Throughout the semester, you will be learning (and implementing and launching) various attacks. This is not an invitation to perform these attacks without the express written consent of all parties involved. To do otherwise would risk violating University of Maryland policies and Maryland and U.S. laws.
The goal is to foster discovery, experimentation, and exploration, but in a safe, ethical, and respectful fashion, always. If you have an idea and want a safe environment to try it out, then let me know, and I'll try to set something up. If you have any questions or concerns, then do not hesitate to contact one of the instructors directly.
This course covers a range of topics within computer security, with the goal of instilling a security mindset, and teaching some of the core principles of security that will imporve students' secure development practices.
The following list of tentative lecture topics will vary in terms of pace:
| Website | Various course materials will be made available on the class website, which can be accessed at https://www.cs.umd.edu/class/winter2020/cmsc388N/ |
| Piazza | Class help and details will also be posted on Piazza. This provides a forum for you to post questions (and answer those from others), as well as share insights and engage on all things security. Keep in mind, however, that even though this is a class-specific forum, cheating or facilitating cheating is not allowed there (or anywhere): do not post project code or pseudocode. The class Piazza page is available at https://piazza.com/umd/other/cmsc388n/home. |
Grades will be maintained on the CS Department grades server. You can always see your current grade here.
You are responsible for all material discussed in lecture and posted on the class web page, including announcements, deadlines, policies, etc.
Final course grades will be curved as necessary, based on each student's total numeric score for all coursework at the end of the semester.
Your final course grade will be determined by the following tentative percentages:
| Build It, Break It, Fix It
Per-round criterion (40%) Competition ranking (20%) |
60% |
| Design Document | 15% |
| Commit Descriptions | 6% |
| Daily Status Reports | 10% |
| Pre/Mid/Post Surveys
(3% each) |
9% |
Most class time will be dedicated to completing the semester long project, so attendance is essential to your success in this course.
There are several excused absences from class attendence: illness, religious observation, participation in required university activities, or a family or personal emergency. We will work with you to make sure that you have a fair amount of time to make up for excused absences. The best way that we can help is if we know about absences as well in advance as possible. In particular, please let us know about any foreseeable absences (such as religious observation or participation in required activities) no later than 01/06. For excused abscences, please provide the following to the course instructor:
Besides the policies in this syllabus, the University's policies apply during the semester. Various policies that may be relevant appear in the Undergraduate Catalog.
The Campus Senate has adopted a policy asking students to include the following statement on each examination or assignment in every course: "I pledge on my honor that I have not given or received any unauthorized assistance on this examination (or assignment)." Consequently, you will be requested to include this pledge on your project. Please also carefully read the Office of Information Technology's policy regarding acceptable use of computer accounts.
Programming projects are to be written only by members of your team, therefore cooperation or use of unauthorized materials on projects is a violation of the University's Code of Academic Integrity. Any evidence of this, or of unacceptable use of computer accounts, use of unauthorized materials or cooperation on exams or quizzes, or other possible violations of the Honor Code, will be submitted to the Student Honor Council, which could result in an XF for the course, suspension, or expulsion.
For learning the course concepts, students are welcome to study together or to receive help from anyone else. You may discuss with others the project requirements, the natures of the attacks covered, what was discussed in class and in the class web forum, and general syntax errors.
When it comes to actually writing a project assignment, other than help from the instructional staff a project must solely and entirely be your team's work. Working with another student or individual outside of your team, or using anyone else's work in any way except as noted in this paragraph, is a violation of the code of academic integrity and will be reported to the Honor Council. You may not discuss design of any part of a project with anyone outside your team except the instructors.
Examples of questions that would be allowed are "Does a Java class definition end in a semicolon?" or "What does a 'class not found' error indicate?", because they convey no information about the contents of a project.
Examples of questions you may not ask others might be "How did you implement this part of the project?" or "Please look at my code and help me find my stupid syntax error!".
You may not use any disallowed source of information in creating either their project design or code. When writing projects you are free to use ideas or short fragments of code from published textbooks or publicly available information, but the specific source must be cited in a comment in the relevant section of the program.
Violations of the Code of Academic Integrity may include, but are not limited to:
If you have any question about a particular situation or source then consult with the instructors in advance. Should you have difficulty with a programming assignment you should see the instructional staff in office hours, and not solicit help from anyone else in violation of these rules.
Every semester the department has discovered a number of students attempting to cheat on project assignments, in violation of academic integrity requirements. Students' academic careers have been significantly affected by a decision to cheat. Think about whether you want to join them before contemplating cheating, or before helping a friend to cheat.
Students are welcome and encouraged to study and compare or discuss their implementations of the programming projects with any others after they are graded, provided that all of the students in question have received nonzero scores for that project assignment, and if that project will not be extended upon in a later project assignment.
Students with disabilities who have been certified by Disability Support Services as needing any type of special accommodations should see the instructor as soon as possible (but not later than Wednesday, 01/08). Please provide DSS's letter of accommodation to the instructor at that time.
All arrangements for accommodations as a result of disability must be made and arranged with the instructor at least three business days prior to the time they must be implemented; later requests (including retroactive ones) will be refused.
Although every effort has been made to be complete and accurate, unforeseen circumstances arising during the semester could require the adjustment of any material given here. Consequently, given due notice to students, the instructor reserves the right to change any information on this syllabus or in other course materials.