CS 600.443: Security and Privacy in Computing

Lecture Topics

The syllabus is a loose outline of the topics we will cover in this class. Some topics will spill over into other weeks, and some will be shorter. The syllabus is tentative and subject to change.

Grading policy

Assignments will be done in groups of size 1 to 4. However, the expected level of output of each group is the same, so if you work alone, you are still required to produce as much as a larger group. Grades will be determined as follows:

Assignments are due at the beginning of class at 2:30 p.m. on the stated due date. Late assignments will be penalized 5 percentage points per weekday.

There is no collaboration allowed on exams. You must do only your own work. There are no textbooks, notes, or computers allowed during exams. Exams will be based on any material presented in lecture and any material in the assigned readings.

Required Textbook

Firewalls and Internet security (second edition), Addison Wesley, 2003.
By Bill Cheswick, Steve Bellovin, Avi Rubin
Firewalls 2e
Paperback - 384 pages (June, 2001)
Addison-Wesley ISBN: 0-201-63466-X

Course Mailing List

All students must sign up for the class mailing list. Send mail to majordomo@cs.jhu.edu with "subscribe cs443" in the message body. Then, to send mail to the class, send it to cs443 at cs.jhu.edu. Important announcements will be maid via the mailing list, and students will be responsible for any information posted to the list.

Office Hours

I will hold my scheduled office hours at 326 NEB after class on Thursdays, 3:45 a.m. to 5:00 p.m. When needed, I will have hours there on Fridays as well. My primary office is at 416 Wyman Park, and we can meet there by appointment.


The TA for our class is Matt Green. Here is the TA page. You can meet with the TA by appointment.

Week 1

Reading: Chapters 4, 9, 10, 11


Introduction to the course
Lecture topic: Network security, firewalls, IPsec


Discussion of project
Lecture topic: Network security (cont)
Web security, authentication, SSL, Passport, SSH

Week 2

Reading: Chapters 12, 15, Honeypots, Honeynets


Lecture topic: Finish up network & web security
IDS, Tunneling and VPNs
Some time at the end of lecture to finish forming groups
Assignment #1 out


Lecture topic: Honeypots

Week 3

Reading: Chapters 5, 6, Gen 2 Honeynet, Sebek


Lecture topic: Honeypots/honeynets (cont.)


Lecture topic: Viruses and worms

Week 4

Reading: NSF voting paper (pdf), Diebold security analysis, Caltech MIT report (pdf), California report (pdf), California report appendix (pdf), CACM e-voting paper (pdf)


Lecture topic: Security Issues in Voting


Lecture topic: Voting continued (analysis of Diebold voting system, hack-a-vote), Caltech/MIT study
Assignment #1 in
Assignment #2 out, available here

Week 5

Reading: WEP paper


Guest lecture: Adam Stubblefield on wireless security


Lecture topic: Alternative authentication technologies

Week 6

Reading: Appendix A, Chapter 18


Lecture topic: Cryptography


Lecture topic: Crypto (cont.), key mgmt, PKI, escrow

Week 7

Reading: Chaum's paper on receipt voting (pdf)


Lecture topic: Crypto continued, Sensus voting system, Chaums receipt scheme


Guest Lecture: Ari Schwartz from Center for Democracy and Technology

Week 8


Week 9




Guest lecture by Randy Sabett

Week 10


Assignment #2 deliverable due
Assignment #2 presentations


Assignment #2 presentations

Week 11


No class due to Passover holiday


Lecture topic: Basic Privacy

Week 12

Reading: ACM Chaum paper (pdf), Crowds paper (pdf), Umass paper (pdf)


Lecture topic: P3P


Lecture topic: Anonymous routing: Crowds

Week 13

Reading: Publius paper (pdf)


Lecture topic: Censorship resistance: Publius, Freenet, Tangler


Guest Lecture by Gary McGraw: Exploiting Software

Week 14


Final assignment in
Project presentations


Project presentations
Final Exam Review

Final exam: May 6, 1:00 PM - 4:00 PM

The content from last year has changed somewhat, but here is last year's final as a sample of what my exams look like.

Computer Science Department Academic Integrity Code

The strength of the university depends on academic and personal integrity. In your studies, you must be honest and truthful. Ethical violations include cheating on exams, plagiarism, reuse of assignments, improper use of the Internet and electronic devices, unauthorized collaboration, alteration of graded assignments, forgery and falsification, lying, facilitating academic dishonesty, and unfair competition.

Academic honesty is required in all work you submit to be graded. Except where the instructor specifies group work, you must solve all homework and programming assignments without the help of others. For example, you must not look at any other solutions (including program code) to your homework problems or similar problems. However, you may discuss assignment specifications with others to be sure you understand what is required by the assignment.

*If* your instructor permits using fragments of source code from outside sources, such as your textbook or on-line resources, you must properly cite the source. Not citing it constitutes plagiarism. Similarly, your group projects must list everyone who participated.

Falsifying program output or results is prohibited.

Your instructor is free to override parts of this policy for particular assignments. To protect yourself: (1) Ask the instructor if you are not sure what is permissible. (2) Seek help from the instructor or TA, as you are always encouraged to do, rather than from other students. (3) Cite any questionable sources of help you may have received.

Students who cheat will suffer a serious course grade penalty in addition to being reported to university officials. You must abide by JHU's Ethics Code: Report any violations you witness to the instructor. You may consult the associate dean of students and/or the chairman of the Ethics Board beforehand. For more information, see the guide on Academic Ethics for Undergraduates (http://www.advising.jhu.edu/ethics.html) and the Ethics Board web site (http://ethics.jhu.edu).