CIS 551 / TCOM 401 - Computer and Network Security
Time: Tues. & Thurs. 1:30 - 3:00
Room: Towne 303
e-mail: cis551 (AT) seas.upenn.edu
office hours: Tues. 9:30-10:30
(and by appointment) Levine 511
e-mail: cis551 (AT) seas.upenn.edu
office hours: Weds. 1:30 - 2:30
Location: 612 Levine Hall
Course contact information:
Class mailing list: CIS551-401-08A (AT) lists.upenn.edu (open
to all members of the class)
News group: upenn.cis.cis551
- System Security: hacker behavior, intrusion & anomaly detection, hacker and admin
- Networks & Infrastructure: TCP/IP, Denial of Service, IPSEC, TLS/SSL
- Basic Cryptography: Shared key crypto (AES/DES), Public Key Crypto (RSA),
- Crypto software: Open SSL library, applications (authentication, digital signatures)
- Trust & Configuration management
- Malicious code: buffer overflows, viruses, worms,
- Covert Channels
The following books contain useful course material, and much of
the lecture content is derived from them (and other sources). Copies
of these books are on reserve in the Penn Engineering Library.
In addition, the following papers and web sites provide supplementary
material. Reading selections from these sources will be announced in class.
- Security in Computing (3rd edition) by Pfleeger and Pfleeger
- Computer Networks: A Systems Approach (3rd edition) by Larry L. Peterson and Bruce S. Davie
- Applied Cryptography (2nd edition) by Bruce Schneier
Engineering, Ross Anderson's textbook
- The Protection of Information in Computer Systems, Saltzer & Schroeder (1975)
- Smashing the Stack for Fun and Profit, Aleph One (1996)
- Cyclic Redundancy Check (CRC) on Wikipedia
- The Internet Worm Program: An Analysis, Gene Spafford (1988)
- Kerberos: An Authentication Service for
Open Network Systems, Steiner, Neuman, Schiller (1988)
- Introduction to the Internet Protocols, Charles L. Hedrick (Rutgers). This
1987 tutorial is surprisingly up to date, and is a very concise introduction
to the basics of the Internet protocols.
- Open SSL web page. The OpenSSL
library is installed on eniac-l.
- "A look
Back at 'Security Problems in the TCP/IP Protocol Suite'". S. M. Bellovin.
20th Computer Security Applications Conference. December 2004.
"Advanced 4.4BSD Interprocess Communication Tutorial." Lefler, et al.
- Why Cryptosystems Fail, Ross Anderson (1993)
- Inside the Slammer Worm, Moore et al. (2003).
- How to 0wn the Internet in Your Spare Time , Staniford, Paxson, and Weaver (2002).
- Top Speed of Internet Flash Worms, Staniford, Moore, Paxson, and Weaver (2004).
- Internet Quarantine: Requirements for Containing Self-propagating Code, Moore et al. (2003)
- Automated Worm Fingerprinting, Singh et al. (2004)
- Corrupted DNS Resolution Paths: The rise of a malicious resolution authority, Dagon et al. (2008)
- Bro Intrusion Detection System
- Bro: A System for Detecting Network Intruders in Real-Time, Vern Paxson. (1998)
- NSA Central Security Service
- National Information Assurance
Training and Information Center
Infranet: Circumventing Web Censorship and Surveillance,
Feamster et. al (2002).
- Why Phishing Works by Dhamija, Tygar, and Hearst
Protecting Browser State from Web Privacy Attacks, Jackson et
Dos and Don'ts of Client Authentication on the Web, Kevin Fu
- SQL Injection attacks, Chris
- Cross site scripting explained, Amit
Terra: A Virtual Machine-Based Platform for Trusted Computing,
Garfinkel, et al.
Sirer, et al.
- Analysis of an Electronic
Voting System, Kohno, et al.
and rebuttals from the Diebold voting machine analysis
Toward a Secure Voting System (Michael Clarkson, Stephen Chong,
- Technical Trends in Phishing Attacks (Milletary)
- The Emperor's New
Security Indicators (Schechter et al. 2007)
Battle Against Phishing: Dynamic Security Skins (Dhamija and
- Web pages of previous versions of CIS 551:
- Example exams from previous instances of 551 (note the order of
the course content may have differed):
Project 1: Buffer Overflows Due: 8
Feb. 2008 at 11:59 p.m.
Project 2: Network Intrusion Detection Due: 7 Mar. 2008 at 11:59 p.m.
Project 3: Cryptography Due: 4 April 2008 at 11:59 p.m.
Project 4: Secure Distributed Banking Due: 02 May 2008 at 11:59 p.m.
- 16% Midterm I - tentative date Feb. 19th
- 16% Midterm II - tentative date Apr. 1st
- 25% Final exam - date to be determined by registrar
- 40% Course projects (group projects)
- 03% Course participation
Lecture Slides and Notes
- Individual homework assignments will be available on the web
pages. They are to be completed independently and turned in at the
beginning of class on the due date.
- Late homework will not be accepted without prior permission of the
instructor unless there are emergency circumstances.
- Teams for group projects will consist of two or three students.
Students are not permitted to work individually on the team projects.
Regrade requests should be sent to the TA. Only reasonable requests
will be considered. The entire homework or exam will be regraded.
Note that this means that the score on a regraded homework might
This course will abide by the University's Code of Academic
Integrity. In particular, for individual projects and group
projects, the following guidelines should be followed:
- For individual projects, you must type in and edit
your own code, documentation, and any other materials submitted
- Copying someone else's file is not allowed.
- Allowing someone else to copy a file of yours, either explicitly or
implicitly by leaving your code unprotected, is not allowed.
- Editing each other's files is not allowed
- Regarding the ethics of what you may or may not discuss with
If there is any doubt about the use of external
sources or collabortation, please ask for clarification by the