Instructor Gang Wang (, Office Hour: TBA
Time/Location Online

Class Description

Program security, trusted base, privacy, anonymity, non-interference, information flow, confinement, advanced auditing, forensics, intrusion detection, key management and distribution, policy composition and analysis, formal approaches to specification and verification of secure systems and protocols, and topics in applied cryptography. Course Information: Same as ECE 424. 3 undergraduate hours. 3 or 4 graduate hours. Prerequisite: CS 461. Recommended: CS 475. If you plan to take CS 461 and CS 463 in the same semester, it should be OK. Please let the instructor know ahead of time.

Learning Goals: Identify and address privacy issues in social networks; Apply machine learning to security and address adversarial machine learning; Use crypto constructs (homomorphic encryption, multi-party computation, etc.); Identify and address issues with de-identification; Use hardware designed to support trusted computing; Reason about information flow, computational security for encryption; Recognize threats and design mitigations for security in key sectors (healthcare, power grid, transportation, etc.); Understand architecture and recognize threats for smartphone security; Recognize issues with web privacy (especially cookies and advertising); Analyze human factors; Recognize and mitigate insider threats; Understand architecture and recognize threats for security in the Internet of Things (IoT); Recognize drivers and tactics in cyber warfare, and other topics of emerging interest in security and privacy.

Important note: It assumes a basic knowledge of the area such as the material covered by Computer Security I (CS 461). If you plan to take CS 461 and CS 463 in the same semester, it should be OK. Please let the instructor know ahead of time. The class will expect ability to program in Java and C or C++.

Expected Work

Participation: Students are required to attend all the lectures (but exceptions are allowed, e.g., for students who face challenges caused by time zone differences or Internet access) . Please inform the instructor and the TA via email if you cannot make it to the class.

Quizzes: Students are expected to complete a short quiz after each lecture (within the week of the lecture). The quiz contains 4-5 single-choice or multi-choice questions. The quiz is closely related to the respective lecture and is designed to be light-weighted (and hopefully fun) to improve student engagement during the lecture. Quiz is not graded --- students will receive points by simply trying them.

Machine Problem (MP): Students are expected to work on 4-5 MPs throughout the semester. The projects will involve hand-on programming and data analysis, covering various topics that complement the lecture topics. Example topics include tracking user location based on social network data, interacting with Bitcoin APIs, multiple parties performing joint machine-learning without directly exchanging data. The list of project topics will be released later in the Spring.

Survey paper: This is for 4-credit student only.

Class Schedule


Class attendance and participation15%
MP1 6%
MP2 7%
MP3 8%
MP4 9%
MP5 10%

This will be used for 100% of the grade for 3-credit students and 75% of the grade for 4-credit students. 4-credit students are expected to complete a survey paper (25% of the total grade). Letter grades are assigned based on how well you do (e.g., 83+ means "A"), not based on your performance relative to other students.


Late Policy: Please see the individual assignment instructions.

Academic Integrity: Students must follow the university's guidelines on academic conduct (quick link). This course will have a zero-tolerance policy regarding plagiarism. You should complete all the assignments and quizzes on your own. In this course, you can help your classmates with questions such as how to use the programming language, what the library classes or methods do, what the errors mean, and how to interpret the assignment instructions. You are encouraged to post any such questions to the course discussion forum, and are also encouraged to answer questions posted to the forum from other students. However, you may not give or receive help from others (except the TA) with writing your program code or writing your answers for any of the assignments or tests. Do not show or share your program code with others, and do not view or copy source code from others. All electronic work submitted for this course will be archived and subjected to automatic plagiarism detection. Whenever in doubt, please seek clarifications from the instructor. Students who violate Academic Integrity policies will be immediately reported to the department and the college (which could leave a permanent mark on the transcript).

Note: students who are struggling with problems in a program assignment may have trouble interpreting an error message or diagnosing an error in their source code. I encourage you to ask questions about the interpretation of error messages on the forum, and to offer constructive advice to fellow students who run into such problems. If you are asking for help with an error or problem, describe it without showing code where possible. When necessary, you may post a short segment of your code that you believe contains the problem (a handful of lines where you believe the problem to be). However, refrain from posting significant portions of your problem solution to the course discussion board. Posts with excessive code may be deleted without notice. Ask the instructor/TA if you are unsure what you are about to post is appropriate. Other than small code segments posted to the course discussion board, you should not use any mechanisms to share or view another student's code, and should not post your own code in any publicly accessible location.

Special Accommodations: If you need special accommodations because of a disability, please contact the instructor in the first week of classes.