COSC235 - Introduction to Network Security (Fall 2011)
Georgetown University
Prof. Micah Sherr

Course Description

This course introduces students to network security. By examining case studies and reading seminal research papers, students will learn about network attacks and vulnerabilities as well as current defenses. Topics covered include cryptography, confidentiality and authentication protocols, botnets, firewalls, intrusion detection systems, and communication privacy and anonymity.

Prerequisites: COSC-120, COSC-150, and COSC-160

Jump to course syllabus/schedule.

Who, What, and Where

Instructor: Prof. Micah Sherr
Email: click here
Office: St. Mary's Hall, Room 337
Office Hours: Thursdays 3-4pm

Classes are held every Monday and Wednesday from 3:30pm until 4:45pm in ICC 210A.

Why

This introductory course will impart a broad understanding of the underpinnings of security techniques, security best practices, and computer security research. The course should help students to understand the mindsets of attackers (the bad guys and gals who do malicious things on the network) and system designers and defenders (the good guys and gals who try to stop the attackers). The course should prepare students to understand and assess security threats, become familiar with security engineering best practices, and write better software, protocols, and systems.

Textbook and Other Readings

The required textbook for this class is Introduction to Computer Security by Michael Goodrich and Roberto Tamassia.

Other useful (but not required) books include:

Reading assignments are listed below and should be completed before the class that covers the material.

Course Resources / Listserv

Students should take advantage of two critical course resources.

Most importantly, students should regularly attend class. Not only is attendance mandatory (and a significant part of the students' grades), classroom discussion will hone in on the particular subject matter that I think is most important (and consequently, significantly more likely to appear on exams).

Second, we will make extensive use of the class listserv:
    cosc235-fall2011@security.cs.georgetown.edu
Students are expected to read every post to the listserv and to contribute to the discussion. Be prepared to receive a lot of email -- in my previous classes, several thousand listserv messages were posted in a single semester.

Q: What's the point of the listserv?
A: I'm glad you asked. If you don't understand something that was said in class, or have a question about some part of the homework assignment or some material in the textbook, it's safe to assume that a handful of other students are also confused. The listserv has several purposes. (1) It tells you that other people in the class are similarly confused about a particular topic; (2) it enables all students to learn both from the question and the answer; (3) it spawns interesting discussions; and (4) it lets me gauge what topics need better clarification and instruction.

Q: Can't I just email the Prof?
A: Of course you can, but if others can learn from the answer, you're strongly encouraged to post your question to the listserv. (In fact, you may be asked to do so.)

Q: What types of questions/answers can I post to the listserv?
A: Students are encouraged to post any questions (and answers!!) to the listserv, so long as they do not give away the solution to an assignment. General questions, conceptual questions, and clarifications are strongly encouraged. For example:
    What are the causes of a "Segmentation fault"?

    Are code exploits specific to a particular operating system?

    What is the meaning of *ptr++?
are acceptable.

Q: What types of questions/answers should I not post to the listserv?
A: Do not give away solutions to assignments. Do not start flamewars and do be respectful of others. For example:
    Why doesn't the following code work?
    [followed by 500 lines of C code]

    Is "42" an acceptable answer to homework question 5?

    Billy, your a morron.  Stop asking stupid questions and
    wasting everyone's time.
are not acceptable.

Grading and Other Class Policies
Homeworks 35%
Exam 1 15%
Exam 2 15%
Final Exam 25%
Participation* 10%

* Participation includes more than just attendance (although attendance is a must). Students should contribute to classroom and listserv discussions.

Other miscellaneous (but hopefully not arbitrary) policies:
  • Please turn off cell phones during class.
  • I will do my best to respond to emails within 24 hours. Please also consider posting your questions to the class listserv.
  • Assignments are due before class on the posted date. There is a 25% penalty for up to 24 hours after the deadline. After that, the assignment will be graded as a zero.
  • No make-up exams will be permitted.
  • Students may appeal to the instructor for reconsideration of a grade, but the appeal must be in writing (i.e., email), and must be sent within 3 weeks (or the close of the semester, whichever is sooner) of receiving the graded assignment.
  • Behave civilly: don't be late for class; don't read newspapers/blogs/etc. during class; don't solve Sudoku puzzles during class; don't struggle with crossword puzzles during class; respect others' opinions, even if they are clearly wrong.
  • Adhere to good scientific principles and practices, and uphold the Georgetown Honor System.

A Note about Academic (Dis)Honesty

Please do not cheat. Dealing with cheating is by far the worst part of a professor's responsibilities, and it's one that I'd greatly like to avoid. If you are caught cheating, you will be referred to the Honor Council, without exception. It doesn't matter if you plagiarized one part of one answer in a homework assignment or outsourced your entire semester project to www.willdoyourprojectforcupcakes.com. Telling me that I'm ruining your future/career/life will make me feel wicked bad, but won't stop me from referring you to the Honor Council.

The following -- taken from the Graduate Bulletin -- is a partial list of the things you cannot do: plagiarism; unacknowledged paraphrase; cheating, fabrication of data; fabrication, alteration, or misrepresentation of academic records; facilitating academic dishonesty; unauthorized collaboration; misuse of otherwise valid academic work; misuse of academic resources; depriving others of equal access to academic resources.

Please see Georgetown's Academic Regulations regarding the University's Honor System, as well as all the nasty things that will happen to you if you are caught cheating.

Bottom Line: If you are unsure whether or not something is permissible, ask me beforehand.

Syllabus and Schedule

Slide handouts will be posted to this web page shortly after class.

 

 

This page was last modified on 11/27/11 10:49pm