CIS-551: Computer and Network Security
Fall 2020
Instructor: Sebastian Angel
Room: Online (Zoom link in Canvas)
Time: M/W 12:00 PM–1:30 PM
Email: sebastian.angel at cis.upenn.edu
Discussion: Piazza
Course Description
This course covers the principles of computer and network security. It covers:
- Basic concepts: threat models, security principles
- Software Attacks: buffer and integer overflow, format strings, stack smashing, side channels
- Software Defenses: stack canaries, ASLR, isolation, fuzz testing
- Applied cryptography: symmetric and asymmetric encryption, digital signatures, hash functions
- Basics of networks and the Web: TCP/IP, routing, DNS, network protocols, cookies
- Network and Web attacks: denial of service, DNS forgery, SQL injection, XSS
- Network security: firewalls, packet filtering, certificates, TLS
- Broader issues: surveillance, privacy, anonymity, legal issues, ethics
Prerequisites
- CIS 160: Mathematical Foundations of Computer Science
- CIS 240: Introduction to Computer Systems
- CIS 380: Operating systems (recommended)
Even though NETS students are not required to take CIS 240, it is a prerequisite for this course. In particular, we expect all students to be familiar with the C programming language, some simple assembly, and the use of the command line.
Course Staff
| Name | Email (at seas.upenn.edu) | Office hours (Remote, see Canvas) |
|---|---|---|
| Weichen Zheng | zweichen | Monday 4–6 PM |
| Daniel Stekol | dstekol | Tuesday 4–6 PM |
| Abdullah Zaini | azaini | Wednesday 8:30–10:30 AM |
| Liangcheng Yu | leoyu | Wednesday 7–9 PM |
| Andrew Beams | abeams | Friday 10 AM–12 PM |
| Makarios Chung | chungma | Saturday 8–10 PM |
Textbook
There is no required textbook for this course. The following three books (available for free) are good extra sources:
- Building Secure & Reliable Systems by Adkins, Beyer, Blankinship, Lewandowski, Oprea, and Stubblefield
- Security Engineering by Ross Anderson
- Handbook of Applied Cryptography by Menezes, van Oorschot, and Vanstone
- A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup
Assignments and exams
There will be 4 homework assignments and 4 projects. There will be two take-home exams: a midterm and a final.
Late Days. You will have a budget of six late days (24-hour periods) over the course of the semester that you may use to turn assignments in late without penalty and without needing to ask for an extension. Once your late days are used up, extensions will only be granted in extraordinary circumstances. Late days can be used for homeworks and projects, but not exams. To use a late day, just turn in your assignment late. There is no need to notify the course staff. If you have an extenuating circumstance, you must contact the course staff before the assignment is due.
Grading
- Homeworks: 30%
- Projects: 40%
- Midterm exam: 15%
- Final exam: 15%
Academic Honesty
We encourage you to discuss the problems and your general approach with other students in the class. However, the answers you turn in must be your own original work, and you must adhere to Penn’s Code of Academic Integrity.
For more information, see the Office of Student Conduct.
Students with disabilities
The University of Pennsylvania provides reasonable accommodations to students with disabilities who have self-identified and received approval from the Office of Student Disabilities Services (SDS). If SDS has approved your request for accommodations, please make an appointment to meet with me as soon as possible in order to discuss the arrangements for your accommodations. SDS services are free and confidential.
Belonging, inclusion, and wellness
The CIS department and all of the faculty and staff are committed to making your studies here at Penn a safe and rewarding experience. This can only happen if we work together to create an inclusive environment that welcomes all students, regardless of their race, ethnicity, gender identity, sexuality, or socioeconomic status. Diversity, inclusion, and belonging are all core values of this course. All participants in this course deserve, and should expect, to be treated with respect by other members of the community. We encourage all students to visit the CIS Diversity site to learn about all avaialble resources.
A sense of belonging can also affect students’ mental health and wellness, which is of utmost importance to the course instruction staff, if not the University as a whole. All members of the instruction staff will be happy to chat or just to listen if you need someone to talk to, even if it’s not specifically about this course.
If you or someone you know is in distress and urgently needs to speak with someone, please do not hesitate to contact CAPS: 215-898-7021; 3624 Market St. If you are uncomfortable reaching out to CAPS, any member of the instruction staff will be happy to contact them on your behalf.