Course Lecture Plan


Lectures Topics




Mon 1/3

Class overview, motivation and overview of computer security


Stallings, Chapter 1

Project 1 out.

Wed 1/5

Cryptography: symmetric encryption (DES/AES algorithms)


Stallings, Chapter 2.1-2.3, 3.2-3.3

KPS, Chapter 3.1-3.3


Mon 1/10

Cryptography: asymmetric encryption (RSA)


KPS, Chapter 6.1-6.3

Stallings, Chapter 9

Homework 1 out. 

Wed 1/12

Cryptography: one-way hashing and message digests (MD5, SHA-1)


KPS, Chapter 5.1-5.2, 5.5-5.6

Stallings 11.4-11.5, 12.1-12.2

Project 1 in

Mon 1/17

User Authentication


KPS, Chapter 9.6-9.7, 10.1-10.3, 10.8, 10.10,

Stallings Ch. 18.3


Wed 1/19

Guest lecture by Tamara Teslovich

distributed system authentication


[Guest lecture]

Stallings Ch. 19

Homework 1 in.  

Project 2 out.

Mon 1/24

Internet vulnerability: malcode overview, viruses, worms


Stallings Ch. 19

A Taxonomy of Computer Worms, N. Weaver, V. Paxson, S. Staniford, and R. Cunningham,  the First ACM Workshop on Rapid Malcode (WORM), 2003.


Wed 1/26

Internet vulnerability: denial of service (DoS)

Securing the Internet: intrusion detection systems


KPS 23.6

1.     Detecting SYN Flooding Attacks, H. Wang, D. Zhang, and K. G. Shin, in Proc. of IEEE INFOCOM, 2002

2.     Change-Point Monitoring for Detection of DoS Attacks,  H. Wang, D. Zhang, and K. G. Shin, in IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 4, December 2004.

 Homework 2 out.

Mon 1/31

Securing the Internet: intrusion detection systems (cont’d), Snort IDS.



Stallings Ch. 18.2


Wed 2/2

Review for Midterm



Homework 2 in.

Mon 2/7


Wed 2/9

Midterm grading review / Project 2 discussion




Mon 2/14

Securing the Internet: firewalls, VPN


1.    Handout from Ch. 9 of “Firewalls and Internet Security”

2.    Stallings 20.1


Wed 2/16

Software security: principles

Case study: sendmail vs. qmail


Qmail handbook, Ch. 1, Introduction to Qmail


Project 2 in. Project 3 out. 

Mon 2/21

Software security: buffer/heap overflow


Smashing The Stack For Fun And Profit, Aleph One.


Wed 2/23

Compiler prime on run-time program environment.  Defense for buffer overflow



Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade, Crispin Cowan, et al.


Mon  2/ 28

OS security: overview, access control, setuid, etc.



1.  Advanced Programming in the Unix Environment, Richard. Stevens, Addison-Wesley, 1992.  Ch 8.10 Changing User IDs and Group IDs

2. Security in Computing, Charles Pfleeger, Shari Lawrence Pfleeger, 3rd Edition, Prentice Hall, 2002. Ch. 5.4 Trusted Operating System Design

Homework 3 out

Wed 3/2

IP Security


KPS Ch. 17

Stallings Ch. 16


Mon 3/7

Wireless and cellular network security




Wed 3/9

Review for final



Homework 3 in.

Project 3 in.



  1. KPS = Network Security - Private Communication in a Public World, by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002.
  2. Stallings = Cryptography and Network Security, by William Stallings, 3rd Edition, Prentice Hall, 2003.
  3. The lecture notes have incorporated course materials developed by Dan Boneh (Stanford), Wenke Lee (Georgia Tech), David Lie (U Toronto), Aleph One, and Martin Roesch (Sourcefire Inc.).