CS 410 and CS 591 - 001

Computer Security 

Key Points About Course Policy

1. Prerequisites:

   1. • Familiarity with programming in a C-family language (C, C++), Java and Python.

      • Basic understanding of Networking, Operating Systems, Algorithms, Data Structures, Computer Organizations, and Computer Architectures is expected.

2. Attendance Expectations:

   1. • Attendance at every lecture is mandatory.

      • Students must arrive on time, stay for the entire class period, and actively participate in in-class activities.

      • Lateness, early departure, and non-participation are highly discouraged.

3. Course Format:

   1. • Lectures, discussions, programming assignments, and a final project are integral parts of the course.

      • Both individual and group activities enhance understanding of theoretical concepts and practical skills in distributed systems development.

4. CS Department Lab Hours:

   1. • The CS Department lab is unavailable during evenings and weekends.

      • Students must plan their work accordingly if they intend to use the lab facilities.

5. Electronic Lab Submission:

   1. • Instructions will be provided for electronically submitting labs and programs for grading.

      • Failure to adhere to instructions may result in a score of zero for labs.

6. Assessment:

   1. • Evaluation includes programming assignments, quizzes, exams, and the final project.

      • Active participation in class discussions and group activities is also assessed.

7. Quizzes and Assignments:

   1. • Regular quizzes and assignments assess comprehension of course material.

      • Implementing and practicing code snippets and problems discussed in class is expected.

8. Importance of Assignments:

   1. • Completing assignments is crucial for effective learning and successful exam performance.

9. Timely Completion:

   1. • Initiating projects and assignments promptly is crucial to meet deadlines, which will be strictly enforced.

10. Late Submissions Policy:

    1. • Late submissions result in penalties.

       • The maximum attainable score decreases by 20% for each day of late submission following the deadline.

11. Exam Integrity:

    1. • Exams must be completed independently, without assistance or communication.

       • Dates will be posted and may change.

       • Exams cover cumulative concepts from readings, course materials, and activities.

       • Missing an exam without sufficient documentation results in a score of 0.

       • In emergencies with appropriate documentation, alternative arrangements may be considered.

12. Understanding Cheating:

    1. • Cheating on programming assignments is a significant concern.

       • Familiarize yourself with the CS Department's webpage on Academic Dishonesty, which provides detailed definitions of cheating.

13. Consequences of Cheating:

    1. • Cheating results in a zero for the assignment, potentially affecting eligibility for exams.

       • A second violation leads to an immediate 'F' for the course.

14. Academic Integrity Code:

    1. • Students must uphold academic honesty.

       • Any involvement in copying during quizzes, midterms, or final exams results in a zero for the respective exam.

15. Syllabus Change Policy:

    1. • The syllabus is a guide and may be modified with prior notice.

16. Textbook Requirement:

    1. • Access to designated textbooks is mandatory.

       • Students are expected to read assigned sections, as material from the texts may be included in assessments, even if not covered in lectures.

Textbooks

• • • William Stallings, Cryptography and Network Security: Principles and Practice, Pearson

    • Behrouz A. Forouzan and Debdeep Mukhopadhyay, Cryptography and Network Security, McGraw-Hill

    • M. Whitman and H. Mattord, Principles of Information Security, Cengage

References

• • • Sarhan M. Musa, Network Security and Cryptography, Mercury Learning and Information

    • B. Forouzan, “Data Communication and Network”, McGraw-Hill

    • A. S. Tanenbaum., “Computer Networks”, Pearson

    • W. Stalling, “Data and Computer Communication”, Pearson

Future References

• • • Additional research papers and online resources will be provided throughout the course.

Note: The lectures, homework assignments, quizzes, and other announcements will be made available through Email, D2L, and the course webpage. Posting any course materials, including solutions, homework, and labs, on public websites without permission is a violation of course policy and the instructor’s copyright.

Emergency Procedures

Southern Illinois University Carbondale (SIUC) is committed to fostering a welcoming and inclusive campus environment, ensuring a space free from discrimination and intimidation for all. The university offers essential support for students with disabilities through the Office for Access and Accommodations and provides tailored assistance to military community members via Veterans Services. The Student Multicultural Resource Center champions diversity and inclusion, while the Saluki Cares program offers a robust support network for students in distress. SIUC prioritizes safety and awareness, maintaining strict policies against violence and harassment under Title IX, and offers mental health services through Counseling and Psychological Services (CAPS). Additionally, the university provides extensive academic support, including tutoring, writing assistance, and advisement, to help students succeed. For more details, please refer to the Syllabus Attachment for Spring 2025.

Major Topics Covered in the Course (Tentative)

Module I

Approx. Number of Classes - 14

• Introduction To Information Security: security goals, types of threats, security policies models, security standards, Physical security, operational security, ethical and legal issues in security.

• Introduction to System security: access control, authentication and authorization, file protection, intrusion detection, trusted computing and digital rights management, UNIX security.

• Introduction to Program security: buffer overflow attacks, viruses and worms, Trojan horses, proof-carrying code, sandboxing, Java security.

• Introduction to Network Security: types of threats, security mechanisms.

Cryptography: classical ciphers stream and block ciphers, public-key encryption, hashes and message digests, signature schemes, key establishment and management, PKI

Module II

Approx. Number of Classes - 14

Application Layer Security: Introduction to E-mail architecture, Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extension (S/MIME)

Transport layer Security (TLS): Secure Socket Layer (SSL) - Architecture, Message Formats, Four protocols

Network Layer Security (IPSec): Authentication Header (AH) and Encapsulation Security Payload (ESP), Security Association, Internet Key Exchange (IKE) Protocol, ISAKMP (Header Formats and Payloads)

• Firewall: Need and Characteristics, Types, Firewall Basing, Firewall Location and Configurations, Virtual Private Networks

Secure Electronic Transaction (SET), Digicash, Electronic commerce security

Module III

Approx. Number of Classes - 1

• Netstat: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netstat

• Ping: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/ping

• Tracert: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-xp/bb491018(v=technet.10)?redirectedfrom=MSDN

• Traceroute: https://en.wikipedia.org/wiki/Traceroute

• ipconfig: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/ipconfig

• nslookup: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/nslookup

• Wireshark: https://www.wireshark.org

• Filezilla: https://filezilla-project.org

• Putty: https://www.putty.org

• IP adress Trace: https://whatismyipaddress.com or https://www.whatismyip.com

• Top ten important tools and commands:

  •  https://www.pluralsight.com/blog/it-ops/best-network-troubleshooting-tools

  • https://www.educba.com/networking-commands

Notice