Link to Blackboard Learn login page
Link to Piazza class page
As of March 23rd, all classroom instruction is being conducted online. Email was sent to all registered students introducing some of the details. This syllabus has been updated to reflect those changes. Students are expected to watch lectures online (linked at the class Blackboard site), and monitor their email and the class Piazza site.
Questions or concerns should be directed to the instructor and/or the TAs.
University COVID-19 website
Call Center: 765-496-INFO (4636) (1-833-571-1043 toll free).
A survey of the fundamentals of information security. Risks and vulnerabilities, policy formation, controls and protection methods, database security, encryption, authentication technologies, host-based and network-based security issues, personnel and physical security issues, issues of law and privacy. Typically offered Fall Spring.
Catalog description: The course focuses on the principles and foundations of building secure computer systems and on security and privacy challenges in existing and emerging computer networks and systems. The course compares and analyzes security and privacy threats and architectures from an adversarial standpoint to understand how to build more secure protocols that can withstand the ever-adaptive attacks.
3 class hours, 2 PSO hours, 3 credit hours
Undergraduate level CS 25100 Minimum Grade of C and Undergraduate level CS 25200 Minimum Grade of C [may be taken concurrently])
or Undergraduate level ECE 46900 Minimum Grade of C
or Undergraduate level EE 46900 Minimum Grade of C
All of my courses operate under the same general policies and standards . My students are expected to study and understand all of these policies. Potential students are encouraged to check these out before signing up for one of my classes.
MWF in LWSN B-155, 9:30pm ‐ 10:20am
Lectures will be posted on-line via the class Blackboard site. Students are expected to watch the lectures and do the associated readings.
You must also be registered for a lab section.
Scheduled for March 11, in class
No books or notes. NO electronic devices.
A second exam may be given in early April.
Comprehrensive. No books or notes. NO electronic devices.
Eugene H. Spafford (Spaf)
Some classes will be taught by other faculty when Spaf is out of town.
For office hours, telephone/email, etc., see Spaf's homepage .
If you need to talk to me about class, or simply need to talk to someone about your Purdue classes or because you are feeling overwhelmed, I will be happy to schedule a Skype or Zoom session to talk one-on-one. Send me email with a request and some times that will work for you.
There will be a course email list used for high-priority announcements. This will use your registered @purdue.edu email address; make sure this is forwarded to an account you read on a regular basis.
All students should sign up on the Piazza webpage for the course (see the link above). We will be using Piazza for our discussions as well as to provide some of the required course material.
Some announcements may be posted in Blackboard, so be sure to check that at least once each week.
This informational page will be updated over the course of the semester! Be sure to check it regularly.
Blackboard will be used to distribute assignments and collect your responses. Grades will only be available there.
The final grade in the class will be based on assignments, a midterm exam, and a comprehensive final exam. In-class quizzes may be given without advance notice.
The determination of final scores will be approximately 30% for homeworks and projects, 30% for the midterm, and 40% for the final exam.
If you have a question or a dispute with grading of any item related to the class, consult with the TA first. You can then meet with Spaf about it if you do not agree with what the TA has to say.
Appeals of grades will only be considered within 10 class days of the posting of the grades!
The following shows an approximate week-by-week list of topics and readings (readings will be fleshed out as the semester advances). The actual presentation of some of these topics may change, subject to availability of guest lecturers and additional resources.
|Week / Dates||Topics||Readings & Notes|
|1-2 / Jan 13|| Class introduction & policies and overview of class.
Basic definitions: risk, vulnerability, trust
|3-4 / Jan 27|| Software Security
Flaws & testing
|4-5 / Feb 3|| Malware and Intrusion detection
|5-6 / Feb 10||Access control||
|6-7 / Feb 17||Authentication||
|8-9 / Mar 2||
Basics of Physical Security
Basics of Personnel Security
|Mar 9||Guest instructor: Professor Ninghui Li|
|March 11||Midterm Exam|
|Mar 13||Guest instructor: Professor Aniket Kate|
|March 14||Spring Break!|
|10 / March 23 (Online)||
Network threats & attacks
|11 / March 30 (Online)||Law & ethics||
|12 / April 6 (Online)||Law & ethics continued|
|April 7-8||CERIAS Annual Symposium! (postponed)
||Time used for catchup or other lectures.|
|13 / April 13 (Online)||
|14 / April 20 (Online)||
Security models & Policies
Web security issues
|15 / April 30 (Online)||
Cyberwar, Incident Response
Catch-up & review
|Tuesday May 1||Final Exam: Comprehensive, closed book, on Wed, May 6, time TBD|
I suggest you get the latest printing of the textbook; earlier printings had more typos. Also get the appropriate Errata pages .
Some students have found primary material in the research literature easier to understand than the (condensed) treatment in the textbook. The text contains extensive references (over 1000); you are encouraged to go to these for material with which you have difficulty.
Two recommended books for additional reference (or your bookshelf, if you intend to do more work in this area) are:
Readings may be added to the above table as the semester progresses.
I have a (outdated) list of general recommended readings for my security courses. This will be augmented with other suggestions and recommendations over time.
Students are encouraged to attend the weekly security seminar or to view the podcasts online.
Other information, handouts, assignments, etc will all be on the class page in Blackboard and eventually linked in here.
Maintained by E. H. Spafford