General Information


Matt Bishop, 3059 Engineering Unit II; phone: 752-8060;
email:; web page:
Office hours : W 11:00AM-12:00PM, Th 11:30AM-12:30PM, by appointment or by chance

Teaching Assistants

Dimitri DeFigueiredo, 3104 Engineering Unit II
Office hours : M11:00AM-12:00PM, Tu3:30-5:00PM, F11:00AM-12:00PM
Tye Stallard, 053 Engineering Unit II
Office hours : TuTh10:00AM-11:30AM


Section 001: MWF 10:00AM-10:50PM in 204 Art
Section 002: MWF 2:10PM-3:00PM in 176 Chemistry

Discussion Section

Section 001: F 4:10-5:00AM in 107 Cruess
Section 002: F 5:10-6:00AM in 107 Cruess


Introduce principles, mechanisms, and implementations of computer security; learn how attacks work, how to defend against them, and how to design systems to withstand them

Course Goals

Some goals we hope you achieve:
  1. learn about security in the UNIX system and programming environments;
  2. learn how to attack a system, and to defend it by analyzing the system for vulnerabilities and ameliorating those problems;
  3. understand the strengths, and weaknesses of cryptography as a tool of security'
  4. learn how access to systems, resources, and data can be controlled;
  5. learn the basics of writing security-related programs;
  6. learn about security in networks;


The prerequisite for this course is ECS 150, Operating Systems. Students who have not taken this course are at a serious disadvantage in this class. Students who have not taken the prerequisite will be dropped to make room for those who have had the prerequisites.


We shall use parts of the text Computer Security: Art and Science . Readings from this text will be distributed in class. A recommended supplementary text is:
  • S. Garfinkel and E. Spafford, Practical UNIX & Internet Security , Second Edition, O'Reilly and Associates, Inc., Sebastopol, CA. ©1996.


All registered students have been given an account on the computer science instructional machines in the basement. Change your password as soon as you can; if it is not changed within a week, your account will be disabled and you will have to see a system programmer to have it reset.

Class Web Site

The class web site is on myucdavis . To access it, go to and log in using your campus-wide login and password. Then go to ECS 153 in your schedule. Handouts and other documents will be posted there. In the event you cannot get to that site, an alternate site will be at Please use that only as a backup, though.


Information about this class, homework assignments, and so forth, will be posted to the newsgroup ucd.class.ecs153 . Information specific to your section will be posted to ucd.class.ecs153.sec1 or ucd.class.ecs153.sec2 . Read these newsgroups daily! You are responsible for everything posted to these newsgroups. We'll use it to put out important information. Please do not post to this newsgroup. If you want to post things about the class, please use the appropriate discussion newsgroup (add " .d " to the ones above). Discussing something in that newsgroup is perfectly fair.


Homework is due at noon on the date stated on the homework. See the handout All About Homework for more information.

Extra Credit

Extra credit in this course will be tallied separately from regular scores. If you end up on a borderline between two grades at the end of the course, extra credit will count in your favor. However, failure to do extra credit will never be counted against you, because grades are assigned on the basis of regular scores. You should do extra credit if you find it interesting and think that it might teach you something. Remember, though, it is not wise to skimp on the regular assignment in order to do extra credit!


30% Homework 25% Midterm exam
20% Term Project 25% Final exam


Midterm -- Monday, February 11, 2002 in class (both sections)
Final examination -- Section 001: Wednesday, March 20, 2002 at 10:30AM-12:30PM
-- Section 002: Saturday, March 23, 2002, at 1:30PM-3:30PM
These are open book/open notes exams. No early or late exam will be given; if you miss an exam for medical reasons (you must document this; no other excuses are acceptable), you may be allowed or required to take a make-up exam, or the other parts of the course will be counted proportionally more (the choice is the instructor's). In particular, forgetting the time or place of an exam is not an excuse for missing it!

Academic Integrity

Please see the Winter 2002 Class Schedule and Room Directory for a general discussion of this. In particular, for this course:
  • All work submitted for credit must be your own. You may discuss your assignments with classmates, with instructors, or with teaching assistants or readers in the course to get ideas or a critique of your ideas, but the ideas and words you submit must be your own. Unless explicitly stated otherwise in the assignment , collaboration is considered cheating and will be dealt with accordingly.
  • For written homework, you must write up your own solutions and may neither read nor copy another student's solutions.
  • For programs, you must create and type in your own code and document it yourself. Note that you are free to seek help while debugging a program once it is written.

A good analogy between appropriate discussion and inappropriate collaboration is the following: you and a fellow student work for competing software companies developing different products to meet a given specification. You and your competitor might choose to discuss product specifications and general techniques employed in your products, but you certainly would not discuss or exchange proprietary information revealing details of your products. Ask the instructor or a teaching assistant for clarification beforehand if the above rules are not clear.


ECS 153, Introduction to Computer Security
Winter Quarter 2002