others, the expectation that individual work will be submitted unless otherwise allowed by an instructor, and the obligations both to protect one's own academic work from misuse by others as well as to avoid using another's work as one's own. All students are expected to understand and abide by these principles. Scampus, the Student Guidebook, contains the Student Conduct Code in Section 11.00, while the recommended sanctions are located in Appendix A: http://www.usc.edu/dept/publications/SCAMPUS/gov/

    Students will be referred to the Office of Student Judicial Affairs and Community Standards for further review, should there be any suspicion of academic dishonesty. The Review process can be found at: http://www.usc.edu/student-affairs/SJACS/ .