Introduction to Computer Security Fall 2019

This course teaches the security mindset and introduces the principles and practices of computer security as applied to software, host systems, and networks. It covers the foundations of building, using, and managing secure systems. Topics include standard cryptographic functions and protocols, threats and defenses for real-world systems, incident response, and computer forensics. See the schedule for details.

Professors	Adam Bates Office hours: Friday 12:00-13:00, 4306 Siebel Center
Prerequisites	Credit in CS 241 or ECE 391
Lectures	Mon./Wed./Fri. 10:00–10:50, 1404 Siebel Center Lecture Recordings (NetID required)
Discussion Sections	Wed. 11:00–11:50, 1214 Siebel Center for Comp Sci Thu. 12:00–12:50, 1214 Siebel Center for Comp Sci Thu. 13:00–13:50, 1214 Siebel Center for Comp Sci Thu. 14:00–14:50, 1103 Siebel Center for Comp Sci Thu. 16:00–16:50, 1302 Siebel Center for Comp Sci
TAs	Pubali Datta, TA Deepak Kumar, TA Zane Zheng Ma, TA Paul Murley, TA Joshua Reynolds, TA Office hours: M-F 17:00–19:00, 4405 Siebel Center. Note a small number of room conflicts necessitate alternative rooms, be sure to check Piazza for announcements.
Communications	We will make use of the following communication methods during this course: We'll use Piazza for general discussion and questions about course material. Grades will be managed through Compass2g. Lecture videos are available on echo360. Assignments will be distributed on the website. You will submit assignments through your own Git repo in a course-semester GitHub organization, created by course staff. Lecture slides and optional reading materials are on the website. Copies of assignments, slides, and other materials will also be available on a course-semester GitHub organization _public repo. For administrative issues, email ece422-staff@illinois.edu to contact the course staff.
Reference Books	No textbook is required, but if you would like additional references, we recommend: Security Engineering by Ross Anderson Cryptography Engineering by Ferguson, Schneier, and Kohno Introduction to Computer Security by Matt Bishop Computer Security: Principles and Practice by William Stallings Computer Security: Art and Science by Matt Bishop Security in Computing by Charles P. Pfleeger Introduction to Computer Security by Michael Goodrich and Roberto Tamassia
Resources	Security and Privacy Research at Illinois Security Course Roadmap

Grading

We'll calculate your course grade based on these components:

Programming Projects	50%	Five programming projects, completed in teams of two
Midterm Exam	20%	One exam covering material in the first half of class
Final Exam	30%	One exam covering all material from the course

This course has a zero tolerance policy towards cheating. The first discovered infraction will result in a zero on the assignment and will be reported to the university. The second discovered infraction will result in a zero in the course and will also be reported to the university.

Ethics, Law, and University Policies Warning

This course will include topics related computer security and privacy. As part of this investigation we may cover technologies whose abuse could infringe on the rights of others. As computer scientists, we rely on the ethical use of these technologies. Unethical use includes circumvention of an existing security or privacy mechanisms for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class and possibly more severe academic and legal sanctions.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” Understand what the law prohibits — you don’t want to end up like this guy. If in doubt, we can refer you to an attorney.

Please review the Campus Administrative Manual (especially Policy on Appropriate Use of Computers and Network Systems at the University of Illinois at Urbana-Champaign) for guidelines concerning proper use of information technology at Illinois, as well as the Student Code (especially 1-302 Rules of Conduct, 1‑402 Academic Integrity Infractions). As members of the university, you are required to abide by these policies.

Academic Integrity Policy

The University of Illinois at Urbana-Champaign Student Code should also be considered as a part of this syllabus. Students should pay particular attention to Article 1, Part 4: Academic Integrity. Read the Code at the following URL: http://studentcode.illinois.edu/.

Academic dishonesty may result in a failing grade. Every student is expected to review and abide by the Academic Integrity Policy: http://studentcode.illinois.edu/. Ignorance is not an excuse for any academic dishonesty. It is your responsibility to read this policy to avoid any misunderstanding. Do not hesitate to ask the instructor(s) if you are ever in doubt about what constitutes plagiarism, cheating, or any other breach of academic integrity.

Students with Disabilities

To obtain disability-related academic adjustments and/or auxiliary aids, students with disabilities must contact the course instructor and the as soon as possible. To insure that disability-related concerns are properly addressed from the beginning, students with disabilities who require assistance to participate in this class should contact Disability Resources and Educational Services (DRES) and see the instructor as soon as possible. If you need accommodations for any sort of disability, please speak to me after class, or make an appointment to see me, or see me during my office hours. DRES provides students with academic accommodations, access, and support services. To contact DRES you may visit 1207 S. Oak St., Champaign, call 333-4603 (V/TDD), or e-mail a message to disability@uiuc.edu. http://www.disability.illinois.edu/.

Emergency Response Recommendations

Emergency response recommendations can be found at the following website: http://police.illinois.edu/emergency-preparedness/. I encourage you to review this website and the campus building floor plans website within the first 10 days of class. http://police.illinois.edu/emergency-preparedness/building-emergency-action-plans/

Family Educational Rights and Privacy Act (FERPA)

Any student who has suppressed their directory information pursuant to Family Educational Rights and Privacy Act (FERPA) should self-identify to the instructor to ensure protection of the privacy of their attendance in this course. See http://registrar.illinois.edu/ferpa for more information on FERPA.