Course Description - CSCI 530, Spring 2011 (lecture). For lab section visit

Other semesters of this course
  • 4/28/11 - Sample final is posted here with solutions.
  • 4/25/11 - Final exam is on May 10, 8-10 am in THH 212. It's closed book, closed notes exam and it only covers material post-midterm. Final reading list is here.
  • 4/25/11 - Quiz 8 has been posted.
  • 4/11/11 - Quizzes 6 and 7 have been posted.
  • 4/5/11 - Quizzes 4 and 5 have been posted.
  • 3/25/11 - Quiz 3 has been posted. Please take it after the lab lecture on ARP spoofing but before you do the lab on DETER. You will re-take it again as quiz 4 after the lab.
  • 3/22/11 - I'm looking for a few good students for summer research. If you're interested please e-mail me the following ONLY (don't send me a full CV):
    • Your expected graduation date
    • Your GPA and USC grade transcript (screen printout is fine)
    • List of skills (programming languages, environments) as bullets
    • A summary of your prior research experience. For each research project you participated in (even if it was just a class project) list:
      • Project goal
      • What YOU did on the project
      • What was the outcome of the project
    • Are you looking to work for credit or for pay
    Please e-mail your applications by 4/15. I may accept later applications if I don't fill up positions by 4/15.
  • 3/22/11 - On 4/22 I will talk on a topic (or several topics) of your choice. Please e-mail me topic suggestions you want me to cover in that lecture by 3/5/11.
  • 3/12/11 - Quiz 2 is posted on the Blackboard. This is the repeat of quiz 1 to be taken after your DETER firewalls lab. You can take it any time between now and the end of the course but it's probably best if you take it as soon as you finish the lab. Please take this quiz even if you got the maximum on the previous one.
  • 3/8/11 - All due dates are at midnight (23:59 pm) on a given day, PST
  • 3/8/11 - Deadline for report 2 moved to Friday 3/11.
  • 3/3/11 - Quiz 1 is posted on the Blackboard
  • 3/1/11 - Solved midterm and Grading criteria.
  • 2/23/11 - Jelena won't be having office hours today due to some meeting conflicts at ISI. Please email her if you need to meet with her before Tue and schedule a 1-1 meeting.
  • 2/17/11 - Examples of different ciphers
  • 2/17/11 - Sample midterm with solutions
  • 2/16/11 - Our midterm will be on Tue 2/22, 9:30-10:50 am in MHP 105.
  • 2/15/11 -Midterm reading list
  • 2/10/11 - Submit your paper reports via the DEN system (
  • 2/3/11 - Please make sure to choose your papers only from the following venues (and they must be published after 2005): Sigcomm, Infocom, ACM CCS, Usenix Security Symposium, NDSS, NSDI, IEEE Transactions on Secure and Dependable Computing, IEEE Transactions on Networking. Typing in a venue's name and year into a search engine should get you to a Web page with papers like this "Sigcomm 2010". For conferences, just click on "Program" link to get to papers. Journals should have archives and TOC links where you can find papers.
  • 2/3/11 - Here is a detailed survey of group key management approaches. Access this paper from USC (or via VPN) since it requires paid subscription.
  • 2/3/11 - Here is the template for paper reports. You can change the fonts but keep all the sections (you can change their titles too).
  • 1/26/11 - Papers from workshops associated with one of the venues listed in the report section are also eligible to be chosen for the report.
  • 1/25/11 - Jelena won't be able to hold her office hours tomorrow (1/26) since they overlap with a large project review at ISI. This is a one-time event. If you wanted to talk to her this week email her and schedule a time to meet with her on Friday.
  • 1/22/11 - Read all about using padding in encryption here. There was a question in the last lecture why DES is padded with 1 and the rest of zeroes when the length of the original message is encoded after the padding. The answer is - this is how the standard was defined but in reality any random padding could be used since the length encoding gives us enough information to strip it.
  • 1/21/11 - TA office hours have changed to Th 11-noon.
  • 1/17/11 - DEN students asked me how they can fulfill the participation part of the grade. One good way would be to post in our Blackboard forums. Post questions, comments on lectures or security events in news, answer other people's posts ... This is a good way to earn participation points for students that attend class at USC as well. To start the ball rolling I've made a few posts in the Misc board. Check them out!
  • People/Contact
    • Instructor:
      Prof Jelena Mirkovic (Contact:, she will respond within 24 h),
      Office hours: We 3-4 pm and by appointment in SAL 234
    • TA:
      Leslie Cheung (
      Office hours: Th 11am-noon in PHE 316
    • Lab instructor:
      David Morgan (,
      Office hours: By appointment only
      Lab grader:
      Udayan Banerji (
    To contact both the instructor and the TA please email
    This class is intended to give students an overview of systems security, its workings, and its role in protecting data and computing resources. At the end of the course, students should be able to
    • Describe and assess a broad range of security problems and solutions
    • Understand the fundamental mathematics and engineering underlying security systems
    • Judge the suitability of security systems for various applications
    • Know how to develop new security systems and features
    Academic Integrity Policy
    Recommended Textbooks
    Syllabus / Topics Covered
    DateTopics coveredSlidesLabAssignments
    1/11IntroductionPPT PDF
    1/13CryptographyPPT PDF
    1/14Lab introduction
    1/18Stream ciphers
    Block ciphers
    1/20Public-key cryptography
    One-way hashes
    1/25Key exchangePPT PDF
    1/27Key exchangePPT PDF
    2/1Authentication, authorization and policyPPT PDF
    2/3Authentication, authorization and policy PPT PDF
    2/8Malicious codePPT PDF
    2/10Malicious codePPT PDFCrypto/Auth/Policy reports due
    2/15Malicious codePPT PDF
    2/17Midterm review
    2/18No lab lecture
    2/24DDoSPPT PDF
    2/25Packet sniffing
    3/1DDoSPPT PDF
    3/3DDoSPPT PDF
    3/4Firewalls (DETER)
    3/8VirusesPPT PDF
    3/10WormsPPT PDF
    3/11Intrusion detectionDDoS reports due
    3/15Spring recess - no class
    3/17Spring recess - no class
    3/22WormsPPT PDF Report 2 reviews due
    3/24WormsPPT PDF
    3/25ARP spoofing (DETER)Revised DDoS reports due
    3/29BotnetsPPT PDF
    3/31Trusted computingPPT PDF
    4/1Tunnels and VPNs (DETER)
    4/5PrivacyPPT PDF Botnet reports due
    4/7Human elementPPT PDF
    4/8Computer forensics (DETER)
    4/12Topic of your choicePPT PDF
    4/14Crypto/auth/policy presentations
    4/15No lab lecture
    4/19DDoS presentationsPrivacy reports due
    4/21Botnet presentations
    4/22No lab lecture
    4/26Privacy presentations
    4/28Final review
    In this course you will be asked to write four paper reports on chosen topics. These are:
    1. Cryptography, authentication, authorization or policy (choose one topic from these four)
    2. Denial of service
    3. Botnets
    4. Privacy

