ECE 574 Computer and Network Security

Prerequisites

Formal: (CSC 316 or ECE 309) and (CSC 401 or ECE 407) or equivalent

Informal: You need to understand (1) IP networks, (2) modern operating systems (e.g., Windows, Linux), (3) discrete mathematics, (4) basics of systems theory and implementation (e.g., file systems, distributed systems, networking, operating systems, etc.). If you do not have a basic understanding of these areas, you will have difficulty with the course. If you have questions regarding these prerequisites, please contact the instructor.

Course Objectives

Upon completion of this course, students will be able to:

• Fundamentals: Specify a security model for a given computer system
• Crypto: Explain and apply concepts related to applied cryptography, including plaintext, ciphertext, symmetric cryptography, asymmetric cryptography, digital signatures.
• Authentication: Outline the requirements and mechanisms for identification and authentication of users and computer systems, including authentication protocols and key management. Identify the possible threats to each mechanism and ways to protect against these threats.
• Network: Identify common network and application layer attacks and defense mechanisms.
• Software: Explain and identify instances of common software vulnerabilities and mitigations.
• System: Explain concepts related to access control and operating system security, including access control matrices, ACLs and capabilities, protection, reference monitors, least privilege, discretionary access control, mandatory access control.
• Privacy: Identify and explain common privacy definitions, techniques, and systems that preserve or reduce privacy.
• Research: Read and interpret bleeding-edge academic research papers on computer and network security and privacy, and describe how the results impact real systems and people.

Course Requirements

The course will consist of four mini-projects or a research project, a midterm, a final, and online discussion activities that contribute the final grade in the following proportions:

40% – Projects (Research Project or Mini Projects)
25% – Final Exam
25% – Midterm Exam
10% – Paper Discussion / Class Participation

Textbooks

The course does not strictly follow a textbook and one is not required. However, background reading from the following textbook is strongly encouraged.

• Paul C. Van Oorschot. Computer Security and the Internet: Tools and Jewels. Springer. 2020. Note: Author’s self-archived version is freely available.

Books that might provide some useful additional information and insights:

• Network Security: Private Communication in a Public World by Kaufman, Perlman, Speciner, and Perlman. 3rd Edition only. ISBN: 978-0136643609.
• Ross Anderson. Security Engineering, 2nd Edition. Wiley. April 2008.
• Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press. October 1996.

Research Papers: Many lectures include research papers for discussion. You should never need to pay to download an article from the reading (e.g., from the ACM Digital Library). If you are on campus, you won’t be prompted to purchase articles. If you are off campus, you can go through the University Library. Alternatively, you can use the library’s EZproxy.

You can define a Chrome bookmark in your bookmark bar to automatically redirect the current page through the EZProxy.

javascript:void(location.href=’https://proxying.lib.ncsu.edu/index.php?url=’+location.href)

Updated 04/24/2025