CSCI 8260 - Computer Network Attacks and Defenses

Fall 2012

Instructor Prof. Roberto Perdisci  (perdisci [at] cs [dot] uga [dot] edu)
Credits 4
Location GSRC 306
Time 9:30-10:45am TR,  10:10-11:00 W (see course calendar)
Prerequisites Operating Systems, Computer Networks, Progr. Languages (C/C++, Java, or Python are preferred)
Office Hours (by appointment)

Course Overview

Today's network-connected computer systems are under constant attack. Cyber-crminals aim at compromising and remotely controlling large numbers of computers, which may then be used to perpetrate a variety of malicios activities and generate illicit revenues. Designing and developing secure networked systems is therefore becoming increasingly important.

In order to harden current systems against future attacks, it is fundamental to analyze and learn from past mistakes. This course will focus on the analysis of recent research in computer and network security, and will discuss both sophisticated attacks and related defense mechanisms. We will address topics such as intrusion detection, malware analysis, botnet detection, phishing, spam, Web security, and DNS security, among others. Students who successfully complete this course will be able to analyze the security properties of modern computer systems, identify possible attack avenues, and devise novel defense mechanisms to address the existing weaknesses.

This course will be research oriented, with most lectures presented in a seminar-type format. In turn, each student will present the analysis of a research paper selected from top security conferences or relevant refereed journals. All participants will be required to read the assigned papers before each lecture. In addition, the course requires each student to formulate and address a relevant research problem in computer and network security. The analysis of the chosen research problem, proposed solution, and experimental evaluation should be completed and reported in a conference-style paper by the end of the term.

Prerequisites: Students attending this course should have a good understanding of operating systems and networking concepts, and have basic knowledge of computer and network security concepts. Familiarity with programming languages such as C/C++, Java or Python will be necessary to for the completion of the course projects.

Textbooks: No required textbooks. The course will be based on reading academic research papers (see course calendar for reading assignments). However, here is a list of suggested readings:
  • Introduction to Computer Security
    Michael T. Goodrich and Roberto Tamassia
    Addition Wesley
  • Computer Networking: A Top-Down Approach Featuring the Internet, 5/e
    James F. Kurose and Keith W. Ross
    Addition Wesley, ISBN: 0-13-607967-9


Students will be evaluated using the following criteria:

Class Participation = 10%
Paper Reviews = 15%
Paper Presentations = 25%
Research Project = 50%

Reading Assignments and Paper Reviews
Students will be required to read each assigned paper before the scheduled lecture, and write a short review of at least one paper each week. The review should summarize the topic of the paper, clearly state its main contributions, describe the proposed attack or defense approaches, and outline the most important experimental results. In addition, the review should emphasize pros and cons of the analyzed paper, and propose possible future research directions.

Class Participation and Presentations
Each student will be responsible for presenting one or more research papers over the course of the semester. Presentation materials should be prepared by the designated student prior to the lecture, and must be original (figures, graphs, and large tables can be borrowed from the original paper). All students are required to participate in the analysis and discussion of the presented papers. Further guidelines will be given during the course introduction.

Research Project
Research projects may be conducted individually or in grouops (depending on the project). Students may freely choose any relevant topic in computer and network security. Project reports should be presented in a conference-style paper at the end of the term, and will be evaluated according to their novelty, clarity of presentation, technical correctness, and organization of the experiments.

Academic Integrity and Ethics

As a University of Georgia student, you have agreed to abide by the University’s academic honesty policy, “A Culture of Honesty,” and the Student Honor Code. All academic work must meet the standards described in “A Culture of Honesty” found at: Lack of knowledge of the academic honesty policy is not a reasonable explanation for a violation. Questions related to course assignments and the academic honesty policy should be directed to the instructor.

In this course we will discuss vulnerabilities and exploits. Students must always follow an ethical and responsible conduct when learning about computer and network attack techniques.