    Each time you will need to select a paper that fits the following criteria:

    • Deals with the chosen topic
    • Published in the last five years
    • Published in one of the following venues: Sigcomm, Infocom, ACM CCS, Usenix Security Symposium, NDSS, NSDI, IEEE Transactions on Secure and Dependable Computing, IEEE Transactions on Networking
    Your report should be 2-4 pages long and consist of the following sections
    • Summary of the problem addressed by the paper
    • Why is this an important problem
    • Why is this a difficult problem
    • A short description of the solution proposed in the paper
    • Summary of the evaluation strategy presented in the paper to test the proposed solution, and summary of results
    • Your opinion of the proposed solution
    • Your ideas for improvement of the proposed solution or for a different approach to solve the problem in question
    You will be asked to submit your reports via the DEN system ( Only PDF files will be accepted. Submitting a report in another file format will bring a zero grade on the assignment. Reports will be graded based on your understanding of the material presented in the paper, the originality and correctness of your critique of the paper, and the clarity of the report. Additionally, one of your reports will be chosen for the presentation at the end of the semester. You will be asked to create a 5 minute presentation with the highlights of your report and present it to the class. This presentation will carry 4% of your final course grade (and the reports will carry another 16%).

    For the reports students may receive an automatic extension of 48 hours total that may be applied across all four assignments. If you turn in one of your assignments 8 hours late, then you will only have 40 hours remaining in extensions to use on subsequent assignments. I suggest not using the whole 48 hours on the first assignment, because if you have an unforseen scheduling issue arises later in the semester, it will be your problem. Late assignments (beyond any extension) will be assesed 20 point penalty (out of max 100 points per assignment) per day they are late.

    There will be 3-4 quizzes in the course, to match the exercises in the lab section that use the DETER testbed. These quizzes will evaluate your understanding of the material demonstrated in the exercise pre and post the exercise. Each quiz is 4-5 questions long and is a multiple-choice quiz. Both pre and post quizzes will be graded but only the higher grade will count toward your final grade in the course. Quizzes will be given via Blackboard and are open-book, open-notes.
    There will be a midterm and a final exam in this course. Both exams are closed-book. Final exam will cover only those topics that were taught after the midterm exam.
    This course has a required lab section on Fridays that exercises concepts taught in the class through simulation or emulation. The labs are required (you must complete 8 of 10) and carry 20% of your final grade. The lab section is independently managed by its instructor, David Morgan. The lab Web page is
    Grades will be calculated based on the following formula:
    Class tasksPercentage of the final grade
    Paper reports/presentations20%
    Midterm exam20%
    Final exam30%