CS 4393 Computer and Network Security

TR 10am-11:15am, ECSS 2.203

(This page is under construction)
A comprehensive study of security vulnerabilities in computer and networking systems and the basic techniques for developing secure applications and practicing safe computing. Topics including Common attacking techniques such as buffer overflow, Trojan, virus, etc. OS security. Conventional encryption. Hashing functions and data integrity. Public-key encryption. Digital signature. Security standards and applications. Building secure software and systems.

Information security has grown into a rich and diversified area. But I believe that it is very important for students to learn fundamental issues first. It covers all the basic areas of security and will not only focus on a particular domain so students by taking this course will have an invaluable broad knowledge of security. This course involves theories, algorithms and programming of cryptography (encryption/decryption), computer systems security, secure software, and basic network security, etc. After taking this course, students will have the knowledge to study more specialized security issues such as Network Security.

Pre-requisite: Only one: CS4348 OS. I will cover the required networking knowledge in class so you do not need to take computer networks as a pre-requisite. CS4390 has been removed from pre-req. list.

Professor

• Dr. Edwin Sha (edsha@utdallas.edu) Office hour: Tuesday 2:15 - 3:15 pm.

TA

• Aaron Hu, hujingtong@gmail.com,
• TA office hours: Tuesday 3-5pm at ECSS2.104 and Thursday 3-5pm at ECSS3.222.

More detailed information can be found in course syllabus.

The final exam will be held at 10am, IN CLASS TIME on May 1, 2012 (Tuesday). YOU MUST NOT MISS IT. I will tell you how to prepare for the exam.

Some on-line stuffs

• Basic introduction of cryptosystems
• Chapter 3

Assignments

• Several interesting homeworks and programming projects will be given. They are important for this course. You will have fun.
• Class participation is important for this course. You should not miss any of the classes.
• Homework 0 : I want to know my students better. Please give it to me in class at the due date.
• Programming Assignment 1 ; Please form a team with two members.
  • The Table of ASCII Code for your programming assignment 1.
  • English letter distribution for your reference.
• Homework 1
  • Internet Worm Tour paper .
  • Internet Worm paper by MIT .
• Programming Assignment 2
• Homework 2
• Programming Assignment 3 (Due April 24, 2012)
  • Stack Overflow for Sparc machines .
  • A very good article about stack overflow .
  • A helping note for SUN Sparc stack frame.

Reference Resources (UTD provides very good Electronic Database.)

• UTD e-journals
• IEEE Resource
• An Amazing paper finder

Some links to security:

• Vulnerability Notes Database
• Home Network Security
• National Security Institute - Security Resource Net
• Network Security Library
• NIST (National Institute of Standards and Technology)
  • AES (Advanced Encryption Standard) page
  • Computer Security Division Projects
  • Computer Security Resource Clearinghouse
  • Secure Hash Standard (SHA-1, SHA-256, SHA-384, and SHA-512)
• Some good security articles
• Internet RFC's
• RSA Security
  • RSA Laboratories
  • RSA's Cryptography FAQ.
  • Factoring Challenge
  • CryptoBytes
• Ron Rivest's good collection of Links
• Cryptography: Theory and Practice, by Doug Stinson.
• Handbook of Applied Cryptography, by Menezes, van Oorschot, and Vanstone.
• Cryptolog collection of links
• SSH Communications Security (Tatu Ylonen)
• Oded Goldreich's Theory of Cryptography Library
• IACR Cryptography ePrint Archive
• Yahoo's Security And Encryption Page
• John Young's crypto page and NYA (JYA).
• Schlumberger Smart Cards
• CERT (Computer Emergency Response Center at CMU) and ASSIST - Automated Systems Security Incident Support Team (DOD-CERT)
• Anonymous remailer FAQ
• Cipher, the newsletter of the Technical Committee on Security and Privacy of the Computer Society of the IEEE. Their calendar of upcoming events.
• sci.crypt (FAQ)
• sci.crypt.research
• Coderpunks Archive
• talk.politics.crypto
• comp.security.misc (FAQ) (FAQ)
• alt.security
• comp.security.announce
• alt.security.pgp
• alt.security.keydist
• alt.security.ripem
• comp.security.unix (FAQ)
• comp.protocols.kerberos
• comp.virus (FAQ)
• comp.risks
• FAQ for Firewalls
• Cryptography FAQ

Other Intersting Links

• A Beginner Guide to HTML
• WWW Computer Architecture

Students

• Student links will be put here.

Revised by Edwin Sha - 2008.