"Trusting every aspect of our lives to a giant computer was the smartest thing we ever did!"Homer Simpson

Assignments, Exams, and Readings

Assignment Due Date
Homework 1: Familiarization with Unix February 3rd, 2021
Homework 2: Password Programming Feburary 15th, 2021
Homework 3: Password Security February 24th, 2021
Homework 4: Password Code Review March 8th, 2021
In class presentations Varies
Midterm Exam March 15th17th, 2021
Homework 5: Cross Site Scripting Tutorial March 24th, 2021
Homework 6: Password Programming Redux April 12th, 2021
Homework 7: Destroy, destory, destroy. April 26th, 2021
Homework 8: Attack Familiarization. May 5th, 2021
Final Exam TBD

Resources

  • Additional Readings

    Additional readings are posted here.
  • Textbook

    This semester we will be using a variety of books, all available online. Please note the first three books are available through the Safari Books Online from any campus IP address, or using your NetID through the library website.

  • Accounts

    Later in the semester you will be given an account on a server named ia-class.cs.georgetown.edu. This will be the official machine for programming assignments. You can work on your own computer, but your code must work on and be readable on ia-class. The official class system is a linux/unix system.
  • Mailing Lists

    Students will also be expected to subscribe to the following mailing lists for the semester:

    RISKS Digest: This is a relatively low-volume mailing lists that carries discussions of the risks of computer error, misuse, and malfunction to humans and society. You may receive this any number of ways, through the web, through the newsgroup comp.risks, or by e-mail.

    http://catless.ncl.ac.uk/Risks

    Security Week This is a service that provides up to date news about security problems in the real world. You can read it at or subscribe to an email list at http://www.securityweek.com/subscribe. This is somewhat experimental; if we don't like it we will stop reading it.

Instructor, TA, and Course Information

  • Instructor

    Clay Shields

    Office Hours: Tuesday 12:00 - 2:00PM

    Office hours are online for Spring 2021 - see the class canvas page for the Zoom link

    Contact information here
  • TAs

    Cly Cunningham

    Grace Ring

  • Course Information

    This course is intended to introduce students to means of assuring the confidentiality, integrity, and availability of information through mechanisms of technology, policy, and education. Topics will include: access control; authentication; security policies and enforcement; security design principles; malicious logic; vulnerability analysis; intrusion detection and response; audit; risk assessment; personnel and physical security; and legal, ethical, and social issues. Prerequisites: COSC 173.

Policies

All my courses are run under the same set of policies which are available here. Students are expected to read and understand these policies. You can also read the Honor Council site.

In addition, in this class you will be learning how computer attackers probe and attack computers and networks. I will be providing a test network for you to experiment with these techniques. You ARE NOT to use these techniques on any other machine or network that you do not have specific written permission to do so. If you do so and are caught, I will not allow the excuse that what you were doing was for class, and instead will tell them that you were warned not to do it.