General Information
Instructor
Teaching Assistant
Overview
The objectives of this course consist of developing a solid understanding of fundamental principles of the security field and building knowledge of tools and mechanisms to safeguard a wide range of software and computing systems. It is intended for upper-level undergraduate and graduate students, and a tentative list of the covered topics is: cryptographic background and tools; access control; authentication; software security, malware; Internet security protocols and standards (SSL/TLS, IPsec, secure email); intrusion detection and intrusion prevention systems (firewalls); database security; privacy; identity management; security management and risk assessment; legal and ethical aspects (cybercrime, intellectual property)
Downloads: Course Syllabus
Tentative Schedule
| Date | Topic | Notes |
|---|---|---|
| Week-1 Class-1 1/30 | Overview Notes Video | 1. Read CSE and UB academic integrity policies and procedures and finish the quiz on UBLearns. 2. Read Chapter 1. |
| Week-1 Class-2 2/1 | Symmetric Encryption I Notes Video | Read Sections 2.1 and 20.2 |
| Week-2 Class-1 2/6 | Symmetric Encryption II Notes Video | Read Sections 20.3 and 20.5 |
| Week-2 Class-2 2/8 | Diffie-Hellman, Data Integrity and Hash Functions Notes Video | Read Sections 21.5, 23.1, 22.5, and 22.3 and Sections 2.2, 21.1, and 21.2 |
| Week-3 Class-1 2/13 | Password Hashing and Public-Key Cryptography Notes Video | Sections 2.3, 2.4, 21.4, and 21.5 |
| Week-3 Class-2 2/15 | Certificates and Randomness Notes Video | Read Sections 2.4 and 2.5 |
| Week-4 Class-1 2/20 | Authentication I Notes Video | |
| Week-4 Class-2 2/22 | Class cancelled due to severe weather conditions | Read Chapter 3. |
| Week-5 Class-1 2/27 | Authentication II Notes Video | The instructor will be out of town on the 27th. Instead, the class will be delivered on-line on the 24th 9PM. Students can attend the online session though it is not required. Recording will be provided thereafter. |
| Week-5 Class-2 3/1 | Authentication III Notes Video | |
| Week-6 Class-1 3/6 | Access Control I Notes Video | Reading Sections 4.1 through 4.4 |
| Week-6 Class-2 3/8 | Access Control II Notes Video | 1. Read Sections 4.5 through 4.8 2. The instructor will be out of town on the 8th. Instead, the class will be delivered on-line on the 10th 9PM. Students can attend the online session though it is not required. Recording will be provided thereafter. |
| Week-7 Class-1 3/13 | Database Security Notes Video | Recommended reading: Chapter 5 |
| Week-7 Class-2 3/15 | *** Midterm Exam *** | |
| Week-8 Class-1 3/20 | === Spring Recess No class === | |
| Week-8 Class-2 3/22 | === Spring Recess No class === | |
| Week-9 Class-1 3/27 | Operating System Security Notes | 1. The class will be delivered on-line on the 27th 5PM. Students can attend the online session though it is not required. Recording will be provided thereafter. 2. Chapter 12, section 4.4 |
| Week-9 Class-2 3/29 | Software Security I Notes Video | |
| Week-10 Class-1 4/3 | Software Security II Notes Video | |
| Week-10 Class-2 4/5 | Software Security III Notes Video | |
| Week-11 Class-1 4/10 | Software Security IV Notes Video | |
| Week-11 Class-2 4/12 | Software Security V Notes Video | |
| Week-12 Class-1 4/17 | Network Security I Notes Video | |
| Week-12 Class-2 4/18 | Network Security II Notes Video | |
| Week-13 Class-1 4/24 | Network Security III Notes Video | The instructor will be out of town on the 24th. Instead, the class will be delivered on-line on the 22nd 9PM. Students can attend the online session though it is not required. Recording will be provided thereafter. |
| Week-13 Class-2 4/26 | Network Security IV Notes Video | |
| Week-14 Class-1 5/1 | Network Security V Notes Video | |
| Week-14 Class-2 5/3 | Intrusion Detection Notes Video | |
| Week-15 Class-1 5/8 | Notes Video | |
| Week-15 Class-2 5/10 | Review | |
| Final Exam 5/19 3:30PM-5:30PM Knox 110 |
Resources
Required textbook:- William Stallings and Lawrie Brown, Computer Security: Principles and Practice, 4th edition, Pearson, 2017.
- Charles Pfleeger and Shari Pfleeger, Security in Computing.
- William Stallings, Cryptography and Network Security, Principles and Practice.
- Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World.
- Edward Skoudis and Tom Liston, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses.
- Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems.