COMPUTER AND SYSTEMS SECURITY
    Computer Science COMP 4108
    Fall 2011
  1. CONTACTS
    2. Instructor: Evangelos Kranakis, Office hrs
    Teaching Assistant: Fraser MacQuarie (fmacquar@connect.carleton.ca)
    Wk Lecture Announcements Additional Resources
    MSDNAA
    Wk 01
    Sep 09     		Terrorism
    Connections     		Farley
    Krebs
    Abello et al.
    Hayes
    Valdis-Krebs
    Rodriguez
    Wk 02
    Sep 16     		Introduction
    DES and Variants     		Assignment 1
    Project Ideas     		Scholarship Applications
    NSERC
    OGS
    Wk 03
    Sep 23     		AES
    RSA and DH     		Identity Theft
    The RSA/DH Story
    Wk 04
    Sep 30     		Signatures
    Birthday Attack     		Click Fraud
    Wk 05
    Oct 14     		Checksums
    Principles & Designs
    Authentication
    Principles & Art     		Project Selection Due
    Assignment 1: Due Oct 14     		Lampson et al
    Lowe
    Heydon et al
    Evercookie
    Wk 06
    Oct 21     		Committments
    Onion Routing
    PGP
    Captchas     		Studying for Test
    Test 1 from 2008     		Douceur
    Sybil Survey
    Wk 07
    Oct 28     		Sybil Attacks Test 1 (Oct 28)
    Test 1: 75 min, in class: Can bring class notes during test!     		Schneider AC Policies and Mechanisms
    Understanding DACs
    Spam
    S. Staniford, V. Paxson, N. Weaver, How to own the Internet...,
    Wk 08
    Nov 04     		Censorship
    AC Principles and Policies
    Security Models     		Assignment 2 Botnets
    G1 Security
    No-Swipe Cards
    Kranakis, van Oorschot, Whyte, DNS-based Detection...
    Wk 09
    Nov 11     		Malicious Logic
    Internet Worms
    Countermeasures     		Scareware
    Kruegel et al Polymorphic Worms...
    Harrison et al OS Security Feldmeier, Karn, UNIX Pwds Sec: 10 yrs later Remus OS Security: Unix/Linux, Windows, Mac Davis et al Graphical Pwds
    Wk 10
    Nov 18     		IP-Spoofing
    OS Security
    OS Design
    Passwords
    Risk Analysis     		Koobface Worm
    Walfish et al
    Wk 11
    Nov 25     		Defense by Offense
    Cluster Heads
    Network Security     		WSJ: The Surveillance Catalogue
    Assignment 2: Due Nov 25 (Delete Problem 7)     		Survey of DDoS
    S. Belovin A Look Back at Security...
    Evan Ratliff Zombie Hunters Wallach
    Wk 12
    Dec 02     		Test 2 (Dec 02) 60 min, in class: Can bring class notes during test!
    Studying for Test
    Test 2 from 2008
    Dec 02: Presentations     		Malicious Bots...
    Puri Bots & Botnet: An Overview
    A Survey of... Claessens et al.
    (How) Can Mobile... Geer
    Wk 13
    Dec     		DNSSEC
  2. CONTENTS OF LECTURES:
    A significant amount of the course will be based on recent papers published only in journals and/or conference proceedings. You can download lecture notes in pdf format. Links are activated only when the lectures are ready.
  3. COURSE DESCRIPTION
    Introduction to information security in computer and communications systems, including network, operating systems, web and software security; passwords, authentication applications, privacy, data integrity, anonymity, secure email, IP security, security infrastructures, firewalls, viruses, intrusion detection, network attacks.
    Prerequisites: COMP 3000 (operating systems), COMP 3203 (computer networks).
    Anti-requisites: COMP 4103.
  4. WHAT TO STUDY FOR THE TESTS
    1. Test 1: Read everything covered in class up to and including last lecture before test.
      Make sure you understand concepts and methodologies.
    2. Test 2: Read everything covered in class after test 1 up to and including last lecture).
      Make sure you understand concepts and methodologies.
  5. STUDENTS' REQUIREMENTS:
    1. All assignments are compulsory and must be handed in on the due date before 2:30 pm, in the file cabinet located in room 3115 HP (put the assignment in an envelope that has your name and student ID and place it in the box that has my name and course number COMP 4108). Late assignments will not be accepted. The assignments' mark will be averaged over the remaining assignments if there is a serious reason (like, health problem) in which case a written certificate from the appropriate authority is required. Missing assignments are worth 0 %. Please retain the assignments (once handed back).
    2. Plagiarism will not be tolerated. You must always write up the solutions to assignment problems on your own and acknowledge your sources in case you used library material. On the first occasion, plagiarizing an assignment will result in assigning a 0 to all the students involved and continuation of this practice may have severe repercussions for the student(s) involved.
    3. Make-up tests are not possible. In case of absence from a test and in order to average your mark over the remaining exams a written certificate from the appropriate authority is required, else you will receive 0 %. If certificate is approved then an oral test will be given.
    4. Remarking of individual questions in a test is not possible; the whole test will be remarked, in which case your grade for this test may either increase or decrease.
  6. GRADING AND COURSE-WORK
    7. Test 1: 35%
    Test 2: 25%
    Assignment 1: 07.5%
    Assignment 2: 07.5%
    Project: 25%.
  7. USEFUL TEXTBOOKS
    1. William Stallings, Cryptography and Network Security, 4/E, ISBN-10: 0131873164 ISBN-13: 9780131873162, Publisher: Prentice Hall, Copyright: 2006, Format: Cloth; 592 pp, Published: 11/16/2005,
      Student Resiurces
    2. Network Security: Private Communication in a Public World, 2nd Edition Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall, 2002. ISBN: 0130460192.
      The first book is more useful to learn about security tools. The second is the most useful overall. Usually the course notes and one of these books should be adequate for your study.