This is an archive of a course I taught Fall 2020, preserved here as a resource for future students.

ECE 560: Computer and Information Security

Section 01, Fall 2020


Computer Security basically just means wearing
a ski mask on the internet.

Overview

Lecture location: CIEMAS Schiciano A or via Zoom (see Piazza for link)
Lecture time: Mon/Wed, 1:45pm - 3:00pm

Instructor: Dr. Tyler Bletsch
Email: Tyler.Bletsch AT duke.edu
Office Hours: After class or by appointment (feel free to email me)

Teaching Assistants:

TA Office Hours: See here

Links:

NOTE: This course has a significant overlap with the Computer Security course taught by Bruce Maggs in the Computer Science department. It is not recommended to take both. (That course is great, by the way, it just didn't have enough slots to meet demand, especially from the ECE side.)

Schedule

#DateLectureReadingHomework due
(11:59:00pm)
1 Mon 8/17 Introduction, Syllabus, Course Overview -
2 Wed 8/19 Computer Security Overview Chapter 1
Appendix C
3 Mon 8/24 Computer Security Overview Chapter 1
Appendix C
Homework 0,
Ethics Pledge

4 Wed 8/26 Computer Networking Overview Appendix F
Appendix I
5 Mon 8/31 Computer Networking Overview
Appendix F
Appendix I
6 Wed 9/2 Cryptography Chapters 2,20
7 Mon 9/7 Cryptography Chapters 20,21 Homework 1

8 Wed 9/9 User Authentication and Access Control Chapters 3-4
9 Mon 9/14 User Authentication and Access Control Chapters 3-4
10 Wed 9/16 Shell and Data Manipulation Skills Regex Quick Reference
11 Mon 9/21 Shell and Data Manipulation Skills Regex Quick Reference
12 Wed 9/23 Malicious Software Chapter 6
Stuxnet analysis
Homework 2

HW2 encrypted materials
13 Mon 9/28 Malicious Software Chapter 6
Stuxnet analysis
 
14 Wed 9/30 Midterm review;
Malicious Software
Chapter 6
15 Mon 10/5 Denial-of-Service Attacks
At-home midterm exam
Opens: 10/5 at 4pm ET
  ↳
Closes: 10/6 at 11:59pm ET (32 hours)
  ↳
Work time once opened: 2 hours
Chapter 7
16 Wed 10/7 Buffer Overflows (first half of deck) Chapter 10-11 Homework 3
(PDF issue? Try Chrome.)

17 Mon 10/12 Buffer Overflows (first half of deck) Chapter 10-11
18 Wed 10/14 Software Security (second half of deck) Chapter 12
19 Mon 10/19 Endpoint security, Database security Chapter 12-13
20 Wed 10/21 Cloud security,
Reverse Engineering
Chapter 13,
NSA Codebreaker Challenge (2015),
SHA3 problem
21 Mon 10/26 Intrusion Detection, Intrusion Prevention, and Firewalls
Chapter 8-9 Homework 4

22 Wed 10/28 Wireless Network Security, Mobile Security Chapter 24
23 Mon 11/2 Physical security, organizational security,
security auditing, and legal/ethical aspects
Chapter 16-19
24 Wed 11/4 Human Factors and Social Engineering Poorly-spelled 1990s textfiles: 
social.txt, soceng.txt
25 Mon 11/9 Guest lecture: Jesse Bowling
^ (Online only - no in-class presence)
26 Wed 11/11 Lecture catch up and random Q&A,
BitCoin and Cryptocurrency (time allowing)
27 Mon 11/16 Final exam course review,
Jump oriented programming (end part of deck)
Homework 5

Thu 11/19-
Fri 11/20
At-home final exam
Opens: 11/19 at 12pm ET
  ↳
Closes: 11/20 at 11:59pm ET (36 hours)
  ↳
Work time once opened: 3 hours

Syllabus & policies

Course synopsis

An intense trip through many facets of computer and information security. Includes discussion and practical exercises in risk management, threat modeling, applied cryptography, malicious software, network security, intrusion detection and prevention, software and OS security, auditing and forensics, reverse engineering, and social engineering.

Includes *many* hands-on security assignments.

Should be fun.

Pre-requisites for grad students: ECE 650 (Systems Programming and Engineering) or instructor consent.

Pre-requisites for undergrad students: Computer Science 310/ECE 353 (Operating Systems).

If you feel you have an OS background but are missing the above pre-reqs, just contact me.

Grading breakdown

Category%
Homeworks 60%
Midterm exam20%
Final exam20%

Homework

You are expected to complete the homework individually unless otherwise stated. However, you may discuss topics covered in the class.

Late homework submissions incur penalties as follows:

NOTE: If you feel in advance that you may need an extension, contact the instructor. We can work with you if you see a scheduling problem coming, but extensions cannot be granted at or near the due date!

Your homework grade will be based on what you submit to Sakai and when you submit it.

Grade appeals

All regrade requests must be in writing. Email the TA with your questions. After speaking with the TA, if you still have concerns, contact the instructor.

All regrade requests must be submitted to the instructor no later than 1 week after the assignment was returned to you.

Academic integrity

I take academic integrity extremely seriously. Academic misconduct will not be tolerated, and all suspected violations of the Duke Honor Code will be referred to the Office of Student Conduct (for undergraduates) or the departmental Director of Graduate Studies (for graduate students). A student found responsible for academic dishonesty faces formal disciplinary action, which may include suspension. A student twice suspended automatically faces a minimum 5-year separation from Duke University.

In addition to the measures taken by the university, the affected assignment(s) will receive zero credit, or possibly -100% in egregious cases.

If you are considering this course of action, please see me instead, and we can work something out! I want every student in my course to be successful.

Additional resources