Go up to the NWS UVA page (md)
This course is a general introduction to network security. Students will understand the theoretical concepts that underlay network security, and implement many of their own attacks and defenses. Students will see the ethics, legality, and policy aspects pertaining to the subject.
I realize that nobody reads these through. So the TL;DR version:
And now for the really long-winded version…
Course content: Most of course content is available free online at http://aaronbloomfield.github.io/nws, which is from a public github repository: https://github.com/aaronbloomfield/nws. All the source code in that repository is released under a GPL 3.0 license, and all the non-source code material in that repository is released under a Creative Commons license (CC BY-SA). Note that this license and the public availability does NOT apply to the lecture videos. The slides are not my own, and are not released under either of those two licenses.
Lectures: Lecture attendance is required. There will be occasional attendance quizzes to verify this. These quizzes may be online, so bring a connected device (phone is fine) to take said quizzes.
Textbook: The required textbook is Internet Security: A Hands-on Approach by Wenliang Du. There will be readings assigned from that textbook, and the lecture will follow many of the elements in the various chapters. There may be a reading quiz on the day that a reading is due (this isn’t going to happen every time, as that’s too much grading to keep up with). These quizzes may be online, so bring a connected device (phone is fine) to take said quizzes.
Prerequisites: CS 3710 (Introduction to Cybersecurity) with a grade of C- or above. As per departmental policy, this pre-req will be checked, and if it is not met, you will be de-registered from the course.
Course Description: This course is meant as a general introduction to network security. You are assumed to have seen some of this when yo took CS 3710.
The course objectives are that a student completing this course will:
Availability: It is important to me to be available to my students, and to address their concerns. If you cannot meet with me during office hours, e-mail (or, ideally, submit a support request) and I will try to find the time to meet. That being said, like everybody else I am quite busy, so it may take a day or more to find a time to meet. And if you have any comments on the course - what is working, what is not working, what can be done better, etc. - I am very interested in hearing about them. There is an anonymous feedback tool through Canvas, or you can send me an e-mail (please do NOT email the TAs directly). I tend to get bogged down by e-mail as the semester progresses, so seeing me “in person” (during office hours or right after class) is often a good way to get a more immediate response.
Grades: Grades will be calculated by the following formula:
I expect that grades will follow the standard decade curve: 90 and above is an A of some sort (A-, A, or A+), 80 and above is some sort of a B, etc. Note: I reserve the right to modify the weighting (changing the curve, adding pop quizzes, etc.), especially if attendance drops off significantly. In particular, if the grade averages are very high, then you will need higher than a 90 to get an A-.
Assignments: There will be both larger programming homeworks and smaller tutorial-style homeworks. Often one of each will be currently assigned at any given time, but their due dates will be scheduled so that they are not both due at once. All assignments will be submitted via Gradescope; source code will be submitted this way. Many assignments will require you to deploy your code to a private Ethereum blockchain in addition to the Gradescope submission. All submissions are through Gradescope, the link to which is on the Canvas landing page. Due to the class size, and the limited TA support, all assignments will be auto-graded. The programming assignments will have their source code submitted. You will need to be familiar with the homework policies (md), as you will be bound by them on the assignments.
Course rules: You are fully responsible for all material presented in class and on the required readings. Exams and due dates are scheduled in advance. A grade of zero will be recorded for missed exams and late assignments unless prior arrangements are made (see below for details) or there are truly extenuating circumstances (which will require appropriate documentation). Assignments turned in after the due date are penalized 25% per day (or fraction thereof) late; this means a maximum of 3 days (i.e. 72 hours) late. In most cases, you are free to develop assignments on any language/platform/OS you wish. Some assignments may require a specific operating system setup, or a particular required programming language, which will be provided if necessary. However, you are responsible for porting your code to the system the class is using and ensuring that it runs correctly for us when we grade your assignment. Our reference system will specified for each assignment, but will generally be Ubuntu Linux. The Gradescope submission auto-grader will verify this upon submission (and immediately report the results back to you). Most assignments will be graded by automated testing.
