This course teaches the security mindset and introduces the principles and practices of computer security as applied to software, systems, and networks. It covers the foundations of building, using, and managing secure systems. Topics include standard cryptographic functions and protocols, and threats and defenses for real-world systems.
This class is open to undergraduates. It is recommended that you have familiarity with topics like software engineering, software debugging, basic networking, computer organization, the web and databases, and the command-line terminal; and with languages such as Python, SQL, HTML, and C/C++. This course is weighted 3 credit hours.
Learning Outcomes: At the end of the course, students will be able to:
Professor | |
Teaching Assistants |
Alishia Seo Bella Miller Ethan Quinlan |
Prerequisites | CS 3500, with a grade of C- or better. |
Lectures |
WEB L105, Tuesdays and Thursdays, 2:00–3:20PM
Slides will be posted on the Schedule.
|
Office Hours | See calendar below. Visit any TA’s office hours for assignment help or grading concerns. Please sign up on the TA Queue when you arrive. Visit the Professor’s office hours for questions about lecture material. |
Communication |
|
Recommended Textbooks |
No textbook is required for this course, however, we make available the following freely-distributed textbooks as supplementary material if you wish to use them:
|
UofU Cyber Resources |
|
For TA hours, please sign up on the TA Queue when you arrive. TAs will answer student questions in first-come, first-serve order.
Lecture Quizzes | 10% | Weekly solo quizzes to check your understanding of lectures (lowest score dropped). |
Programming Projects | 50% | Four programming projects (worth 12.5% each), completed in teams of up to two. |
Participation | 5% | Lecture participation, and intellectual contributions made on the course Piazza. |
Final Exam | 35% | One exam covering all course material (see the Schedule for date / time / location). |
Lecture Quiz due dates are strict, and no late submissions will be accepted. Programming Project submissions will be accepted for a penalty of 10% of the potential score on late assignments (e.g. 10 points on a 100 point assignment); and late submissions will not be accepted after 48 hours past the deadline. Please note there is no guarantee of support from the teaching staff (office hours, Piazza answers, etc.) during the late submission period. The instructor may grant individual extensions, but only under extraordinary circumstances. We strongly recommend that you get started and attend office hours early.
We are here to provide a nurturing environment for everyone enrolled in the course. However, violations of Utah's Standards of Academic Integrity, such as cheating or unacceptable collaboration, will result in appropriate disciplinary action such as a failing grade on the assignment, failure in the course, probation, suspension, or dismissal from the University. Cheating is when you copy, with or without modification, someone else’s work that is not meant to be publicly accessible. Unacceptable collaboration is the knowing exposure of your own exam answers, project solutions, or homework solutions, or the use of someone else’s answers or solutions.
At the same time, we encourage students to help each other learn the course material. As in most courses, there is a boundary separating these two situations. You may give or receive help on any of the concepts covered in lecture. You are allowed to consult with other students about the conceptualization of a project, or the general approach for solving problems. However, all work, whether in scrap or final form, must be done by you (or your project partners, where applicable).
If you have any questions as to what constitutes unacceptable collaboration or exploitation of prior work, please talk to a member of the course staff right away. You are expected to exercise reasonable precautions to protect your own work, including not posting solutions publicly (e.g., public GitHub repos) and not sharing code outside of your group.
To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy in CS 4440 is that you must respect the privacy and property rights of others at all times, or else you will fail the course.
Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), one of several federal laws that broadly criminalizes computer intrusion (i.e., "hacking"). Understand what the law prohibits—you dont want to end up like this guy. If in doubt, we can refer you to an attorney.
Please review the University's Acceptable Use Policy concerning proper use of information technology, as well as the Student Code. As members of the university, you are required to abide by these (and all other) policies.
1. The Americans with Disabilities Act. The University of Utah seeks to provide equal access to its programs, services, and activities for people with disabilities. If you will need accommodations in this class, reasonable prior notice needs to be given to the Center for Disability & Access, 162 Olpin Union Building, 801-581-5020. CDS will work with you and the instructor to make arrangements for accommodations. All written information in this course can be made available in an alternative format with prior notification to the Center for Disability & Access. Given the nature of this course, attendance is required and adjustments cannot be granted to allow non-attendance. However, if you need to seek an ADA accommodation to request an exception to this attendance policy due to a disability, please contact the Center for Disability and Access (CDA). CDA will work with us to determine what, if any, ADA accommodations are reasonable and appropriate.
2. University Safety Statement. The University of Utah values the safety of all campus community members. To report suspicious activity or to request a courtesy escort, call campus police at 801-585-COPS (801-585-2677). You will receive important emergency alerts and safety messages regarding campus safety via text message. For more information regarding safety and to view available training resources, including helpful videos, visit safeu.utah.edu.
3. Addressing Sexual Misconduct. Title IX makes it clear that violence and harassment based on sex and gender (which Includes sexual orientation and gender identity/expression) is a civil rights offense subject to the same kinds of accountability and the same kinds of support applied to offenses against other protected categories such as race, national origin, color, religion, age, status as a person with a disability, veteran’s status or genetic information. If you or someone you know has been harassed or assaulted, you are encouraged to report it to the Title IX Coordinator in the Office of Equal Opportunity and Affirmative Action, 135 Park Building, 801-581-8365, or the Office of the Dean of Students, 270 Union Building, 801-581-7066. For support and confidential consultation, contact the Center for Student Wellness, 426 SSB, 801-581-7776. To report to the police, contact the Department of Public Safety, 801-585-COPS (801-585-2677).