Computer Security basically just means wearing
a ski mask on the internet.
Overview
Lecture location: CIEMAS Schiciano A or via Zoom (see Piazza for link)
Lecture time: Mon/Wed, 1:45pm - 3:00pm
Instructor: Dr. Tyler Bletsch
Email: Tyler.Bletsch AT duke.edu
Office Hours: After class or by appointment (feel free to email me)
Teaching Assistants:
- Anshu Dwibhashi (anshuman.dwibhashi AT duke.edu) - Grading+content
- Mariana Vasquez Sanchez (mariana.vasquez AT duke.edu) - Grading
- Minghao Hu (minghao.hu AT duke.edu) - Grading
Links:
- Piazza forum - get help and discuss course material
- Sakai - submit code and see grades
- GradeScope - submit homework assignments and get feedback
- Feedback form - send anonymous feedback to the instructor
Schedule
# | Date | Lecture | Reading | Homework due (11:59:00pm) |
---|---|---|---|---|
1 | Mon 8/17 | Introduction, Syllabus, Course Overview | - | |
2 | Wed 8/19 | Computer Security Overview | Chapter 1 Appendix C | |
3 | Mon 8/24 | Computer Security Overview | Chapter 1 Appendix C |
Homework 0, Ethics Pledge |
4 | Wed 8/26 | Computer Networking Overview | Appendix F Appendix I | |
5 | Mon 8/31 | Computer Networking Overview | Appendix F Appendix I | |
6 | Wed 9/2 | Cryptography | Chapters 2,20 | |
7 | Mon 9/7 | Cryptography | Chapters 20,21 |
Homework 1 |
8 | Wed 9/9 | User Authentication and Access Control | Chapters 3-4 | |
9 | Mon 9/14 | User Authentication and Access Control | Chapters 3-4 | |
10 | Wed 9/16 | Shell and Data Manipulation Skills | Regex Quick Reference | |
11 | Mon 9/21 | Shell and Data Manipulation Skills | Regex Quick Reference | |
12 | Wed 9/23 | Malicious Software | Chapter 6 Stuxnet analysis |
Homework 2 HW2 encrypted materials |
13 | Mon 9/28 | Malicious Software | Chapter 6 Stuxnet analysis | |
14 | Wed 9/30 |
Midterm review; Malicious Software | Chapter 6 | |
15 | Mon 10/5 | Denial-of-Service Attacks
At-home midterm exam
Opens: 10/5 at 4pm ET ↳ Closes: 10/6 at 11:59pm ET (32 hours) ↳ Work time once opened: 2 hours | Chapter 7 | |
16 | Wed 10/7 | Buffer Overflows (first half of deck) | Chapter 10-11 |
Homework 3 (PDF issue? Try Chrome.) |
17 | Mon 10/12 | Buffer Overflows (first half of deck) | Chapter 10-11 | |
18 | Wed 10/14 | Software Security (second half of deck) | Chapter 12 | |
19 | Mon 10/19 | Endpoint security, Database security | Chapter 12-13 | |
20 | Wed 10/21 |
Cloud security, Reverse Engineering | Chapter 13, NSA Codebreaker Challenge (2015), SHA3 problem | |
21 | Mon 10/26 | Intrusion Detection, Intrusion Prevention, and Firewalls | Chapter 8-9 |
Homework 4 |
22 | Wed 10/28 | Wireless Network Security, Mobile Security | Chapter 24 | |
23 | Mon 11/2 | Physical security, organizational security, security auditing, and legal/ethical aspects | Chapter 16-19 | |
24 | Wed 11/4 | Human Factors and Social Engineering | Poorly-spelled 1990s textfiles: social.txt, soceng.txt | |
25 | Mon 11/9 | Guest lecture: Jesse Bowling ^ (Online only - no in-class presence) | ||
26 | Wed 11/11 |
Lecture catch up and random Q&A, BitCoin and Cryptocurrency (time allowing) | ||
27 | Mon 11/16 |
Final exam course review, Jump oriented programming (end part of deck) |
Homework 5 | |
Thu 11/19- Fri 11/20 |
At-home final exam
Opens: 11/19 at 12pm ET ↳ Closes: 11/20 at 11:59pm ET (36 hours) ↳ Work time once opened: 3 hours |
Syllabus & policies
Course synopsis
An intense trip through many facets of computer and information security. Includes discussion and practical exercises in risk management, threat modeling, applied cryptography, malicious software, network security, intrusion detection and prevention, software and OS security, auditing and forensics, reverse engineering, and social engineering.Includes *many* hands-on security assignments.
Should be fun.
Pre-requisites for grad students: ECE 650 (Systems Programming and Engineering) or instructor consent.
Pre-requisites for undergrad students: Computer Science 310/ECE 353 (Operating Systems).
If you feel you have an OS background but are missing the above pre-reqs, just contact me.
Grading breakdown
Category | % |
---|---|
Homeworks | 60% |
Midterm exam | 20% |
Final exam | 20% |
Homework
You are expected to complete the homework individually unless otherwise stated. However, you may discuss topics covered in the class.Late homework submissions incur penalties as follows:
- Submission is 0-24 hours late: total score is multiplied by 0.9
- Submission is 24-48 hours late: total score is multiplied by 0.8
- Submission is more than 48 hours late: total score is multiplied by the Planck constant (as measured in J·s)
NOTE: If you feel in advance that you may need an extension, contact the instructor. We can work with you if you see a scheduling problem coming, but extensions cannot be granted at or near the due date!
Your homework grade will be based on what you submit to Sakai and when you submit it.
Grade appeals
All regrade requests must be in writing. Email the TA with your questions. After speaking with the TA, if you still have concerns, contact the instructor.All regrade requests must be submitted to the instructor no later than 1 week after the assignment was returned to you.
Academic integrity
I take academic integrity extremely seriously. Academic misconduct will not be tolerated, and all suspected violations of the Duke Honor Code will be referred to the Office of Student Conduct (for undergraduates) or the departmental Director of Graduate Studies (for graduate students). A student found responsible for academic dishonesty faces formal disciplinary action, which may include suspension. A student twice suspended automatically faces a minimum 5-year separation from Duke University.In addition to the measures taken by the university, the affected assignment(s) will receive zero credit, or possibly -100% in egregious cases.
If you are considering this course of action, please see me instead, and we can work something out! I want every student in my course to be successful.