Disabilities: The University of Virginia strives to provide accessibility to all students. If you require an accommodation to fully access this course, please contact the Student Disability Access Center (SDAC) at (434) 243-5180 or sdac@virginia.edu. If you are unsure if you require an accommodation, or to learn more about their services, you may contact the SDAC at the number above or by visiting the student health website at https://sdac.studenthealth.virginia.edu/.
Special Circumstances: Students with special circumstances (athletics, extra time required on exams, final exam conflicts, SDAC considerations, etc.) need to let me know during the first two weeks of class.
Exams: There will be one midterm exam (worth 20% of the final grade) and one final exam (worth 25% of the final grade).
Under NO circumstances will anybody be allowed to take the final exam early. You may ONLY request to take the final exam at a different time if you have a final exam CONFLICT, not a busy final exam schedule. Since there are no other exams scheduled during that time, it is unlikely that you will have a conflict.
Regrades: You may submit graded homeworks and exams for regrading within one week of when they are returned to you (less time for the final due to the end of the semester). Regrades are submitted via Gradescope (for written assignments) or support requests (for programming assignments). As long as people submit responsibly, I will not institute a frivolous regrade policy that existed in some semesters of CS 2150 (if one is instituted, you will be told of this ahead of time). This time limit will be strictly enforced.
Generative Artificial Intelligence Usage: You many use any generative AI product, such as ChatGPT, with the following caveat: none of the program code, nor written essays (if applicable) that you submit may have been created with the generative AI. Thus, you can use it to understand how to use a function, explain how something works, etc. But the products that you submit (code, essays, etc.) must be your own work.
Honor pledge: The UVA Honor Code is in effect for this course. There is one course specific addition: You may not look at any other student’s code for ANY reason, period. Not to debug, not to help, not to learn. You may not let another student look at your code for any reason. Needless to say, you cannot copy code from online sources unless the assignment specifically allows it (and in those cases, you must cite your source). The next paragraph describes this more.
Students are encouraged to discuss programs and assignments in general. However, helping others find bugs in existing programs, using another person’s code, or writing code for someone else is cheating and a violation of the University’s Honor System. Basically, you should not be looking at another person’s code for ANY reason (obviously you can after BOTH have submitted the assignment, or if there is a group project). This includes consulting programming solutions to assignments from previous years. This also includes looking up solutions online. Any honor violation or cheating will be referred to the honor committee, and will result in an immediate failure for the course, regardless of the outcome of the honor trial or your other grades. No exceptions! I am very strict on this, and one have successfully raised honor charges against students in the past due to violations of this policy - and I’ve blocked people from graduation because of honor offenses.
Religious accommodations: Students who wish to request academic accommodation for a religious observance should submit their request to me by email as far in advance as possible. Students who have questions or concerns about academic accommodations for religious observance or religious beliefs may contact the University’s Office for Equal Opportunity and Civil Rights (EOCR) at UVAEOCR@virginia.edu or 434-924-3200.
Your Well Being: The Engineering School proudly serves as a safe space for its students and aims to promote their well being. If you are feeling overwhelmed, stressed, or isolated, there are many individuals here who are ready and wanting to help. In addition to the course instructors, you can seek help through the Engineering Undergraduate office (Thornton A122), or Courtney MacMasters (xar7nf, 434-243-5180) who is the SDAC accessibility specialist in the Engineering school.
Alternatively, there are also other University of Virginia resources available. The Student Health Center offers Counseling and Psychological Services (CAPS) for its students. Call 434-243-5150 (or 434-972-7004 for after hours and weekend crisis assistance) to get started and schedule an appointment. If you prefer to speak anonymously and confidentially over the phone, call Madison House’s HELP Line at any hour of any day: 434-295-8255.
If you or someone you know is struggling with gender, sexual, or domestic violence, there are many community and University of Virginia resources available. The Office of the Dean of Students, Sexual Assault Resource Agency (SARA), Shelter for Help in Emergency (SHE), and UVA Women’s Center are ready and eager to help. Contact the Director of Sexual and Domestic Violence Services at 434-982-2774.
Legality: The tasks that you will be performing in this course are legal to perform in the environments set out for you via the course structure. You will be running a docker simulator on your machine, and any and all attacks can take place there. Some other attacks may have an environment set up that is outside your docker container setup; if provided to you by the course, then it is also legal to use. Do not assume that any of these attacks are legal anywhere else!