This is an archive of a course I taught Fall 2019, preserved here as a resource for future students.

ECE 590-03: Computer and Information Security

Section 03, Fall 2019


Computer Security basically just means wearing
a ski mask on the internet.

Overview

Lecture location: Teer 203
Lecture time: MW, 10:05AM to 11:20AM

Instructor: Dr. Tyler Bletsch
Email: Tyler.Bletsch AT duke.edu
Office Hours: Monday 3-4pm and Tuesday 1:30-2:30pm, Hudson 106 (or by appointment - feel free to email!)

Teaching Assistants:

TA Office Hours: See here

Links:

NOTE: This course has a significant overlap with the Computer Security course taught by Bruce Maggs in the Computer Science department. It is not recommended to take both. (That course is great, by the way, it just didn't have enough slots to meet demand, especially from the ECE side.)

Schedule

#DateLectureReadingHomework due
(11:59:00pm)
1 Mon 8/26 Introduction, Syllabus, Course Overview -
2 Wed 8/28 Computer Security Overview Chapter 1
Appendix C
(Fri 8/30)
Homework 0
Ethics Pledge (due in class)

3 Mon 9/2 Computer Security Overview Chapter 1
Appendix C
4 Wed 9/4 Computer Networking Overview Appendix F
Appendix I
5 Mon 9/9 Computer Networking Overview
   Video coverage of part 2 of the lecture
   (also on YouTube, but blurry)
Appendix F
Appendix I
6 Wed 9/11 Cryptography Chapters 2,20
7 Mon 9/16 Cryptography Chapters 20,21 Homework 1

8 Wed 9/18 User Authentication and Access Control Chapters 3-4
9 Mon 9/23 User Authentication and Access Control Chapters 3-4
10 Wed 9/25 Shell and Data Manipulation Skills Regex Quick Reference
11 Mon 9/30 Shell and Data Manipulation Skills Regex Quick Reference
12 Wed 10/2 Shell and Data Manipulation Skills Regex Quick Reference Homework 2

HW2 encrypted materials
Mon 10/7 FALL BREAK
13 Wed 10/9 Malicious Software Chapter 6
Stuxnet analysis
 
14 Mon 10/14 Malicious Software Chapter 6
15 Wed 10/16 Midterm exam
16 Mon 10/21 Denial-of-Service Attacks Chapter 7 Homework 3
(PDF issue? Try Chrome.)

17 Wed 10/23 Buffer Overflows (first half of deck) Chapter 10-11
18 Mon 10/28 Software Security (second half of deck) Chapter 12
19 Wed 10/30 Endpoint security, Database security Chapter 12-13
20 Mon 11/4 Cloud security,
Reverse Engineering
Chapter 13,
NSA Codebreaker Challenge (2015),
SHA3 problem
21 Wed 11/6 Intrusion Detection, Firewalls and Intrusion Prevention
Guest lecturer: Patrick McDaniel
(Original coverage)
Chapter 8-9 Homework 4

22 Mon 11/11 Wireless Network Security, Mobile Security Chapter 24
23 Wed 11/13 Physical security, organizational security,
security auditing, and legal/ethical aspects
Chapter 16-19
24 Mon 11/18 Human Factors and Social Engineering Poorly-spelled 1990s textfiles: 
social.txt, soceng.txt
25 Wed 11/20 Guest lecture: Jesse Bowling
26 Mon 11/25 Ting Chen: Real website compromise,
Final exam course review,
Jump oriented programming (end part of deck)
↓ Posted 11/4
(Due Wed 11/27)
Homework 5

Thu 12/12 Final Exam (2pm-5pm)

Syllabus & policies

Course synopsis

An intense trip through many facets of computer and information security. Includes discussion and practical exercises in risk management, threat modeling, applied cryptography, malicious software, network security, intrusion detection and prevention, software and OS security, auditing and forensics, reverse engineering, and social engineering.

Includes *many* hands-on security assignments.

Should be fun.

Pre-requisites for grad students: ECE 650 (Systems Programming and Engineering) or instructor consent.

Pre-requisites for undergrad students: Computer Science 310/ECE 353 (Operating Systems).

If you feel you have an OS background but are missing the above pre-reqs, just contact me.

Grading breakdown

Category%
Homeworks 60%
Midterm exam20%
Final exam20%

Homework

You are expected to complete the homework individually unless otherwise stated. However, you may discuss topics covered in the class.

Late homework submissions incur penalties as follows:

NOTE: If you feel in advance that you may need an extension, contact the instructor. We can work with you if you see a scheduling problem coming, but extensions cannot be granted at or near the due date!

Your homework grade will be based on what you submit to Sakai and when you submit it.

Grade appeals

All regrade requests must be in writing. Email the TA with your questions. After speaking with the TA, if you still have concerns, contact the instructor.

All regrade requests must be submitted to the instructor no later than 1 week after the assignment was returned to you.

Academic integrity

I take academic integrity extremely seriously. Academic misconduct will not be tolerated, and all suspected violations of the Duke Honor Code will be referred to the Office of Student Conduct (for undergraduates) or the departmental Director of Graduate Studies (for graduate students). A student found responsible for academic dishonesty faces formal disciplinary action, which may include suspension. A student twice suspended automatically faces a minimum 5-year separation from Duke University.

In addition to the measures taken by the university, the affected assignment(s) will receive zero credit, or possibly -100% in egregious cases.

If you are considering this course of action, please see me instead, and we can work something out! I want every student in my course to be successful.

Additional resources