454 Computer and Network Security

General Information

Instructor: Dmitry Evtyushkin, email: devtyushkin@wm.edu
Time and location: Tue, Thu 3:30 — 4:50 pm, Blow Hall 333
Instructor Office hours: Wed 1:00 — 4:00 pm on Zoom (link on Blackboard) or by appointment
TA: Mostafa Sayed Ahmed, email: mnahmed@wm.edu
Deadlines: Add/Drop Jan 31, Withdraw Feb 1 -- Mar 24
Final exam: May 8, 2:00 — 5:00 pm, Blow Hall 333
Please keep checking this webpage for the latest information regarding the course.

Schedule

Note: The schedule below will be updated as we progress through the course. Please check the table regularly to stay on track.

Week	Lecture	Date	Topic
1	1	Thu, Jan 23, 25	Introduction to the Course
2	2	Tue, Jan 28, 25	Security fundamentals, policies, threat models
	3	Thu, Jan 30, 25	Trust & Trustworthiness
3	4	Tue, Feb 4, 25	Access Control & Permissions
	5	Thu, Feb 6, 25	Access Control & Permissions
4	6	Tue, Feb 11, 25	Cryptography basics
	7	Thu, Feb 13, 25	Cryptography basics
5	8	Tue, Feb 18, 25	Block ciphers
	9	Thu, Feb 20, 25	CANCELED due to weather
6	10	Tue, Feb 25, 25	Hash functions, HMAC
	11	Thu, Feb 27, 25	Public Key Cryptography I
7	12	Tue, Mar 4, 25	Public Key Cryptography II, midterm overview
		Thu, Mar 6, 25	Midterm exam
8		Tue, Mar 11, 25	Spring Break
		Thu, Mar 13, 25	Spring Break
9	13	Tue, Mar 18, 25	Signatures, Certificates
	14	Thu, Mar 20, 25	Memory Organization, Stack, ABI
10	15	Tue, Mar 25, 25	Buffer Overflow Attacks and Protections I
	16	Thu, Mar 27, 25	Buffer Overflow Attacks and Protections II
11	17	Tue, Apr 1, 25	Code Reuse Attacks and Protections
12	18	Thu, Apr 3, 25	Integer Overflow and Format String Attacks, Protections
		Tue, Apr 8, 25	Malware & Defense Techniques
13	19	Thu, Apr 10, 25	Overview
	20	Tue, Apr 15, 25	Midterm exam
14	21	Thu, Apr 17, 25	Web Application Security II
	22	Tue, Apr 22, 25	TLS/SSL, HTTPS
15	23	Thu, Apr 24, 25	Network security I
	24	Tue, Apr 29, 25	Network security II
	25	Thu, May 1, 25	Network security III
Finals week		Wed, May 8, 24	Final Exam 2:00 p.m. - 5:00 p.m.

General Information

We will use Piazza for discussions. Announcements will be made through Blackboard/email.
Lecture slides from the instructor will be uploaded to Blackboard.
Homework assignments and quizzes are submitted via Blackboard.
Grades are reported via Blackboard. Final grades are submitted via Banner.

Course Description

An introduction to the principles and practices of building secure systems. Covered topics include: software attacks (buffer overflow, integer overflow, etc.), malware, systems security, hardware attacks, operating system security, authentication and authorization, basics of cryptography, public key infrastructures, SSL/TLS, web security, IP security, and Denial of Service (DoS) attacks.