CSC 574 Computer and Network Security
3 Credit Hours
(also offered as ECE 574)
This course provides a graduate-level introduction to computer and network security and privacy. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course covers four key topic areas: basics of cryptography and crypto protocols, network security, systems security, and privacy. Readings primarily come from seminal papers in the field.
Prerequisite
An undergraduate course in operating systems, and a course in networking. One year experience programming. Discrete math, linear algebra, probability and statistics at the undergraduate level.
Course Objectives
By the end of this course, students will be able to:
- Explain concepts related to applied cryptography, including plaintext, ciphertext, symmetric cryptography, asymmetric cryptography, digital signatures.
- Outline the requirements and mechanisms for identification and authentication of users and computer systems, including authentication protocols and key management. Identify the possible threats to each mechanism and ways to protect against these threats.
- Explain concepts related to access control and operating system security, including access control matrices, protection, reference monitors, least privilege, discretionary access control, mandatory access control, multi-level security, role-based access control, and capabilities.
- Explain common network and Web vulnerabilities and attacks, defense mechanisms against these attacks, and cryptographic protection mechanisms.
- Describe the methods and motivation of Internet malware, and explain existing defense mechanisms and their limitations.
Course Requirements
EXAMINATIONS: 2 exams
SOFTWARE REQUIREMENTS: some programming required, platform and language dependent on project choice.
PROJECTS: There are two project tracks (student selects):
- Mini-Project Track (individual): The Mini-Projects track provides a series of smaller projects that relate more directly to the course material. There is one project for each major topic focus of the course. The projects require a range of programming as well as open-ended investigation.
- Research Project Track (individual or groups of 2): The research project requires that students execute novel research in systems and network security or privacy. By completing the research project, students will learn to think critically about security problems and solutions. Projects may or may not require programming. The topic is chosen by the student, subject to instructor approval.
Textbook
This course has no formal textbook. The course readings will come from online book chapters, seminal papers, and other informative sources.
Computer Security and the Internet: Tools and Jewels
By Paul C. Van Oorschot
Published by Springer
– hardcopy ISBN: 978-3-030-33648-6
– eBook ISBN: 978-3-030-33649-3
Here are some useful online books that provide additional information:
- Ross Anderson. Security Engineering, 2nd Edition. Wiley. April 2008.
- Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press. October 1996.