CS 839: Topics in Computer and Network Security (Autumn 2019)


Time: Tuesdays and Thursdays, 01:00 pm - 02:15 pm
Location: ENGR HALL 3355

Instructor: Earlence Fernandes <earlence AT cs.wisc.edu>
Office Hours: CS 7387, By Appointment

Teaching Assistant: TBD <>
Office Hours: By Appointment

Credits: 3.00 units
Canvas: https://canvas.wisc.edu/courses/172565
Mailing List: compsci839-3-f19@lists.wisc.edu
Review submission system: HotCRP
Prerequisites: Graduate standing with exposure to operating systens, algorithms, and data structures at an undergraduate level at minimum. Exposure to undergrad security (CS 642) is a bonus, but not a must. Undergraduate standing may be approved on a case-by-case basis, so come to the first session and talk to me.

For more information, please use the navigation bar at the top of the page.


Overview

Computer systems play a critical role in modern society, supporting activities in almost all aspects of life. Unfortunately, there are individuals -- including vandals and professional criminals -- who wish to compromise the security and privacy of these computer systems. Computer security is the discipline dedicated to protecting computer systems and their users from the malicious actions of adversaries. This research intensive course is designed to bring participants to the forefront of modern computer security research, thereby giving students the foundations for advancing the state-of-the-art in the field. This course also targets individuals in other fields who wish to address security and privacy in their own research. A part of this course will be a deep dive on security topics in cyber-physical systems, machine learning, and their combination.

We will begin by defining the field of computer security, introducing key concepts such as adversaries, threat models, risk management, defenses, and deterrents. We then study the central themes of modern computer security research, including: human aspects; attack creation and modeling; attack detection and measurement; cryptography and communications security; system design and implementation; web and smartphone security and privacy; machine learning security; cyber-physical systems, and side channels. Because of its strong research focus, participants in the course will read and discuss research papers, as well as conduct independent research in a topic related to computer security.

Ethics, Law, and University Policies

To defend a system, you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy in the class is that you must respect the privacy and property rights of others at all times, or else you will fail the course.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” Understand what the law prohibits — you don’t want to end up like this guy. The EFF provides helpful advice on vulnerability reporting and other legal matters.

ACADEMIC INTEGRITY
By enrolling in this course, each student assumes the responsibilities of an active participant in UW-Madison’s community of scholars in which everyone’s academic work and behavior are held to the highest academic integrity standards. Academic misconduct compromises the integrity of the university. Cheating, fabrication, plagiarism, unauthorized collaboration, and helping others commit these acts are examples of academic misconduct, which can result in disciplinary action. This includes but is not limited to failure on the assignment/course, disciplinary probation, or suspension. Substantial or repeated cases of misconduct will be forwarded to the Office of Student Conduct & Community Standards for additional review. For more information, refer to https://conduct.students.wisc.edu/academic-integrity/

ACCOMMODATIONS FOR STUDENTS WITH DISABILITIES
McBurney Disability Resource Center syllabus statement: “The University of Wisconsin-Madison supports the right of all enrolled students to a full and equal educational opportunity. The Americans with Disabilities Act (ADA), Wisconsin State Statute (36.12), and UW-Madison policy (Faculty Document 1071) require that students with disabilities be reasonably accommodated in instruction and campus life. Reasonable accommodations for students with disabilities is a shared faculty and student responsibility. Students are expected to inform faculty [me] of their need for instructional accommodations by the end of the third week of the semester, or as soon as possible after a disability has been incurred or recognized. Faculty [I], will work either directly with the student [you] or in coordination with the McBurney Center to identify and provide reasonable instructional accommodations. Disability information, including instructional accommodations as part of a student's educational record, is confidential and protected under FERPA.” http://mcburney.wisc.edu/facstaffother/faculty/syllabus.php

DIVERSITY & INCLUSION
Institutional statement on diversity: “Diversity is a source of strength, creativity, and innovation for UW-Madison. We value the contributions of each person and respect the profound ways their identity, culture, background, experience, status, abilities, and opinion enrich the university community. We commit ourselves to the pursuit of excellence in teaching, research, outreach, and diversity as inextricably linked goals. The University of Wisconsin-Madison fulfills its public mission by creating a welcoming and inclusive community for people from every background – people who as students, faculty, and staff serve Wisconsin and the world.” https://diversity.wisc.edu/