CIS 5370, Fall 2014
Department of Computer Science, Florida State University
Monday,
Wednesday and Friday, 10:10 – 11:00 AM, LOV 103
http://www.cs.fsu.edu/~liux/courses/cis5370-2014/index.html.
This web site contains the up-to-date information related to this class such as
news, announcements, assignments, lecture notes, and useful links to resources
that are helpful to this class. Besides the web pages, Blackboard will be used
to communicate changes and updates and post grades for this class; in
particular, I will send emails using email addresses in the Blackboard system
and please make sure that your email address on record is current.
With affordable desktop and laptop computers, large storage devices (e.g., hard drives), hardware, wide availability of the high speed internet connections, and more recently Internet-capable 3G and 4G smartphone and similar devices, the earth becomes highly connected that almost everyone can reach any other one on the planet as long as they are connected to the Internet. The unprecedented connectivity has unleaded unique potentials of computer technology (e.g., huge storage spaces and fast computing), leading to new services that were not imagined ten years ago. Not only our daily life activities heavily rely on the Internet, and government and the critical infrastructures we take for granted rely on the intended behaviors of computers and the underlying network. Unfortunately, the high connectivity has also created new problems, from spyware to steal data, computer viruses and worms to destroy data, to network-enabled weapons, to cyber wars that can disable companies and even countries (such as Stuxnet). All these problems are related to computer security. Due to its paramount importance, computer security is not just one academic research area. Many security products are installed on typical computers; in the United States, there are multiple federal agencies dedicated to computer security; the computer security is a multi-billion industry that is estimated to grow steadily (just click https://www.google.com/#q=computer+security+industry+growth and see). Computer security related issues have been widely recognized in software development companies. As computer security techniques evolve continuously along with product improvements and new service opportunities, computer security is and will remain to be an important and valuable area in the perceivable future with new career opportunities; in recent years, computer security has enjoyed a zero and low unemployment rate (see http://www.techjournal.org/2011/07/information-security-analysts-unemployment-rate-zero/ and http://www.bls.gov/oes/current/oes151122.htm).
This course provides introductory but
comprehensive coverage of fundamental problems, principles, techniques, and
algorithms in computer security, including basic cryptographic algorithms,
symmetric key cryptography, public key cryptography, hash functions, authentication
methods, authorization mechanisms, authentication protocols, real-world
security protocols, malware and software attacks, malware analysis and software
reverse engineering, secure software development, insecurity in operating
system and software, trusted computing approaches to secure and trusted
computer systems, and web security. Additionally, as computer security relies on
many interdependent components, this course will also cover real world policy
and implementation issues through case studies and papers in the literature. It
also offers opportunities to explore implementation, research, and applications
of computer security techniques to solving real world problems.
COP 4610 – Operating Systems and Concurrent
Programming or consent of the instructor; basic knowledge and experience with computer
systems; basic knowledge and understanding of modular mathematics,
permutations, probability, and linear algebra. Proficient programming skills
are not required; but students need to be able to understand C/C++ programs,
write simple programs to call library and other implemented functions, make
changes to such programs, and be able to use debuggers to analyze programs.
Upon successful
completion of this course of study, the student will:
Required textbook: “Information
Security,” 2nd
Edition, (ISBN 978-0-470-62639-9), Wiley, 2011, by Mark Stamp.
In addition to the textbook, papers and notes from the
literature will be distributed along the lectures.
Attendance is required for this class. Unless
you obtain prior consent of the instructor, missing classes will be used as
bases for attendance grading. In case that it is necessary to skip a class,
students are responsible to make up missed materials. Participation in in-class
discussions and activities is also required. All submitted assignments and
projects must be done by the author(s). It is a violation of the Academic Honor
Code to submit other’s work and the instructor of this course takes the
violations very seriously.
As this course will cover certain techniques
to break down known systems in order to demonstrate their vulnerabilities, it
may be illegal, however, to practice these techniques on others' systems. The
students will be liable for their behaviors and therefore consequences.
About nine homework assignments will be given along the lectures and they need to be turned in; they include problems in the textbook at the end of chapters as well as understanding/using/modifying existing implementation of covered algorithms. There will be a term project, which can be an implementation project that involves extensive programming, an analysis project on policy and fundamental issues, or an in-depth literature survey on a particular topic. There will be about five in-class quizzes, a midterm exam and a final exam.
Grades will be determined
as follows:
|
Assignment |
Points |
Assignment |
Points |
|
Class Attendance & Participation |
5 % |
Midterm Exam |
20 % |
|
Homework Assignments |
25 % |
Term Project |
10 % |
|
Final
Exam (cumulative) |
30 % |
Quizzes |
10% |
Grading will be based on the weighted average as specified
above and the following scale will be used (suppose the weighted average is S
in 100 scale)
|
Score |
Grade |
Score |
Grade |
Score |
Grade |
|
93 £ S |
A |
80
£ S < 83 |
B- |
67 £
S < 70 |
D+ |
|
90
£ S < 93 |
A- |
77
£ S < 80 |
C+ |
63
£ S < 67 |
D |
|
87
£ S < 90 |
B+ |
73
£ S < 77 |
C |
60
£ S < 63 |
D- |
|
83
£ S < 87 |
B |
70
£ S < 73 |
C- |
S < 60 |
F |
Assignments are due at the beginning of the class on the due date. Assignments turned in late, but before the beginning of the next scheduled class will be penalized by 10 %. Assignments that are more than one class period late will NOT be accepted.
All tests/assignments/projects/homework will be returned as soon as possible after grading but no later than two weeks from the due date.
The Florida State University Academic Honor Policy outlines the University’s expectations for the integrity of students’ academic work, the procedures for resolving alleged violations of those expectations, and the rights and responsibilities of students and faculty members throughout the process. Students are responsible for reading the Academic Honor Policy and for living up to their pledge to “. . . be honest and truthful and . . . [to] strive for personal and institutional integrity at Florida State University.” (Florida State University Academic Honor Policy, found at http://dof.fsu.edu/honorpolicy.htm)
Assignments/projects/exams are to be done individually, unless specified otherwise. It is a violation of the Academic Honor Code to take credit for the work done by other people. It is also a violation to assist another person in violating the Code (See the FSU Student Handbook for penalties for violations of the Honor Code). The judgment for the violation of the Academic Honor Code will be done by the instructor and a third party member (another faculty member in the Computer Science Department not involved in this course). Once the judgment is made, the case is closed and no arguments from the involved parties will be heard. Examples of cheating behaviors include:
v Discuss the solution for a homework question.
v Copy programs for programming assignments.
v Use and submit existing programs/reports on the world wide web as written assignments.
v Submit programs/reports/assignments done by a third party, including hired and contracted.
v Plagiarize sentences/paragraphs from others without giving the appropriate references. Plagiarism is a serious intellectual crime and the consequences can be very substantial.
Penalty for violating the Academic Honor Code: A 0 grade for the particular assignment/quiz/exam and a reduction of one letter grade in the final grade for all parties involved for each occurrence. A report will be sent to the department chairman for further administrative actions.
Students with disabilities needing academic accommodations should: 1) register with and provide documentation to the Student Disability Resource Center (SDRC), and 2) bring a letter to the instructor indicating the need for accommodation and what type. This should be done within the first week of class. This syllabus and other class materials are available in alternative format upon request.
For more information about services available to FSU
students with disabilities, contact the Assistant Dean of Students:
108 Student Services Building
(850) 644-9566 (voice)
(850) 644-8504 (TDD)
sdrc@admin.fsu.edu
http://www.disabilitycenter.fsu.edu/
© 2014 Florida State University.
Updated on August 22, 2014.