BYU logo Computer Science
CS 465 Introduction to Security and Privacy

Syllabus

Welcome

This a redesigned version of CS 465 that gives a wider introduction to computer security than in the past and tries to use only CS 224 and CS 260 as prerequisites. We intend for the course to become accessible to sophomores and juniors.

Course Description

This course is designed to provide a broad introduction to digital security and privacy. It helps students think about security as a software engineer and become ready to take further coursework in security and privacy.

Major topics include:

  • operating system security
  • software security
  • network security
  • web security
  • threat modeling
  • usable security and privacy

This course is designed to meet the BYU Aims: this course should be spiritually strengthening, intellectually enlargening, character building, and lead to lifelong learning and service.

Learning Outcomes

The learning outcomes for this class are:

  • Fluency: Develop fluency in the language and concepts related to securing computing systems

  • Attacks and Defenses: Be able to execute common attacks against computer systems and deploy defenses against those attacks

  • Secure software: Write software that uses cryptographic primitives to securely communicate and store information

  • Security Mindset: Think like an attacker to identify key assets, risks, and mitigations associated with the security and privacy of a system

Materials

We will use a few different free resources for this class. These are all linked in the class schedule. The two primary resources are:

Computer Security and the Internet: Tools and Jewels from Malware to Bitcoin

Second Edition. Paul C. van Oorschot. Springer, 2021.

Available at: https://people.scs.carleton.ca/~paulv/toolsjewels.html

If you are on campus or using the BYU VPN, you can also access a free PDF of the book here: https://link.springer.com/book/10.1007/978-3-030-83411-1

Operating Systems: Three Easy Pieces

Available at: https://pages.cs.wisc.edu/~remzi/OSTEP/

Course Requirements

  • Homework: Homework is used to practice material from the class and get you ready for projects. Each homework assignment is worth 25 points. Typically learningsuite is the method of submission. These are typically due before class starts on Tuesdays, but the schedule may vary a little. Ask questions about the schedule well before the due-date/time if you have a question.

    Late Homework Policy: If it is submitted by the following class period after it is due, you can receive a maximum of 15 points. If it is submitted before the next exam, you can receive a maximum of 10 points

  • Projects: Projects give students hands-on experience with the topics covered in class. Each project is worth variable number of points, typically much more than the homework. Follow the instruction in each project for submission, typically learningsuite. These will typically be due Friday at midnight.

    Students are encouraged to meet project deadlines with much time to spare. I want to see all students complete every lab by the end of the semester, as this is by far where the most learning will occur. I want you to learn, and you will learn more if you complete the assignments.

    Projects each have their own specific passoff instructions, which you should carefully follow. Each and every assignment includes a final submission to LearningSuite.

    Code can be submitted as .zip or .tar.gz, but please make sure that when files are unzipped or untarred that they are inside of a directory - ideally with your name and the project name - instead of placed in the current directory. I really really dislike this. Do not do it. You may think I am joking but I’m fully ready to deduct points.

  • Late Project Policy:

    As an incentive to help you stay current, we will record late days and early days for each project (university holidays excluded). Each day a project is late will be deducted from your total, and each day a project is early will be added to your total. You can not get early days for a project if you have not turned in a previous project. You start with a balance of +5 days, and are capped at a maximum postive balance of 10. The initial balance ought to be enough to cover any minor issues that may arise, (e.g. friend’s wedding, job interview out of town, pet dental emergency). If this balance will not be sufficient to cover some issue you expect in the future, please work ahead to build up your balance. In extreme circumstances please discuss your scheduling issues with me ahead of time as early as possible. There may be some flexibility.

    At the end of the semester, you will receive a penalty if your late/early balance is negative. Your overall project points may be penalized up to 2% for each late day on your final balance. If all projects are completed, the penalty for late days will be capped at 10% so that your grade may be reduced by a maximum of one letter grade.

    For both homework and projects, I’m more interested in you engaging with the material and completing the work than I am with enforcing this policy. Use the existing grace period and talk to me if you’re facing bigger issues.

  • Project Pass-off Policies:

    Projects may be written in the language of your choice unless instructed otherwise. For some of the projects there is an automated passoff system. Each project has passoff instructions that should be followed carefully.

