CSE425: Introduction to Computer Security, Spring 2020

About the Course

This course provides an introduction to a variety of topics in computer security for juniors and seniors majoring in computer science and engineering. It covers four parts: (1) computer security technology and principles (cryptography, authentication, access Control, database Security, DoS, malicious software, intrusion detection, firewall, etc.), (2) software security and trusted Systems (buffer overflow, software security, operating system security, etc.), (3) network security (internet security protocols, authentication app, etc.), and (4) state-of-the-art security research.

  • Class Time and location: 12:40pm-2:00pm, Monday and Wednesday (151 Communication Arts Bldg).
  • Instructor: Dr. Guan-Hua (Scott) Tu.
  • Email: ghtu@msu.edu
  • Office hour: 2pm-4pm, Wednesday (1124EB)
  • Teaching assistant: Xinyu Lei, leixinyu@msu.edu, Office hours: 3pm~5pm, Monday (2153EB)
  • Textbook: Computer Security: Principles and Practice, Third Edition, by William Stallings and Lawrie Brown.
  • Teaching materials: All materials will be uploaded to D2L.
  • Syllabus

    Please refer to this page.

    Prerequisites/Corequisites

    CSE 422, Computer Networks

    Grading

  • Attendance (5%)
  • Homework (15%)
  • Three small programming projects (15%)
  • Paper presentation (15%)
  • Midterm exam and Final exam (50%; the higher grade takes 35%, and the lower grade takes 15%.)
  • Note that homework assignments will be posted on D2L. After an assignment is posted, you will receive a notification via D2L. Late submissions of homework assignments will be penalized with a 50% point deduction. No work will be accepted later than (exactly!) 24 hours after the due date. You need to team up with another student and together read a security-related paper and give a 15-min presentation in class; the paper you selected must be published in IEEE S&P, ACM CCS, Usenix Security, or IEEE NDSS last five years. If you cannot find your team members, please contact TA for the assistance. Note that there are NO makeup midterm/final exams unless you can show proof of a severe emergency (e.g. admission to an emergency room).

    Course Grade

  • 90% and above is a 4.0; 85% - 89% is a 3.5; 80% - 84% is a 3.0, 75% - 79% is a 2.5, etc.
  • Tentative Schedule (subject to change)

    • 1/6 (Mon), Overview
    • 1/8 (Wed), User authentication
    • 1/13 (Mon), Cryptographic tools
    • 1/15 (Wed), Access control
    • 1/20 (Mon), Holiday
    • 1/22 (Wed), Denial-of-service attacks
    • 1/27 (Mon), Malicious software
    • 1/29 (Wed), Database and cloud security
    • 2/3 (Mon), Intrusion detection
    • 2/5 (Wed), Intrusion detection
    • 2/10 (Mon), Firewall and intrusion prevention systems
    • 2/12 (Wed), Buffer Overflow
    • 2/17 (Mon), Review for the midterm exam
    • 2/19 (Wed), no class, attend a conference.
    • 2/24 (Mon), Midterm exam 12:40pm - 2:00pm in 151 Communication Arts Bldg
    • 2/26 (Wed), Software security, Operating system security and discuss solutions to the midterm exam,
    • 3/2 (Mon), Spring Break,
    • 3/4 (Wed), Spring Break,
    • 3/9 (Mon), Internet security protocols and standards
    • 3/11 (Wed), Internet Authentication Applications
    • 3/16 (Mon), Public-key cryptography and message authentication
    • 3/18 (Wed), Symmetric Encryption
    • 3/23 (Mon), Wireless Network Security
    • 3/25 (Wed), Cellular network security - Charging and CSFB
    • 3/30 (Mon), Paper presentation
    • 4/1 (Wed), Cellular network security - VoLTE and SMS
    • 4/6 (Mon), Paper presentation
    • 4/8 (Wed), Google Security and Cellular network security - VoWiFi,
    • 4/13 (Mon), Paper presentation
    • 4/15 (Wed), Paper presentation
    • 4/20 (Mon), Paper presentation
    • 4/22 (Wed), Review for the final exam
    • 4/27 (Mon), Final exam, 12:45pm - 2:45pm in 151 Communication Arts Bldg