This is an archive of a course I taught Fall 2018, preserved here as a resource for future students.

ECE 590-04: Computer and Information Security

Section 04, Fall 2018


Computer Security basically just means wearing
a ski mask on the internet.

Overview

Lecture location: Social Sciences 136
Lecture time: TTh, 11:45AM to 1:00PM

Instructor: Dr. Tyler Bletsch
Email: Tyler.Bletsch AT duke.edu
Office Hours: Tue/Thu 4pm-5pm in Hudson 106

Teaching Assistants: Neil Dhar (neil.dhar AT duke.edu) and Rui Zhang (rui.zhang AT duke.edu)
TA Office Hours: TBD

Links:

NOTE: This course has a significant overlap with the Computer Security course taught by Bruce Maggs in the Computer Science department. It is not recommended to take both. (That course is great, by the way, it just didn't have enough slots to meet demand, especially from the ECE side.)

Schedule

Note: this course and its agenda were derived from a version I co-taught at NC State in 2015.

#DateLectureReadingHomework due
(11:59:00pm)
1 Tue 8/28 Introduction, Syllabus, Course Overview -
2 Thu 8/30 Computer Security Overview Chapter 1
Appendix C
Homework 0
Ethics Pledge (due in class)

3 Tue 9/4 Computer Security Overview Chapter 1
Appendix C
4 Thu 9/6 Computer Networking Overview Appendix F
Appendix I
5 Tue 9/11 Computer Networking Overview Appendix F
Appendix I
6 Thu 9/13 Cryptography Chapters 2,20
7 Tue 9/18 Cryptography Chapters 20,21
8 Thu 9/20 Cryptography Chapters 20,21
9 Tue 9/25 Shell and Data Manipulation Skills Regex Quick Reference Homework 1

10 Thu 9/27 Shell and Data Manipulation Skills Regex Quick Reference
11 Tue 10/2 User Authentication and Access Control Chapters 3-4
12 Thu 10/4 Malicious Software Chapter 6
Stuxnet analysis,
Adore-ng rootkit demo
Tue 10/9 FALL BREAK
13
13½
Thu 10/11
Sat 10/13
Denial-of-Service Attacks
(Lecture catch-up)
Chapter 7
-
 
 
14 Tue 10/16 Buffer Overflows, Software Security Chapter 10-11 Homework 2

HW2 encrypted materials
15 Thu 10/18 Midterm exam
16 Tue 10/23 External talk: Paul Vixie
· Time: 12pm-1pm
· Place: Schiciano B
17 Thu 10/25 Endpoint security Chapter 12
18 Tue 10/30 Database security Chapter 13
19 Thu 11/1 Cloud security Chapter 13
20 Tue 11/6 (catching up on the above) -
21 Thu 11/8 Intrusion Detection, Firewalls and Intrusion Prevention Chapter 8-9 Homework 3

22 Tue 11/13 Reverse Engineering -
23 Thu 11/15 Wireless Network Security, Mobile Security Chapter 24
24 Tue 11/20 Physical security, organizational security,
security auditing, and legal/ethical aspects
Chapter 16-19
Thu 11/22 THANKSGIVING BREAK
25 Tue 11/27 Guest lecture: Jesse Bowling -
26 Thu 11/29 Human Factors and Social Engineering Poorly-spelled 1990s textfiles: 
social.txt, soceng.txt
↓ Posted 11/8
Homework 4

Thu 12/13 Final Exam (9am-12pm)

Syllabus & policies

Course synopsis

An intense trip through many facets of computer and information security. Includes discussion and practical exercises in risk management, threat modeling, applied cryptography, malicious software, network security, intrusion detection and prevention, software and OS security, auditing and forensics, reverse engineering, and social engineering.

Includes *many* hands-on security assignments.

Should be fun.

Pre-requisites for grad students: ECE 650 (Systems Programming and Engineering) or instructor consent.

Pre-requisites for undergrad students: Computer Science 310/ECE 353 (Operating Systems). Will also need basic networking knowledge (IP addressing, that network switches exist, layer 2 vs layer 3). This can be provided by ECE/COMPSCI 356 (Network Architecture), personal experience, or self-education in parallel with the course. Nevermind, I just put this into the course.

If you feel you have an OS and networking background but are missing the above pre-reqs, just contact me.

Grading breakdown

Category%
Homeworks 60%
Exam 110%
Exam 210%
Final exam20%

Homework

You are expected to complete the homework individually unless otherwise stated. However, you may discuss topics covered in the class.

Late homework submissions incur penalties as follows:

NOTE: If you feel in advance that you may need an extension, contact the instructor. We can work with you if you see a scheduling problem coming, but extensions cannot be granted at or near the due date!

Your homework grade will be based on what you submit to Sakai and when you submit it.

Grade appeals

All regrade requests must be in writing. Email the TA with your questions. After speaking with the TA, if you still have concerns, contact the instructor.

All regrade requests must be submitted to the instructor no later than 1 week after the assignment was returned to you.

Academic integrity

I take academic integrity extremely seriously. Academic misconduct will not be tolerated, and all suspected violations of the Duke Honor Code will be referred to the Office of Student Conduct (for undergraduates) or the departmental Director of Graduate Studies (for graduate students). A student found responsible for academic dishonesty faces formal disciplinary action, which may include suspension. A student twice suspended automatically faces a minimum 5-year separation from Duke University.

In addition to the measures taken by the university, the affected assignment(s) will receive zero credit, or possibly -100% in egregious cases.

If you are considering this course of action, please see me instead, and we can work something out! I want every student in my course to be successful.

Additional resources