CIS 4510/5510: Computer and Network Security
Fall 2025
Instructor: Sebastian Angel
Room: Berger Auditorium (in Skirkanich Hall)
Time: MW 10:15 AM–11:45 AM
Course Description
This course introduces the principles and practical considerations of computer and network security. It covers the following:
- Basic concepts: threat models, security principles
- Software Attacks: buffer and integer overflow, format string vulnerabilities, stack smashing
- Software Defenses: stack canaries, DEP, ASLR, isolation, fuzz testing
- Applied cryptography: symmetric and asymmetric encryption, digital signatures, hash functions
- Basics of networks and the Web: TCP/IP, routing, DNS, HTTP, cookies
- Network and Web attacks: BGP Hijacking, DNS forgery, SQL injection, CSRF, XSS
- Network security: firewalls, packet filtering, certificates, TLS
- Broader issues: surveillance, censorship, anonymity, legal issues, ethics
Prerequisites
- CIS 1600: Mathematical Foundations of Computer Science
- CIS 2400: Introduction to Computer Systems
Even though NETS students are not required to take CIS 2400, it is a prerequisite for this course.
Course Staff
| Name | Office hours (location) |
|---|---|
| TBD | TBD |
Textbook
There is no required textbook for this course. The following books (available for free) are good extra sources:
- Operating Systems: Three Easy Pieces by Remzi and Andrea Arpaci-Dusseau
- Security Engineering by Ross Anderson
- A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup
- Handbook of Applied Cryptography by Menezes, van Oorschot, and Vanstone
Assignments, quizzes, and exams
There will be 3 ungraded homework assignments, and 4 projects to be completed individually. There are two non-cumulative exams.
There will be 1 short ungraded quizz each week to be completed online through Canvas. The purpose of these quizzes is to keep you on track throughout the semester and make sure that you are understanding the material.
Late days
You will have a budget of six late days (24-hour periods) over the course of the semester that you may use to turn homeworks and projects in late without penalty and without needing to ask for an extension. Once your late days are used up, extensions will only be granted in extraordinary circumstances. Late days can be used for projects, but not for exams. To use a late day, just turn in your assignment late. There is no need to notify the course staff or justify your decision. If you have an extenuating circumstance, you must contact the course staff before the assignment is due.Grading
- Projects: 50%
- Exam 1: 25%
- Exam 2: 25%
Academic Honesty
We encourage you to discuss the problems and your general approach with other students in the class. However, the answers you turn in must be your own original work, and you must adhere to Penn’s Code of Academic Integrity.
For more information, see the Office of Student Conduct.
Students with disabilities
The University of Pennsylvania provides reasonable accommodations to students with disabilities who have self-identified and received approval from the Office of Student Disabilities Services (SDS). If SDS has approved your request for accommodations, please discuss with me the necessary arrangements for your accommodations. SDS services are free and confidential.