Introduction to Computer Security Fall 2014

This course introduces the principles and practice of computer security. It aims to teach you how to model threats to computer systems and how to think like an attacker and a defender. It presents standard cryptographic functions and protocols and gives an overview of threats and defenses for software, host systems, networks, and the Web. It also touches on some of the legal, policy, and ethical issues surrounding computer security in areas such as privacy, surveillance, and the disclosure of security vulnerabilities. The goal of this course is to provide a foundation for further study in computer security and to help you better understand how to design, build, and use computer systems more securely. See the schedule for details.


Late Chips

We've decided not to use an automated late chip server. Instead, to use some of your late days, post a private message on Piazza to the 'late_chips' folder with your name, CNetID, the assignment, and the number of late chips you are requesting. You must request late chips for an assignment before you hand it in.

Remember, with the exception of extraordinary circumstances, assignments submitted late without using late chips will receive no credit.

Kevin Fu Talk

Kevin Fu, Associate Professor at the University of Michigan, is giving a talk entitled "Medical Device Cyber Security: The First 164 Years" on Tuesday, October 7 at 4:30pm in Ry 251. Refreshments will be at 3:30pm in Ry 255. The talk is hosted by Shan Lu

Security Seminar

For this quarter, the Security and Systems seminars have been combined. The next meeting will be tomorrow, Tuesday, October 7 12–1pm in Searle 240b.

Kevin Fu will be attending, and so we'll be reading a paper from his research group: Rushanan et al. SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. IEEE Symposium on Security and Privacy. 2014. There will be Pizza.

If you're interested, we encourage you to sign up for the mailing list.

Course Staff


Ariel J. Feldman

Office hours:
Tue., Wed. 1:30–2:30pm
Room: Ry 161A


Zachary Rubenstein

Office hours:
Thu., Fri. 2–3pm
Room: Ry 278

Course Information

Prerequisites CMSC 15400
Lectures Mon., Wed., Fri. 10:30–11:20am, Ry 276
Communication We'll use Piazza for general discussion and questions about course material.
Assignments will be distributed here and be collected via Phoenixforge (instructions here).
Reference Books No textbook is required, but if you would like additional references, we recommend:
Security Engineering by Ross Anderson
Cryptography Engineering by Ferguson, Schneier, and Kohno


The coursework consists of five homeworks, five projects, and a final exam. In addition, graduate students enrolled in CMSC 33250 must submit a weekly paper response based on the readings, which are optional for undergraduates. All assignments must be done individually with the exception of Projects 4 and 5, which will be done in groups. Your course grade will be based on the following components:
Undergraduates (CMSC 23200) Graduate students (CMSC 33250)
Homeworks 30% 20%
Projects 45% 45%
Paper Responses N/A 10%
Class Participation 5% 5%
Final Exam 20% 20%


This course owes a great deal to introductory computer security courses developed by others: