This course teaches the security mindset and introduces the principles and practices of computer security as applied to software, host systems, and networks. It covers the foundations of building, using, and managing secure systems. Topics include standard cryptographic functions and protocols, threats and defenses for real-world systems, incident response, and computer forensics. See the schedule for details.
Professor | |
Prerequisites | CS 3214 or (ECE 2500 and ECE 3574), with a grade of C or better. |
Lectures |
Mon./Wed. 2:30–3:45, D&DS 150 Slides will be posted
on Canvas.
|
Office Hours | See calendar below. Visit any TA’s office hours for assignment help or grading concerns. Visit the professor’s office hours for questions about lecture material. |
TAs |
Daniel Chiba Maksim Kirillov |
Communication | We use Piazza for announcements, discussion, and questions about assignments and other course material. For administrative issues, email cs4264@cs.VT.edu to contact the course staff. Assignments will be distributed here and collected and graded via Canvas and Gradescope---as specified in the assignment instructions. |
Reference Books |
No textbook is required, but if you would like additional references, we recommend:
Introduction to Computer Security by Goodrich and Tamassia - See Notes in ScheduleSecurity Engineering by Ross Anderson Cryptography Engineering by Ferguson, Schneier, and Kohno |
Resources |
Low-level security research at VT Professor Yao's research group Professor Viswanath's research group Professor Hoang's research group Professor Gao's research group Professor Chungs's research group Cyber Security Club @ Virginia Tech Virginia Tech's embedded Capture the Flag team Hume Center Graduate-level security courses: CS 5560, CS 5584, CS 5590 Capture the flag for beginners Capture the flag for beginners |
Homework Exercises | 25% | Five homework exercises, completed on your own |
Programming Projects | 40% | Five programming projects, completed in teams of two |
Participation | 5% | Attendance and forum activity, questions and intellectual contributions |
Final Exam | 30% | One exam covering all material from the course (December 14, 3:25 PM–5:25 PM (same room as lecture)) |
To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy in CS 4264 is that you must respect the privacy and property rights of others at all times, or else you will fail the course.
Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” Understand what the law prohibits — you don’t want to end up like this guy. If in doubt, we can refer you to an attorney.
Please review the university’s policy on Acceptable Use of Information Tech for guidelines concerning proper use of information technology at VT, as well as the Undergraduate Honor System: Honor Code Manual. As members of the University, you are required to abide by these policies.