CS 91 - Computer Security
TR 9:55-11:10, SCI 145
Fall 2004
Swarthmore College

Announcements

• Lecture notes for programs security are posted

Contents

• Course Description
• Text and Useful Links
• Grading
• Course Policy
• Lecture Notes
• Course Schedule
• Course Assignments

This class will introduce students to fundamental concepts in computer and information security. Topics that may be covered include threats and vulnerabilities, malicious software, defensive programming techniques, basic cryptography, models of security, auditing, intrusion detection, basic database security, and issues of laws and ethics related to information security. This course is designed to present a broad survey of the field rather than an in depth study of a particular portion.

The text for the course is Computers and Security, 3rd Edition by Pfleeger and Pfleeger, and The Cuckoo's Egg by Cliff Stohl.

Useful Links

• Federal Laws

Grades will be calculated based on the following distribution:

• 15% - Semester project and presentation
• 5% - Book Quiz
• 30% - Homework/Projects
• 20% - Midterm exam
• 30% - Final Exam (Cumulative)

Regular class attendance is expected. I am required to report to the dean any student whose repeated absences is impairing their performance in the class.

There will be a number of assignments made in this class. I expect every student to attempt each assignment and turn in the results. Do not expect to pass this class if you do not submit something for every assignment. You are encouraged to complete every assignment as this is one of the most effective ways to learn the material.

When homework is assigned, a due date will be made available. You are responsible for submitting your answers before the deadline. Late assignments are not accepted. If you know that for some reason you will not be able to submit the assignment before the deadline, you should contact me in advance of the deadline. Extensions are only granted in exceptional circumstances, but need to be done in advance.

Programming assignments will be graded on both correctness as well as programming style. Good programming style includes the following:

• A descriptive header for each file including author's name and the date
• Descriptive and meaningful variable and method names
• Logical organization
• Sufficient comments, but not overly commented
• Appropriate use of white space to separate sections
• Consistent indentation and style

Plagiarism and Academic Dishonesty

The College's Judiciary Committee (CJC) handles plagiarism offenses. The penalties for plagiarism are quite severe: usually the first offense leads to failure in the course, but it may additionally result in suspension. The following constitutes plagiarism on CS programming assignments:

Under no circumstances may you hand in work done with (or by) someone else under your own name. Your code should never be shared with anyone; you may not examine or use code belonging to someone else, nor may you let anyone else look at or make a copy of your code. This includes sharing solutions after the due date of the assignment. Failure to abide by these rules constitutes academic dishonesty and will lead to a hearing of the College Judiciary Committee.

Discussing ideas and approaches to problems with others on a general level is fine (in fact, we encourage you to discuss general strategies with each other), but you should never read anyone else's code or let anyone else read your code. If you are in doubt about some help that you received, then credit the person(s) from whom you got help by citing them in a comment at the top of the file and discuss the situation with your instructor.

This course will cover the following topics as time permits:

• Foundations of computer security
• Basic Cryptography
• Malware
• Secure Programming
• Trusted OS Design
• Network Security
• Intrusion Detection
• Legal Issues

Topics will probably be covered in the following sequence:

Last Modified: Tue 23 Nov 2004 09:45:58 AM EST - Benjamin A. Kuperman