    This is generally no longer necessary, but for historical reasons, in the event of a LearningSuite failure , you may pass off a project after the deadline for full credit, and without using late days, provided you email a SHA-256 checksum of all files associated with your project to the me or the TA before the deadline. You can generate the checksum again at passoff to convince the TA that your assignment was completed on time. You can generate a checksum on linux using openssl (e.g., >openssl dgst -sha256 [filename] ). Search online for how to do this on other systems. I leave this section in my syllabus so that I can make a lame joke while discussing this on the first day of class. If I forget to, remind me.

  • Discipleship: A set of assignments that will help you develop into a disciple-scholar. These assignments are graded based on demonstrating disciple-scholarship and are worth 50 points each.

Extra Credit

  • There will occasionally be extra credit offered through various means. There will probably be an extra-credit project, and an extra-credit homework assignment, and a variety of in-class CTF-style security-related puzzles. You’ll see an example on my screen some time during the second class session, and we’ll discuss it after enough have solved the challenge. Please do your own work. None of these extra-credit opportunities are likely to have a noticable effect on your final grade in the course - they are primarily for fun and not worth many points, compared to the other assignments.

Exams

  • There will PROBABLY be two mid-term exams - schedule TBD - likely at 1/3 and 2/3 through the course, approximately. TBD I’m exploring alternatives to a learningsuite exam at the moment and will announce details when I’ve ot it figured out.

Final Grades

  • All points are equal. Your final score will be calculated as a percentage of total/possible points, using the standard university grade distribution formula. Point totals are approximate and may vary by a small amount (e.g. a mid-term exam might be 172 or 179 points instead of the intended 175 etc).

Learning Environment

Prior to each class, there will be an assigned reading. Students are expected to complete this reading and come prepared with any questions they have about the material in the reading. Class time will be divided into three sections:

  • answering questions about the reading
  • reviewing key topics from the reading
  • doing exercises related to difficult to understand sections in the reading

At the end of most units, students will complete a project to demonstrate their mastery of the material covered in the lectures.

A final project will have you learn something new beyond what was covered in class.

Course Communications

  • Use this website for the course schedule and assignments.

  • Use Learning Suite to turn in assignments and see your grade.

  • Use Slack for class discussion. I encourage you to post your questions on Slack so other students, the TAs, and the instructor can answer them for everyone. Here is a Slack invitation.

  • Use TA office hours to get help on course concepts and the projects. TAs are not expected to debug your program, but can talk to you about the concepts and whether your solution is going in the right direction.

  • Instructor office hours are “as needed”. I joke that my office hours are “after class while walking to my car” but I’m very willing to meet with you - contact me via email or on slack to make an appointment.

How to Be Successful in This Course

Come to class having finished the readings, prepared to ask any questions you had about the material. For projects, start early. This will enable you to get the help you need. Most importantly, if you need help, please come and talk to a TA or to me. We really are here to help you.

Collaboration

Projects

Most assignments are designed for individual work. You are welcome to discuss the assignment with other class members and how to solve it, but you may not view, share, or copy another student’s code.

There may be one or two group assignments for this class. In those cases, you are encouraged to work together. Please turn in a single assignment for your group. Put all of your names on the assignment, and then we will be sure to get you all the same grade. If you are reading this syllabus and email your name/netid to me, you will get 3 points of extra credit, as long as your email arrives before the beginning of our second class period.

Belonging

My goal is for everyone in this class to know that they are valued and belong. I wholeheartedly support the BYU Statement on Belonging.

The TA and instructors pledge to answer all questions in a caring and helpful manner.

If you feel you are lacking support and would like some mentoring, please contact the CS belonging team in TMCB 1112. They are a wonderful resource to get you any help you need.

If you have difficulty with your mental health, please seek counseling. See CAPS for counseling and the University Accommodations Center for accommodations. If you need help with accommodations, send me a note on Discord and we can handle that quickly and easily for you. Likewise if , let’s talk about getting you some help.

I strive to be supportive of anyone who struggles with the class, I really do want to see you succeed. You are welcome to talk to me any time about difficulties you are facing.

Academic Integrity

Please remember the reason you are at BYU—to become like Jesus Christ. Part of this journey is to study and learn (see D&C 88:118, D&C 93:36, D&C 130:18-19).

When you fail to be honest in your studies, you are missing an opportunity to grow more like Christ. We encourage you to do your utmost to ensure that you don’t compromise your integrity as you work to learn the material in this course.

Please review the BYU Honor Code and the Academic Honesty Policy.

