|
|
|
|
Announcements
|
|
People/Contact
|
- Instructor:
Prof Jelena Mirkovic (Contact: sunshine@isi.edu, she will respond
within 24 h), Office
hours: F 12:30-1:30 pm and by appointment in SAL 234
- TA:
Melina Demertzi (demertzi@usc.edu)
Office hours: Tu and We 10-11 am in SAL 229
- Lab instructor:
David Morgan (davidmor@usc.edu)
Office hours: By appointment only
- Lab grader:
Simon Woo (simonwoo@usc.edu)
To contact both the instructor and the TA please email csci530@usc.edu.
|
Focus
|
This class is intended to give students an overview of systems
security, its workings, and its role in protecting data and
computing resources. At the end of the course,
students should be able to
- Describe and assess a broad range of security problems and solutions
- Understand the fundamental mathematics and engineering
underlying security systems
- Judge the suitability of security systems for various
applications
- Know how to develop new security systems and features
|
|
Academic Integrity
Policy
|
|
Recommended Textbooks
|
|
Syllabus / Topics
Covered
|
Date | Topics
covered | Slides | Lab | Assignments |
1/13 | Introduction Cryptography |
PPT PDF | Introduction | |
1/20 | Cryptography | PPT
PDF
| Cryptography | |
1/27 | Key exchange Authentication, authorization and
policy | PPT
PDF | |
2/3 | Authentication, authorization and policy Malicious code
| PPT
PDF | Authentication | |
2/10 | Malicious code |
PPT
PDF
| Authorization | |
2/17 | DDoS |
PPT
PDF
| Application
security | Crypto/Auth/Policy reports due |
2/24 | Midterm review DDoS |
PPT
PDF
| Packet sniffing | |
3/2 | Midterm Worms |
PPT
PDF
| Firewalls (DeterLab) | DDoS reports due |
3/9 | Worms |
PPT
PDF
| Intrusion detection | |
3/16 | Spring recess - no class | | | |
3/23 | Botnets Privacy |
PPT
PDF
| ARP spoofing (DeterLab) | Botnets reports due |
3/30 | Trusted computing Human element |
PPT
PDF
| Tunnels and VPNs (DeterLab) | |
4/6 | No lecture |
| Computer forensics (DeterLab) | Privacy reports due |
4/13 | Student presentations |
| | |
4/20 | Student presentations |
| | |
4/27 | Final review |
| | |
|
Reports
|
In this course you will be asked to write four paper reports
on chosen topics. These are:
- Cryptography, authentication, authorization or policy (choose one
topic from these four)
- Denial of service
- Botnets
- Privacy
Each time you will need to select a paper that fits
the following criteria:
- Deals with the chosen topic
- Published in the last five years
- Published in one of the following venues: Sigcomm, Infocom, ACM CCS,
Usenix Security Symposium, NDSS, NSDI, IEEE Transactions on Secure and
Dependable Computing, IEEE Transactions on Networking
Your report should be 2-4 pages long and consist of the following
sections
- Summary of the problem addressed by the paper
- Why is this an important problem
- Why is this a difficult problem
- A short description of the solution proposed in the paper
- Summary of the evaluation strategy presented in the paper to test
the proposed solution, and summary of results
- Your opinion of the proposed solution
- Your ideas for improvement of the proposed solution or for a
different approach to solve the problem in question
You will be asked to submit your reports via the DEN system (http://mapp.usc.edu).
Only PDF files will be accepted. Submitting a report in
another file format will bring a zero grade on the assignment.
Reports will be graded based on your understanding of the material
presented in the paper, the originality and correctness of your
critique of the paper, and the clarity of the report. Additionally,
one of your reports will be chosen for the presentation at the end of
the semester. You will be asked to create a 10 minute presentation with
the highlights of your report and present it to the class. This
presentation will carry 4% of your final course grade (and the reports will carry
another 16%).
For the reports students may receive an automatic extension
of 48 hours total that may be applied across all four
assignments. If you turn in one of your assignments 8 hours late, then
you will only have 40 hours remaining in extensions to use on
subsequent assignments. I suggest not using the whole 48 hours on the
first assignment, because if you have an unforseen scheduling issue
arises later in the semester, it will be your problem. Late
assignments (beyond any extension) will be assesed 20 point penalty
(out of max 100 points per assignment) per day they are late.
|
Quizzes
|
There will be 4 quizzes in the course, to match the
exercises in the lab section that use the DeterLab testbed. These quizzes
will evaluate your understanding of the material demonstrated in the lab
exercises done on DeterLab pre and post the exercise. Each quiz is 5-10 questions long
and is a multiple-choice quiz. You are required to take each quiz.
Quizzes will be given via DEN and are open-book,
open-notes.
|
Exams
|
There will be a midterm and a final exam in this course. Both
exams are closed-book. Final exam will cover only those topics that
were taught after the midterm exam.
|
Lab
|
This course has a required lab section on Fridays that
exercises concepts taught in the class through simulation or
emulation. The labs are required and carry
20% of your final grade. The lab section is independently managed by
its instructor, David Morgan. The lab Web page is http://ccss.usc.edu/530l.
|
Grading
|
Grades will be calculated based on the following formula:
Class tasks | Percentage of the final
grade |
Paper reports/presentations | 20% |
Lab | 20% |
Participation | 5% |
Quizzes | 5% |
Midterm exam | 20% |
Final exam | 30% |
|