Advanced Computer Security Fall 2020

Computer security is one of the most exciting and challenging areas in all of computer science. For the world's largest technology companies, securing their computer systems is one of their top priorities. While technology has changed, the fundamental problems of securing computer systems have stayed remarkably similar.

This course provides an in depth examination of a selection of issues in computer security. This semester, readings are organized around four areas: access control, intrusion detection, cloud computing, and the Internet of Things. However, within each of these topics, we will see a broad variety of methodologies employed spanning systems design, hardware design and analysis, empirical measurement, machine learning, software testing, human-computer interaction, applied cryptography, and more. We will examine selected seminal and current papers in the field to provide context and further understanding of each area.

CS563 assumes prior knowledge of fundamental security concepts -- if you are in this class, I expect that you have successfully completed an undergraduate security course (e.g., CS461, CS463, or equivalent) or are actively engaged in security research with an Illinois faculty member. If you do not have background knowledge in a security area then be prepared to work hard to catch up, or else you are going to have a bad time in this course.


Meeting Time/Place Tuesdays and Thursdays, 3:30–4:45, 1302 Siebel Center
Professor Adam Bates
Office hours: Wednesdays, 3:30pm -- ~4:45pm (on Zoom)
TA Pubali Datta
Office hours: By appointment
Prerequisites Successful completion of an undergraduate-level security course
Communications We will make use of the following communication methods during this course:

  • Grades will be managed through Compass2g.
  • Lecture slides are on the website.
  • We now have a Piazza discussion forum! Available here.
For administrative issues, email Professor Bates.

Course Requirements

The expectations for all students in this course are as follows:
  1. Participate: Students will attend every class and actively participate in class discussions.
  2. Read Literature: Students will read all of the assigned papers in advance of each class.
  3. Present Literature: Students will present research papers and lead the ensuing class discussion.
  4. Write Reviews: Each week, students will select one (1) of the assigned readings and prepare a reaction paper. These reviews will be submitted prior to the start of the class and graded by the instructors. Details about paper summary expectations will be discussed in the first class as part of the introductory material.
  5. Complete a Term Project: Students will conduct a major reserch project in security, with the chief deliverable being a conference-style paper at the end of the semester. Project topics will be discussed in class after the introductory material is completed. As part of the term project, there will be another milestones throughout the semester (e.g., project proposals) that will be graded as homework assignment and discussed with the intructors outside of class. Projects teams may include groups of up to 2 students; however, groups of greater size will be expected to make greater progress. The instructors will advise each team/individual independently as needed. The project grade will be a combination of grades received for a number of milestone artifacts and the final conference-quality report.
  6. Put away devices: Out of respect for your classmates, I ask that you turn off all laptops, tablets, and phone screens for the duration of each class!
A complete syllabus for the course will be made available as a slide deck on the first day of class. You fill find it on the course schedule.

Term Project Requirements

A running description of the project milestones, requirements, and deadlines is available here: Term Project Milestones.

You should use this LaTeX template for the proposals: Project Proposal Template.

Ethics, Law, and University Policies Warning

This course will include topics related computer security and privacy. As part of this investigation we may cover technologies whose abuse could infringe on the rights of others. As computer scientists, we rely on the ethical use of these technologies. Unethical use includes circumvention of an existing security or privacy mechanisms for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class and possibly more severe academic and legal sanctions.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” Understand what the law prohibits — you don’t want to end up like this guy. If in doubt, we can refer you to an attorney.

Please review the Campus Administrative Manual (especially Policy on Appropriate Use of Computers and Network Systems at the University of Illinois at Urbana-Champaign) for guidelines concerning proper use of information technology at Illinois, as well as the Student Code (especially 1-302 Rules of Conduct, 1‑402 Academic Integrity Infractions). As members of the university, you are required to abide by these policies.


Academic Integrity Policy

The University of Illinois at Urbana-Champaign Student Code should also be considered as a part of this syllabus. Students should pay particular attention to Article 1, Part 4: Academic Integrity. Read the Code at the following URL: http://studentcode.illinois.edu/.

Academic dishonesty may result in a failing grade. Every student is expected to review and abide by the Academic Integrity Policy: http://studentcode.illinois.edu/. Ignorance is not an excuse for any academic dishonesty. It is your responsibility to read this policy to avoid any misunderstanding. Do not hesitate to ask the instructor(s) if you are ever in doubt about what constitutes plagiarism, cheating, or any other breach of academic integrity.


Students with Disabilities

To obtain disability-related academic adjustments and/or auxiliary aids, students with disabilities must contact the course instructor and the as soon as possible. To insure that disability-related concerns are properly addressed from the beginning, students with disabilities who require assistance to participate in this class should contact Disability Resources and Educational Services (DRES) and see the instructor as soon as possible. If you need accommodations for any sort of disability, please speak to me after class, or make an appointment to see me, or see me during my office hours. DRES provides students with academic accommodations, access, and support services. To contact DRES you may visit 1207 S. Oak St., Champaign, call 333-4603 (V/TDD), or e-mail a message to disability@uiuc.edu. http://www.disability.illinois.edu/.


Emergency Response Recommendations

Emergency response recommendations can be found at the following website: http://police.illinois.edu/emergency-preparedness/. I encourage you to review this website and the campus building floor plans website within the first 10 days of class. http://police.illinois.edu/emergency-preparedness/building-emergency-action-plans/


Family Educational Rights and Privacy Act (FERPA)

Any student who has suppressed their directory information pursuant to Family Educational Rights and Privacy Act (FERPA) should self-identify to the instructor to ensure protection of the privacy of their attendance in this course. See http://registrar.illinois.edu/ferpa for more information on FERPA.