Instructor Gang Wang (gangw@illinois.edu), Office Hour: 10:45 am (M/W) over zoom (after class) and by appointment
Time/Location 09:30 am - 10:45 am (M/W)
Zoom info available in this Google Doc (please use your illinois account to access the info)
TA TA: Elizabeth He (ehe3@illinois.edu)
CA: Kevin Tu (ktu3@illinois.edu)
Please visit Piazza for office hours

Get Ready for the Class

  • Make sure you have signed up to the Piazza group of this class
  • Check if you have access to the quiz release page (to be opened after August 23, 2021)
  • Create your git repo under class github (to be opened after August 23, 2021)

Class Description

Program security, trusted base, privacy, anonymity, non-interference, information flow, confinement, advanced auditing, forensics, intrusion detection, key management and distribution, policy composition and analysis, formal approaches to specification and verification of secure systems and protocols, and topics in applied cryptography. Course Information: Same as ECE 424. 3 undergraduate hours. 3 or 4 graduate hours. Prerequisite: CS 461. Recommended: CS 475. If you plan to take CS 461 and CS 463 in the same semester, it should be OK. Please let the instructor know ahead of time.

Learning Goals: Identify and address privacy issues in social networks; Apply machine learning to security and address adversarial machine learning; Use crypto constructs (homomorphic encryption, multi-party computation, etc.); Identify and address issues with de-identification; Use hardware designed to support trusted computing; Reason about information flow, computational security for encryption; Recognize threats and design mitigations for security in key sectors (healthcare, power grid, transportation, etc.); Understand architecture and recognize threats for smartphone security; Recognize issues with web privacy (especially cookies and advertising); Analyze human factors; Recognize and mitigate insider threats; Understand architecture and recognize threats for security in the Internet of Things (IoT); Recognize drivers and tactics in cyber warfare, and other topics of emerging interest in security and privacy.

Important note: It assumes a basic knowledge of the area such as the material covered by Computer Security I (CS 461). If you plan to take CS 461 and CS 463 in the same semester, it should be OK. Please let the instructor know ahead of time. The class will expect ability to program in Java and C or C++.

Expected Work

Participation: Students are required to attend all the lectures (but exceptions are allowed, e.g., for students who face challenges caused by time zone differences or Internet access) . Please inform the instructor and the TA via email if you cannot make it to the class.

Quizzes: Students are expected to complete a short quiz after each lecture (within the week of the lecture). The quiz contains 4-5 single-choice or multi-choice questions. The quiz is closely related to the respective lecture and is designed to be light-weighted (and hopefully fun) to improve student engagement during the lecture. Quiz is not graded --- students will receive points by simply trying them.

Machine Problem (MP): Students are expected to work on 4-5 MPs throughout the semester. The projects will involve hand-on programming and data analysis, covering various topics that complement the lecture topics. Example topics include tracking user location based on social network data, interacting with Bitcoin APIs, multiple parties performing joint machine-learning without directly exchanging data. The list of project topics will be released later in the Spring.

Survey paper: This is for 4-credit student only.

Class Schedule

Date Topic Note
Week 1: Aug 23 Course Plan (GW) slides-1 slides-2
Week 1: Aug 25 Introduction (GW) slides MP1 open
Week 2: Aug 30 Online Social Networks (GW) slides
Week 2: Sep 1 Machine Learning 1 (GW) slides
Week 3: Sep 6 Labor Day: No Class
Week 3: Sep 8 Machine Learning 2 (GW) slides MP1 due (MP2 open)
Week 4: Sep 13 Crypto Constructs (GW) slides
Week 4: Sep 15 De-Identification (GW) slides
Week 5: Sep 20 Bitcoin (GW) slides
Week 5: Sep 22 Trusted Computing 1 (GW) slides MP2 due (MP3 open)
Week 6: Sep 27 Trusted Computing 2 (GW) slides
Week 6: Sep 29 Information Flow (GW) slides
Week 7: Oct 4 Crypto Models 1 (GW) slides
Week 7: Oct 6 Midterm
Week 8: Oct 11 Crypto Models 2 (GW) slides
Week 8: Oct 13 Smartphones 1 (GW) slides MP4 open (MP3 due)
Week 9: Oct 18 Smartphones 2 (GW) slides
Week 9: Oct 20 Web Privacy (GW) slides
Week 10: Oct 25 Automobiles (GW) slides
Week 10: Oct 27 Automobiles AML (GW) slides
Week 10: Oct 29 Survey proposal due (4-credit)
Week 11: Nov 1 Invited Lecture (TBA)
Week 11: Nov 3 Code Stylometry (GW) slides MP4 due (MP5 open)
Week 12: Nov 8 Health IT (GW) slides
Week 12: Nov 10 Side Channel Attacks (GW) slides
Week 13: Nov 15 Insider Threats (GW) slides
Week 13: Nov 17 Cyber Warfare (GW) slides
Week 14: Nov 22 Fall Break
Week 14: Nov 24 Fall Break
Week 15: Nov 29 Invited Lecture (TBA)
Week 15: Dec 1 Conclusion (GW) slides
Week 15: Dec 4 MP5 due
Week 16: Dec 6 MP5 presentation
Week 16: Dec 8 MP5 presentation
Week 16: Dec 12 Survey due (4-credit)
Week 17: TBA Final Exam

Grading

Class attendance and participation15%
Midterm15%
Final30%
MP1 6%
MP2 7%
MP3 8%
MP4 9%
MP5 10%

This will be used for 100% of the grade for 3-credit students and 75% of the grade for 4-credit students. 4-credit students are expected to complete a survey paper (25% of the total grade). Letter grades are assigned based on how well you do (e.g., 83+ means "A"), not based on your performance relative to other students.

Policies

Late Policy: Please see the individual assignment instructions.

Academic Integrity: Students must follow the university's guidelines on academic conduct (quick link). This course will have a zero-tolerance policy regarding plagiarism. You should complete all the assignments and quizzes on your own. In this course, you can help your classmates with questions such as how to use the programming language, what the library classes or methods do, what the errors mean, and how to interpret the assignment instructions. You are encouraged to post any such questions to the course discussion forum, and are also encouraged to answer questions posted to the forum from other students. However, you may not give or receive help from others (except the TA) with writing your program code or writing your answers for any of the assignments or tests. Do not show or share your program code with others, and do not view or copy source code from others. All electronic work submitted for this course will be archived and subjected to automatic plagiarism detection. Whenever in doubt, please seek clarifications from the instructor. Students who violate Academic Integrity policies will be immediately reported to the department and the college (which could leave a permanent mark on the transcript).

Note: students who are struggling with problems in a program assignment may have trouble interpreting an error message or diagnosing an error in their source code. I encourage you to ask questions about the interpretation of error messages on the forum, and to offer constructive advice to fellow students who run into such problems. If you are asking for help with an error or problem, describe it without showing code where possible. When necessary, you may post a short segment of your code that you believe contains the problem (a handful of lines where you believe the problem to be). However, refrain from posting significant portions of your problem solution to the course discussion board. Posts with excessive code may be deleted without notice. Ask the instructor/TA if you are unsure what you are about to post is appropriate. Other than small code segments posted to the course discussion board, you should not use any mechanisms to share or view another student's code, and should not post your own code in any publicly accessible location.

Special Accommodations: If you need special accommodations because of a disability, please contact the instructor in the first week of classes.