CS 343: Computer & Information Security — Fall 2020

Instructor: Professor Stephen Checkoway stephen.checkoway@oberlin.edu
Lectures: Monday, Wednesday, Friday. 14:30–15:20
Exam 1: Friday, October 30
Exam 2: TBA
Office Hours: Monday, Thursday. 16:00–17:00, or by appointment, via Zoom

Course Description

This course is an introduction to computer security. It will cover a variety of topics with special emphasis on software vulnerabilities, exploitation techniques, and mitigation measures. It is designed as a projects-based course where you will get hands-on experience with the topics covered in the course.

Assessment

Your course grade will be determined by class participation, projects and two exams, equally weighted. There are no other assignments. See the schedule for dates.

Programming Projects

The programming projects are meant as a way to get hands-on experience with computer security concepts. You will find that there is quite a difference between conceptually understanding how to exploit a given vulnerability and actually producing a working exploit.

The programming projects are designed to be done in groups of 2. (Working alone is allowed, but discouraged.) Each project will have both programming and writing components. Both group members are expected to participate fully in both the programming and writing.

You are encouraged to work with different people on each project, but group forming is completely up to you. If you’re having trouble finding a group, I suggest you use the Piazza forum to find one.

The instructions for the projects have not all been updated. Feel free to take a look at them to get a sense of what you’ll do, but don’t get started until I say in class that they’re ready.

Course Materials

Required Texts

There are no required textbooks.

Resources

Here are some resources you may find helpful while working on the projects.

Course Policies

Prerequisites

Students are expected to enter this course with a basic knowledge of systems programming, data structures, and programming in C and (very basic) C++. Some knowledge of assembly and compilers will be helpful, but the relevant information will be covered in the course or in provided references.

COVID-19 Policy

This policy supersedes all of the other policies (except for any policies mandated by the College).

No one wants to be dealing with the pandemic at the same time as we try to do everything that’s required of us. We should all recognize just how hard this situation is for everyone. If you need any accommodation from me, just let me know. In particular, if you need additional time on any assignments or exams, just let me know, in advance, if at all possible.

You are never required to tell me about any health issues, including if you have COVID-19. You are welcome to talk to me about anything you’d like. I may not have answers to questions, but I can probably point you in right direction.

Attendance Policy

Class attendance is not mandatory; however, research indicates that students who attend class are more likely to be successful. You are strongly encouraged to attend every class. Lectures are not recorded and there are no slides. If you are unable to attend class, you should consider asking a classmate to take notes for you.

Missed or Late Work Policy

Projects are due by 23:59 on the day specified on each project page. You have 3 late days that you can use throughout the semester. Each day that a project is late decreases the number of late days you and your partner have left. If you run out of late days, projects turned in late will receive a score of 0. There will be no exceptions to this policy without prior approval from Prof. Checkoway.

Electronic Communication Policy

All electronic communication with course staff should take place on Piazza unless emails are specifically requested by the staff. Course staff may, from time to time, respond to emails, but a response to one email does not guarantee a response to a second. Use Piazza!

Collaboration Policy

You are allowed, and encouraged, to work in groups of size two on all projects. You are free to have different groups for different projects. You are not allowed to work with anyone outside your group. Doing so is academic misconduct.

Academic Integrity Policy

You must adhere to the Oberlin College Academic Integrity Policy. Please familiarize yourself with the Honor Code.

Religious Holiday Observance Policy

Students wishing to be excused from class in order to observe religious holidays must follow the Oberlin College Religious Holiday Observance Policy.