Office: 2209 Watershed Sciences
Phone: (530) 752-8060
Office Hours: M 11:00am–11:50am; Tu 12:10pm–1:00pm; F 11:00am–11:50am; by appointment; by chance
Chun-Ming Tim Lai
Office: 53 Kemper Hall
Office Hours: M 6:00pm–9:00pm
MWF 9:00am–9:50pm in 1227 Haring Hall
ECS 153-A01: M 3:10pm–4:00pm in 155 Roesler
ECS 153-A02: Th 5:10pm–6:00pm in 1204 Haring Hall.
Introduce principles, mechanisms, and implementations of computer security; learn how attacks work, how to defend against them, and how to design systems to withstand them
Some goals we hope you achieve:
- learn about security in the UNIX/Linux system and other programming environments;
- learn how to attack a system, and to defend it by analyzing the system for vulnerabilities and ameliorating those problems;
- understand the strengths, and weaknesses of cryptography as a tool of security;
- learn how access to systems, resources, and data can be controlled;
- learn the basics of writing security-related programs; and
- learn about security in networks.
The prerequisites for this course are ECS 150, Operating Systems, and ECS 152A, Computer Networks. Students who have not taken these courses are at a serious disadvantage in this class, and will be dropped unless the instructor approves them taking the class. To make your case, please fill out the missing prerequisite request (it’s on https://photorosters.ucdavis.edu/prerequisites/.) Explain what experience you have in the subject of the prerequisite you are missing.
Handouts will be made available on Canvas.
Before Each Class
Please do the readings for each class period before the class. We will discuss material from the readings, and if you haven’t done the readings, you might have trouble following along!
Class Web Site
The class web site is on Canvas.
To access it, go to http://canvas.ucdavis.edu and log in using your campus login and password.
Then go to ECS 153 in your schedule.
Announcements, assignments, handouts, and grades will be posted there,
and you must submit assignments there. The alternate web site,
has everything except grades, and you cannot submit work there.
All registered students have been given an account on the computer science instructional machines in the basement (the Computer Science Instructional Facility, CSIF). You are also welcome to use your own laptops or desktops, but any programs you turn in will be graded on the CSIF systems. So, be sure they run on the CSIF!
For written homework, please turn in PDF or text files; we will not accept files in other formats (specifically, no DOC or ODT files allowed). As we grade these on a variety of systems, other formats may not print correctly, in which case we will be unable to grade them correctly. All homework is due at 11:55pm on the date stated on the homework, unless otherwise specified. The handout All About Homework discusses homework.
These exercises will cover handling attacks and programming. The labs involving attacks will require the use of VirtualBox, which is available for free from Oracle at https://www.virtualbox.org/wiki/Downloads. You are free to run it on any system you can; the exercises will be done using virtual machines with specific configurations. The labs involving programs will require you to write programs. They must work on the CSIF systems, as that is where we will grade them. The handout All About Programs discusses programs.
Extra credit is tallied separately from regular scores.
It counts in your favor if you end up on a borderline between two grades at the end of the course. But, not doing extra credit will never be counted against you,
because grades are assigned on the basis of regular scores.
You should do extra credit if you find it interesting and think that it might teach you something.
Remember, though, it is not wise to skimp on the regular assignment in order to do extra credit!
Midterm: Friday, May 4, 2018, in class
Final: Tuesday, June 12, 2018 at 1:00pm–3:00pm in 1227 Haring Hall
No early or late exam will be given; if you miss an exam for medical reasons (you must document this; no other excuses are acceptable), you may be allowed or required to take a make-up exam, or the other parts of the course will be counted proportionally more (the choice is the instructor’s). In particular, forgetting the time or place of an exam is not an excuse for missing it!
|Homework||25%|| ||Midterm Exam||25%|
|Lab Exercises||25%|| ||Final Exam||25%|
The UC Davis Code of Academic Conduct, available at http://sja.ucdavis.edu/cac.html, applies to this class. In particular, for this course, all work submitted for credit must be your own. You may discuss your assignments with classmates, with the instructor, or with the teaching assistant in the course to get ideas or a critique of your ideas, but the ideas and words you submit must be your own. Unless explicitly stated otherwise, collaboration is considered cheating and will be dealt with accordingly.
Be sure to read the description of plagiarism in the Code of Conduct.
In this class, as in every class at the University, plagiarism is absolutely forbidden.
For written homework, you must write up your own solutions and may neither read nor copy another student’s solutions.
For programs, you must create and type in your own code and document it yourself. Note that you are free to seek help while debugging a program once it is written.
A good analogy between appropriate discussion and inappropriate collaboration is the following: you and a fellow student work for competing software companies developing different products to meet a given specification. You and your competitor might choose to discuss product specifications and general techniques employed in your products, but you certainly would not discuss or exchange proprietary information revealing details of your products. Ask the instructor for clarification beforehand if the above rules are not clear.