CSCI 6900 - Computer Network Attacks and Defenses

Fall 2010

Students who successfully complete this course will receive 8000-level credits

Instructor Prof. Roberto Perdisci
Credits 4
Location GSRC 208 (M) / Hardman Hall 101 (TR)
Time 12:20-1:10pm M,  12:30-1:45pm TR (see course calendar)
Prerequisites Operating Systems, Computer Networks, Progr. Languages (C/C++, Java, or Python are preferred)
Office Hours By appointment

Course Overview

Today's network-connected computer systems are under constant attack. Cyber-attackers aim at compromising and remotely controlling large numbers of computers, which may then be used to perpetrate a variety of cyber-crimes. Designing and developing secure networked systems is therefore becoming increasingly important.

In order to harden current systems against future attacks, it is fundamental to analyze and learn from past mistakes. This course will focus on the analysis of recent research in computer and network security, and will discuss both sophisticated attacks and related defense mechanisms. We will address topics such as intrusion detection, malware analysis, botnet detection, phishing, spam, Web security, and DNS security, among others. Students who successfully complete this course will be able to analyze the security properties of modern computer systems, identify possible attack avenues, and devise novel defense mechanisms to address the existing weaknesses.

This course will be research oriented, with most lectures presented in a seminar-type format. In turn, each student will present the analysis of a research paper selected from top security conferences or relevant refereed journals. All participants will be required to write a short review of the assigned readings before each lecture. In addition, the course requires each student to formulate and address a relevant research problem in computer and network security. The analysis of the chosen research problem, proposed solution, and experimental evaluation should be completed and reported in a conference-style paper by the end of the term.

Prerequisites: Students attending this course should have a good understanding of operating systems and networking concepts, and have basic knowledge of computer and network security concepts. Familiarity with programming languages such as C/C++, Java or Python will facilitate the completion of the course project.

Textbooks: No textbooks. The course will be based on reading academic research papers (see course calendar for reading assignments)


Students will be evaluated using the following criteria:

Class Participation = 15%
Paper Reviews = 20%
Paper Presentations = 20%
Research Project = 45%

Reading Assignments and Paper Reviews
Students will be required to read each assigned paper before the scheduled lecture, and write a short review. The review should summarize the topic of the paper, clearly state its main contributions, describe the proposed attack or defense approaches, and outline the most important experimental results. In addition, the review should emphasize pros and cons of the analyzed paper, and propose possible future research directions.

Class Participation and Presentations
Each student will be responsible for presenting one or more research papers over the course of the semester. Presentation materials should be prepared by the designated student prior to the lecture, and must be original (figures, graphs, and large tables can be borrowed from the original paper). All students are encouraged to participate in the analysis and discussion of the presented papers. Further guidelines will be given during the course introduction.

Research Project
Research projects may be conducted individually or in pairs. Students may freely choose any relevant topic in computer and network security. Project reports should be presented in a conference-style paper at the end of the term, and will be evaluated according to their novelty, clarity of presentation, technical correctness, and organization of the experiments.

Academic Integrity and Ethics

Students must abide by UGA's Academic Honesty Policy. Dishonest behavior such as cheating, copying, or forging of experimental results will not be tolerated and may result into failing the course.

In this course we will discuss computer system vulnerabilities and exploits. Students must always follow an ethical and responsible conduct when learning attack techniques.