If you are tempted to cheat because you are falling behind in the class, please come talk to me instead. I’m sure we can work something out to help you master the material for this class.

Try to focus on collaboration instead of cheating. Collaboration means discussing ideas and approaches to solving a problem, without viewing or sharing code.

What constitutes cheating?

Cheating includes:

  • Copying part or all of another student’s project code with the exception of your partner(s) on group projects. This includes students from previous semesters.

  • Using an AI-assisted tool to write your code.

  • Copying code from online sources without crediting them. You are welcome to look up solutions to specific problems (e.g. how to use a library) online, but should not be searching for exact solutions online.

  • Using or paraphrasing someone else’s words without crediting them.

If you are unsure about whether or not something constitutes cheating, please confirm with an instructor or TA.

What happens if you cheat?

If you have chosen to be dishonest, please come talk to your instructor! I will lovingly help you as you seek to reconcile with the truth. It will likely feel uncomfortable and will take courage and humility, but the peace and satisfaction of knowing you are again in the right is completely worth it. Learn for yourself the joy of repentance.

The usual outcome for cheating on an assignment is a zero on that assignment. If you have cheated on multiple assignments, you will receive an E for the course.

In most cases, the names of those who have cheated will be given to the Honor Code Office.

BYU Policies

Honor Code

In keeping with the principles of the BYU Honor Code, students are expected to be honest in all of their academic work. Academic honesty means, most fundamentally, that any work you present as your own must in fact be your own work and not that of another. Violations of this principle may result in a failing grade in the course and additional disciplinary action by the university. Students are also expected to adhere to the Dress and Grooming Standards. Adherence demonstrates respect for yourself and others and ensures an effective learning and working environment. It is the university’s expectation, and every instructor’s expectation in class, that each student will abide by all Honor Code standards. Please call the Honor Code Office at 422-2847 if you have questions about those standards.

Preventing & Responding to Sexual Misconduct

The health and well-being of students is of paramount importance at Brigham Young University. If you or someone you know has experienced sexual harassment (including sexual violence), there are many resources available for assistance.

In accordance with Title IX of the Education Amendments of 1972, BYU prohibits unlawful sex discrimination, including sexual harassment, against any participant in its education programs or activities. The university also prohibits sexual harassment by its personnel and students. Sexual harassment occurs when

  • a person is subjected to unwelcome sexual speech or conduct so severe, pervasive, and offensive that it effectively denies their ability to access any BYU education program or activity;
  • any aid, benefit, or service of BYU is conditioned on a person’s participation in unwelcome sexual conduct; or
  • a person suffers sexual assault, dating violence, domestic violence, or stalking on the basis of sex.

University policy requires all faculty members to promptly report incidents of sexual harassment that come to their attention in any way, including through face-to-face conversations, a written class assignment or paper, class discussion, email, text, or social media post. Incidents of sexual harassment should be reported to the Title IX Coordinator at t9coordinator@byu.edu or (801) 422-8692 or 1085 WSC. Reports may also be submitted online at https://titleix.byu.edu/report or 1-888-238-1062 (24-hours a day).

BYU offers confidential resources for those affected by sexual harassment, including the university’s Sexual Assault Survivor Advocate, as well as a number of non-confidential resources and services that may be helpful. Additional information about Title IX, the university’s Sexual Harassment Policy, reporting requirements, and resources can be found at http://titleix.byu.edu or by contacting the university’s Title IX Coordinator.

Student Disability

Brigham Young University is committed to providing a working and learning atmosphere that reasonably accommodates qualified persons with disabilities. A disability is a physical or mental impairment that substantially limits one or more major life activities. Whether an impairment is substantially limiting depends on its nature and severity, its duration or expected duration, and its permanent or expected permanent or long-term impact. Examples include vision or hearing impairments, physical disabilities, chronic illnesses, emotional disorders (e.g., depression, anxiety), learning disorders, and attention disorders (e.g., ADHD). If you have a disability which impairs your ability to complete this course successfully, please contact the University Accessibility Center (UAC), 2170 WSC or 801-422-2767 to request a reasonable accommodation. The UAC can also assess students for learning, attention, and emotional concerns. If you feel you have been unlawfully discriminated against on the basis of disability, please contact the Equal Opportunity Office at 801-422-5895, eo_manager@byu.edu, or visit https://hrs.byu.edu/equal-opportunity for help.”