Security & Privacy Track

We are constantly increasing our reliance on computers for managing information from tasks both great and small. In scenarios ranging from our personal lives to our nation's critical infrastructure, the security and privacy of information is a fundamental challenge in computer science.

The College of Information and Computer Sciences offers to its B.S. students the chance to complete a concentration in Security & Privacy. The S&P concentration requires no additional courses within the major. Our courses are taught by faculty doing cutting-edge research in security and privacy, including Amir Houmansadr, David Jensen, Brian Levine, and Gerome Miklau. (Be sure to check out the research of Emery Berger and Arjun Guha as well!) We encourage students to both take our classes and to get involved in undergraduate research with these professors. Our students have graduated to positions in industry and graduate school.

The S&P curriculum has the fundamentals of algorithms, OS, and security at its core. Students then add breadth by taking at least one of Knowledge Discovery, Information Systems (a.k.a. Databases), or Computer Networks. The two latter courses might be an obvious fit to the track as they are systems where security and privacy issues come into play very often. The inclusion of the course on Knowledge Discovery reflects the latest trends in forensics, incident response, and intelligence that require data mining and computation across massive amounts of information. Finally, student add depth to their study by taking at least two of a menu of courses: Forensics, Computer Crime Law, Crypto, and graduate-level security courses.

Requirements

  • Three required courses:
    • 311 Algorithms
    • 377 Operating Systems
    • 460 Intro to Security
  • Any one course from the following:
    • 348 Knowledge Discovery
    • 445 Information Systems
    • 453 Computer Networks
    • 590CC Cloud Computing
  • Any two courses from the following:
    • 365 Digital Forensics
    • 391L S-Computer Crime Law
    • 466 Applied Cryptography (or 597CR Crypto Engg)
    • 660 Advance Information Assurance (or 591SP Multidisciplinary Study of Security and Privacy)
    • ECE597AB Security Engineering
  • Two CS electives numbered 300 or above (not including 305).

CS460 and CS391L were last offered Fall 2014; we plan to offer both in Fall 2015. CS660 will next be offered in Spring 2015 (ugrads can take it and we may well set up a separate course number for ugrads if there is need). CS365 will be offered Spring 2015, and we expect to offer it Spring 2016. ECE597AB is regularly offered by the ECE department has historically made room for CS students, but will not be offered in Spring 2015; instead students can register for CS597CR Crypto Engineering in Spring 2015. We don't have plans to offer 466 in the coming year.

Note that ECE597AB counts only for the Security track; if you leave the track for another one, such as GenCmpSci, it will not count as a "CS elective".  

Some informal descriptions of these classes follow.

  • CS 460: Intro to Computer and Network Security. Topics include ethics; fundamental defs; basic crypto tools, hardening linux systems; Risk assessment; CVE; policy; secure programming; TCP/IP vulnerabilities; Firewalls; securing DNS; anonymous routing; malware; monitoring; IDS; incident handling; system recovery; symmetric/asymmetric crypto; hashes; key management; sigs; kerberos; PKI/SSL/VPN; kerberos implementations; DOS/DDOS; wireless security.
  • CS 660: Advanced Information Assurance. This course provides an in-depth examination of the fundamental principles of information assurance. While the companion course for undergraduates is focused on practical issues, the syllabus of this course is influenced strictly by the latest research. We will cover a range of topics, including authentication, integrity, confidentiality of distributed systems, network security, malware, privacy, intrusion detection, intellectual property protection, and more.
     
  • CS 391LI: Computer Crime Law. A new full course for undergraduates on cyberlaw. We use Orin Kerr's "Computer Crime Law" law school textbook. (First offered as "Legal Implications of Computers" in Fall 2010.).
     
  • CS 348: Introduction to Knowledge Discovery. Knowledge discovery is the process of discovering useful regularities in large and complex data sets. The field encompasses techniques from artificial intelligence (representation and search), statistics (inference), and databases (data storage and access). When integrated in to useful systems, these techniques can help human analysts make sense of vast stores of digital information.
     
  • CS 453: Computer Networking. Security topics covered typically include principles of cryptography; authentication; integrity; key distribution and certification; firewalls; attacks and countermeasures; case studies.
      
  • CS 466: Applied Crypto. Topic typically include the foundations of modern cryptography and the humility of building practical cryptographic systems. Topics include fundamentals of cryptography, applications, attacks, and theory. The class draws on material from public key cryptography, hash functions, symmetric cryptography, and other timely topics -- primarily from number theoretic, performance, and definitional perspectives.
     
  • CS 365: Digital Forensics. The course is a broad introduction to forensic investigation of digital information. We cover the acquisition, preservation, harvesting, analysis, and courtroom presentation of information from file systems, operating systems, networks, database systems, applications, media files, and embedded systems. The primary goal of the class is to understand why and from where information is recoverable in these systems. We also review important case law and legal concepts.
     
  • Prof. Wayne Burleson regularly offers ECE 697AB Security Engineering, and the course can serve as a substitute for CS660 for students in the Security & Privacy track.
  • You are also welcome to complete CS 496 (Independent study) and 499Y/499T (Honors research or honors thesis) using a security & privacy related topic. Talk first to your professors about completing this option and the UPD to receive permissions for counting 496/499 towards this track.