Dr. Bradley Reaves
CSC 574 Computer and Network Security
3 Credit Hours
(also offered as ECE 574)
This course provides a graduate-level introduction to computer and network security and privacy. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course covers four key topic areas: basics of cryptography and crypto protocols, network security, systems security, and privacy. Readings primarily come from seminal papers in the field.
Data Structures and Algorithms (NC State CSC 316) AND Data and Communications Networks (NC State CSC 401) OR Computer Networks (NC State CSC/ECE 570). One year experience in programming. Discrete math, linear algebra, probability and statistics at the undergraduate level.
By the end of this course, students will be able to:
- Explain concepts related to applied cryptography, including plaintext, ciphertext, symmetric cryptography, asymmetric cryptography, digital signatures.
- Outline the requirements and mechanisms for identification and authentication of users and computer systems, including authentication protocols and key management. Identify the possible threats to each mechanism and ways to protect against these threats.
- Explain concepts related to access control and operating system security, including access control matrices, protection, reference monitors, least privilege, discretionary access control, mandatory access control, multi-level security, role-based access control, and capabilities.
- Explain common network and Web vulnerabilities and attacks, defense mechanisms against these attacks, and cryptographic protection mechanisms.
- Describe the methods and motivation of Internet malware, and explain existing defense mechanisms and their limitations.
EXAMINATIONS: 2 exams
PROJECTS: There are two project tracks (student selects):
- Mini-Project Track (individual): The Mini-Projects track provides a series of smaller projects that relate more directly to the course material. There is one project for each major topic focus of the course. The projects require a range of programming as well as open-ended investigation.
- Research Project Track (individual or groups of 2): The research project requires that students execute novel research in systems and network security or privacy. By completing the research project, students will learn to think critically about security problems and solutions. Projects may or may not require programming. The topic is chosen by the student, subject to instructor approval.
This course has no formal textbook. The course readings will come from online book chapters, seminal papers, and other informative sources.
Computer Security and the Internet: Tools and Jewels
By Paul C. Van Oorschot
Published by Springer
– hardcopy ISBN: 978-3-030-33648-6
– eBook ISBN: 978-3-030-33649-3
Here are some useful online books that provide additional information:
- Ross Anderson. Security Engineering, 2nd Edition. Wiley. April 2008.
- Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press. October 1996.
We will also have some readings from the following textbook, which is available from the NCSU Library.
- Charlie Kaufman, Radia Perlman, and Mike Speciner. Network Security: Private Communication in a Public World, 2nd edition. Prentice Hall. 2002.
Computer and Software Requirements
Please review minimum computer specifications recommended by NC State University and Engineering Online.
SOFTWARE REQUIREMENTS: some programming required, platform and language dependent on project choice.