4/30/04 Report preparation guide posted in PS and PDF

4/30/04 Presentation preparation guide posted in PS and PDF

4/1/04 Sending in a report on project progress
E-mail a half-page (up to 10 sentences) report of project progress to the instructor. Describe what you have done so far and what remains to be done to finish the project. List any problems you currently have. Deadline: 3pm on Tue, 4/6

2/10/04 Selecting a paper to present
Look over the papers that are scheduled as a required reading in the course. Choose one paper that you would like to present and E-mail me your choice. Requests for paper presentations will be granted on a first-come-first-served basis, and I will promptly update the presentation schedule to reflect up-to-date availability of the papers.

Optional reading

J. Nazario
"Defense and Detection Strategies against Internet Worms"

B. Schneier
"Applied Cryptography: Protocols, Algorithms, and Source Code in C," 2nd edition

W. Stallings
"Cryptography and Network Security: Principles and Practice"

C. Kaufman, et. al
"Network Security: Private Communication in a Public World"

B. Schneier
"Secrets and Lies"

E. Skoudis
"Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses"

W. Cheswick, et. al
"Firewalls and Internet Security: Repelling the Wily Hacker," 2nd edition

Class slides

Will be posted in here after each class.

Grading policy

Project - 60%

Paper reports - 10%

Paper presentation - 20%

Class participation - 10%

Programming Project

There will be one programming project in the course. The project should be done in the groups of 2 people, although individual projects and projects in 3-people groups may be allowed after talking to the instructor. Students should choose one of the network security topics and make an original research contribution with their project. This means that a project should pursue some original idea, not found in the current research, and should contain its implementation and experimental performance results or a theoretical proof. While it is hard to do a significant research work during one semester, the project should at least demonstrate that the idea is feasible and promising. For example, a project could take an existing defense approach against the problem X, and augment it to work better. Or, a project could combine ideas found in existing approaches Y and Z into an integrated solution, or apply an approach known to work against problem A to problem B. Of course, a completely new idea could also form the core of a project. Students should survey the current research on their chosen topic before deciding on the project, to further their understanding of the problem, and to make sure that similar ideas have not been tried before. Below are some questions to help you choose a suitable project. You should carefully consider them before you decide what you want to do.

• Is the problem important?
• What are the existing approaches to solving the problem? Why don't they work?
• Is my idea likely to work? Will it be practical? Will it be expensive?
• Can I define a segment of this idea that can be done in one semester and that will provide results to show if this idea is worth pursuing further?

Feel free to contact the instructor to discuss possible project ideas or get recommendations of papers related to your project.

Projects will likely involve a significant programing load for implementation of the proposed idea. Students can perform experiments required for their project work in Emulab, a testbed at University of Utah where users can request access to multiple machines, organize them in a topology and perform experiments. Machines can run Linux or FreeBSD. Users get clean machines, only an operating system is installed. They also get sudoer access and can do anything that a root can. Any malicious and harmfull activity is contained, nothing bad will happen if a user crashes the machine. After running the experiments users should release the machines. Alternatively, Emulab staff will reclaim the machines if they have been idle for a while. Detailed instructions on how to use Emulab will follow later in the course.

If you have difficulties deciding on a project, programming or dividing the load fairly with your group members, talk to the instructor.

Project grading

As a part of the course requirement you will need to prepare a 30-min presentation and a report about your project. A project grade will be based on the three criteria - quality of the project (60% of the project grade), presentation (20% of the project grade) and report (20% of the project grade).

Paper reports

Students are required to read each paper before its scheduled presentation and E-mail the instructor a brief report (in plain text) containing answers to the following questions:

• What does the paper propose? (3-4 sentences)
• What is the value of this paper? (1-2 sentences)
• In your opinion, is the idea discussed in the paper good or not, and why? (3-4 sentences)
• State any suggestions you have that could improve this paper? (3-4 sentences)

Paper reports should be received at least an hour before the class in which the paper will be discussed. No extensions will be granted.

Paper presentation

Students should choose one paper from the required course reading, prepare a presentation explaining this paper and present it in the class. The presentation should be in PowerPoint, StarOffice or Latex. It should contain 30-40 slides and run about 40 minutes. Students should E-mail the presentation to the instructor by the morning of the presentation day. They can use personal laptops or an instructor's laptop for presenting.

Attendance

I personally understand that there will be times when you can't make it. The alarm clock didn't ring, you are tired, you have another midterm to study for ... I will not take attendance or hold it against you if you don't sit in the class. However you are responsible for studying all the material covered in the class, and sending in the paper report. I would also advise you to obtain class notes from one of your classmates.

However, the University Seat Claim Policy, states that:

Unless excused by the faculty member, students holding a confirmed assigned seat in a class will have relinquished their seat if they have not personally appeared in class to claim the seat by ... the second meeting for a class scheduled to meet twice a week ... If the student does not claim the seat within the time limit specified above, and does not drop the course, the instructor has the option of assigning the student a grade of "Z" at the end of the term. It is the responsibility of the student to drop each course that he/she does not plan no attend, even when the student's registration is canceled for non-payment of fees. Failure to drop a course will result in a grade of "Z".

Therefore, attendance will be taken for the first two class meetings. To accomodate the latecomers, the attendance sheet will be distributed at the end of the class.

Late policy

When you come in late you are disturbing both me and your classmates. Please make every effort to come on time. However, if you do happen to be late, come in and join the class (even if you are 30+ min late). Just don't make it a habit.

Academic honesty

You may exchange ideas for projects and discuss papers with your classmates. However, all the work you submit must be your own. Students should get acquainted with their rights and responsibilities as explained in the Student Guide to University Policies (http://www.udel.edu/stuguide/03-04/code.html#honesty).

Asking for help

If you have any problem with the class (difficulties understanding the material or doing the project, excused absence, emergency that prevents you from meeting a report deadline, need a special accomodation, etc.) don't hesitate to ask for help. E-mail the instructor, come to office hours, or simply find the instructor in the office. You can also call by phone if there is an emergency and you have no access to E-mail.

Instruction feedback

I would like to receive your comments with regard to the class organization and teaching quality. If there is ever something you would like me to improve or change, cover in another manner, etc. please write me an anonymous note and slip it into the envelope on the right side of my office door. Please try to provide constructive comments, e.g. instead of saying "I didn't understand anything you just taught" try saying "I didn't understand your explanation of worms, you went too fast over that."