Spring 2012
CSCI 530 - Security Systems
Lecture - OHE 100B

Other semesters

Lab section

 
Announcements
  • 4/27/12 - Here are solved sample finals one and two.
  • 4/19/12 - Final exam will be on may 4, 8-9:20 am in GFS 101. Here are two sample finals: one and two for you to practice. We will go through them in class on 4/27. Here is the final reading list.
  • 4/19/12 - Quiz 8 is posted on DEN with the due date of 4/27. Take it after you do the Forensics lab.
  • 4/10/12 - Quizzes 6 and 7 are posted on DEN with the due dates of 4/21 and 4/16 respectively. Quiz 6 should be taken after you perform the Tunnels and VPNs lab, and quiz 7 should be taken before you perform the Forensics lab.
  • 4/6/12 - Quiz 5 is posted on DEN with the due date of 4/11. Take it before you do the Tunnels and VPNs lab.
  • 4/6/12 - No class today.
  • 4/3/12 - Quiz 4 is posted on DEN with the due date of 4/11. Take it after you do the ARP Spoofing lab.
  • 4/2/12 - This is the schedule for student presentations:
    Last Name	Report	Date
    Agarwal		2	4/13	
    Alabdulkarim	3	4/20
    Anbazhagan	2	4/13
    Berti		3	4/20
    B'far		4	4/20
    Bhattacharyya	3	4/20
    Bloching	2	4/13
    Chanchairoek	3	4/20
    Chiwane		2	4/13
    Desai		1	4/13
    Dong		2	4/13
    Khedkar		3	4/20
    Kirkpatrick	2	4/13
    Magar		1	4/13
    Manikonda	4	4/20
    Manyiel		4	4/20
    Meeker		1	4/13
    Mehrotra	4	4/20
    Ogasian		1	4/13
    Rangaraju	4	4/20
    Singh		3	4/20
    	
  • 3/9/12 - Here is the midterm grading criteria.
  • 3/9/12 - Quiz 2 is posted on DEN with the due date of 3/16. Take it after you do the Firewalls lab.
  • 3/2/12 - Quiz 1 is posted on DEN with the due date of 3/7. Take it before you do the Firewalls lab.
  • 2/24/12 - The official due date for report 2 stays on 3/2 but anyone can have a no-penalty 1-week grace period if they like. The rest of the reports are due as shown on this Web page.
  • 2/24/12 - Solved versions of sample midterm 1 and sample midterm 2. The blue text is optional - does not carry points.
  • 2/16/12 - Sample midterm 1 and Sample midterm 2 are posted. Midterm reading list is posted too.
  • 2/16/12 - All paper reports are due by midnight PST on the day shown in the calendar.
  • 1/20/12 - Office hours changed for Jelena, for today only. They will be 1-2 pm.
People/Contact
  • Instructor:
    Prof Jelena Mirkovic (Contact: sunshine@isi.edu, she will respond within 24 h),
    Office hours: F 12:30-1:30 pm and by appointment in SAL 234
  • TA:
    Melina Demertzi (demertzi@usc.edu)
    Office hours: Tu and We 10-11 am in SAL 229
  • Lab instructor:
    David Morgan (davidmor@usc.edu)
    Office hours: By appointment only
  • Lab grader:
    Simon Woo (simonwoo@usc.edu)
To contact both the instructor and the TA please email csci530@usc.edu.
Focus
This class is intended to give students an overview of systems security, its workings, and its role in protecting data and computing resources. At the end of the course, students should be able to
  • Describe and assess a broad range of security problems and solutions
  • Understand the fundamental mathematics and engineering underlying security systems
  • Judge the suitability of security systems for various applications
  • Know how to develop new security systems and features
 
Academic Integrity Policy
Recommended Textbooks
Syllabus / Topics Covered
DateTopics coveredSlidesLabAssignments
1/13Introduction
Cryptography
PPT PDFIntroduction
1/20CryptographyPPT PDF Cryptography
1/27Key exchange
Authentication, authorization and policy
PPT PDF
2/3Authentication, authorization and policy
Malicious code
PPT PDFAuthentication
2/10Malicious code PPT PDF Authorization
2/17DDoS PPT PDF Application securityCrypto/Auth/Policy reports due
2/24Midterm review
DDoS
PPT PDF Packet sniffing
3/2Midterm
Worms
PPT PDF Firewalls (DeterLab)DDoS reports due
3/9Worms PPT PDF Intrusion detection
3/16Spring recess - no class
3/23Botnets
Privacy
PPT PDF ARP spoofing (DeterLab)Botnets reports due
3/30Trusted computing
Human element
PPT PDF Tunnels and VPNs (DeterLab)
4/6No lecture Computer forensics (DeterLab)Privacy reports due
4/13Student presentations
4/20Student presentations
4/27Final review
Reports
In this course you will be asked to write four paper reports on chosen topics. These are:
  1. Cryptography, authentication, authorization or policy (choose one topic from these four)
  2. Denial of service
  3. Botnets
  4. Privacy

Each time you will need to select a paper that fits the following criteria:

  • Deals with the chosen topic
  • Published in the last five years
  • Published in one of the following venues: Sigcomm, Infocom, ACM CCS, Usenix Security Symposium, NDSS, NSDI, IEEE Transactions on Secure and Dependable Computing, IEEE Transactions on Networking
Your report should be 2-4 pages long and consist of the following sections
  • Summary of the problem addressed by the paper
  • Why is this an important problem
  • Why is this a difficult problem
  • A short description of the solution proposed in the paper
  • Summary of the evaluation strategy presented in the paper to test the proposed solution, and summary of results
  • Your opinion of the proposed solution
  • Your ideas for improvement of the proposed solution or for a different approach to solve the problem in question
You will be asked to submit your reports via the DEN system (http://mapp.usc.edu). Only PDF files will be accepted. Submitting a report in another file format will bring a zero grade on the assignment. Reports will be graded based on your understanding of the material presented in the paper, the originality and correctness of your critique of the paper, and the clarity of the report. Additionally, one of your reports will be chosen for the presentation at the end of the semester. You will be asked to create a 10 minute presentation with the highlights of your report and present it to the class. This presentation will carry 4% of your final course grade (and the reports will carry another 16%).

For the reports students may receive an automatic extension of 48 hours total that may be applied across all four assignments. If you turn in one of your assignments 8 hours late, then you will only have 40 hours remaining in extensions to use on subsequent assignments. I suggest not using the whole 48 hours on the first assignment, because if you have an unforseen scheduling issue arises later in the semester, it will be your problem. Late assignments (beyond any extension) will be assesed 20 point penalty (out of max 100 points per assignment) per day they are late.

Quizzes
There will be 4 quizzes in the course, to match the exercises in the lab section that use the DeterLab testbed. These quizzes will evaluate your understanding of the material demonstrated in the lab exercises done on DeterLab pre and post the exercise. Each quiz is 5-10 questions long and is a multiple-choice quiz. You are required to take each quiz. Quizzes will be given via DEN and are open-book, open-notes.
Exams
There will be a midterm and a final exam in this course. Both exams are closed-book. Final exam will cover only those topics that were taught after the midterm exam.
Lab
This course has a required lab section on Fridays that exercises concepts taught in the class through simulation or emulation. The labs are required and carry 20% of your final grade. The lab section is independently managed by its instructor, David Morgan. The lab Web page is http://ccss.usc.edu/530l.
Grading
Grades will be calculated based on the following formula:
Class tasksPercentage of the final grade
Paper reports/presentations20%
Lab20%
Participation5%
Quizzes5%
Midterm exam20%
Final exam30%