Note: If you’re reading the PDF version of this syllabus, you should switch to the HTML version online if possible.
Tuesdays 9:30am to 11:30am in Jitsi and in person at BYENG 574. I may forget to get online, so if you’re trying to attend online and I’m not there please shoot me a quick email and I’ll jump into Jitsi.
I’ll announce the TA’s name(s) and office hours early in the semester. Please do not contact the TA directly, all course-related communications with the TA should be through online discussion or office hours.
For course logistics questions message the instructor (Prof. Crandall) directly (preferably through Canvas, but email is okay). For anything where you may require some accomodation there needs to be a paper trail, so email the instructor directly. The TA only helps with homeworks and course logistics like attendance, so there is no reason to email them about your attendance, extensions, etc.
“Comprehensive understanding of network security and corresponding solutions, including cryptography, access control, secure Web transactions, e-mail security, and viruses.”
Prerequisite(s): Computer Engineering or Computer Science graduate student or Data Science, Analytics and Engineering PhD or Software Engineering MS OR Online Computer Science nondegree-seeking graduate student.
The grade will be calculated as follows:
Final letter grades are based on the following scale where x is the percentage: 97.0 <= x <= 100.0 is an A+, 93.0 <= x < 97.0 is an A, 90.0 <= x < 93.0 is an A-, 87.0 <= x < 90.0 is an B+, 83.0 <= x < 87.0 is an B, 80.0 <= x < 83.0 is an B-, 77.0 <= x < 80.0 is an C+, 73.0 <= x < 77.0 is an C, 70.0 <= x < 73.0 is an C-, 60.0 <= x < 70.0 is D, and x < 60.0 is an E.
There will be no adjustments to grades at the end of the semester. If you missed a certain grade by a small fraction of a percent, I can’t do anything about that out of fairness to the rest of the class. Grades will not be curved in any way.
There is no textbook for the course, neither required nor recommended. All materials used for the course lectures and assignments will be widely and publicly available and/or licensed open source.
For every course you are entitled to:
Attendance and participation are required. You must bring a device to class that is capable of logging into Canvas, since you will record your attendance each day in the first 15 minutes of class through Canvas. Stay until the end of class if you mark yourself present, at the end of each lecture period I reserve the right to choose a small number of random names (uniformly at random) and check ASU IDs for those students on the way out the door. Any instance of reporting yourself as present for a day where you were late to class, left early, or did not come at all will be treated as a case of academic dishonest. If you lie about attendance in Canvas on one of the attendance quizzes I will give you an F in the course and report you to the AIO.
You will receive three absences without penalty, i.e., I will forgive up to three absences in your grade calculation at the end of the semester. There will be no “bonus” points for students who do not use all of their absences. In principle, you should be interested in learning the material and wanting to come to class. I only include attendance as part of the grade because without doing this half the class chooses not to show up on any given day. Even with attendance as part of the grade this happens because students “cheat” and report themselves as present when they are not. If you don’t feel like coming to class regularly is worth your time, come discuss it with me in office hours and maybe I can adjust my lecture style or you can switch to a different class about a subject you actually want to learn about.
I encourage you to send me an email when you miss class. Do not send Canvas messages because I have no way to save them. You can simply say “I missed class for personal reasons”, or you can give me a reason. I won’t judge whether the absence is excusable or not, but if you need an incomplete, more forgiven absences for grading purposes, or some other accomodation the paper trail of emails could be helpful. I am unlikely to accomodate extended absences, incomplete grades, etc. without the Dean of Students office or SCAI advisement being involved, so make sure you reach out to them when you run into life difficulties that will affect your attendance and performance in this class (or any classes).
Note that absences that fall under policies ACD 304-04, ACD 304-02, or ACD 304-11 won’t count against your grade or take away from the three forgiven absences at the end of the semester. However, if you want to utilize one of these three policies you need to make that clear and have all the proper documentation.
The course will be a combination of in-person lectures on Wednesdays and papers to read and discuss on Mondays. Both will occur during the regularly scheduled class period.
For questions and answers regarding course materials and homework please use the course’s discussion board or come to office hours, unless there is some compelling reason to use email. Use email for course administrativia so there is a paper trail (I delete old Canvas messages after they have been addressed), but feel free to ping me in Canvas so I don’t miss the email. Feel free to email me any time for anything, I won’t shame you, but if you’re asking questions about the homework or lectures you’re much more likely to get a timely response in the course discussion platform than via email, and if you email me about important things you might have to ping me because I don’t keep my email inbox clean like I do my Canvas inbox.
All homeworks should be done in Linux. You can use other OSes, but if you need help (tool recommendations, help with debugging, troubleshooting error messages, etc.) I will only try to help you with OS-specific things if you’re using Linux.
You are responsible for your own file backups and time management. E.g., feel free email me, or send as a private post in Piazza, the day before something is due, “I worked on it all day and then my VM crashed and I lost my file!” I won’t shame you, but that’s not grounds for an extension and I’m not going to be able to do anything about it to make sure you submit your homework on time. I recommend keeping your code and other work for this course in a private repository (e.g., on github) that you periodically commit to.
Please refrain from anything that will distract you or others from fully engaging in the class. Disruptive behavior will be dealt with according to university policies. While classroom behavior is not explicitly part of the grade, you are hereby notified that your attendance and classroom behavior are considered as part of your overall performance in the course to the extent allowed by university policies.
You may not record class discussions without permission.
As stated above, no textbook is required for this course.
First half of the course: Network attacks, network defenses, Network Intrusion Detection Systems (NIDS), and NIDS evasion…
-Crypto basics (maybe review) -Network basics (maybe review) -Physical and link-layer attacks, WiFi attacks -Routing and transport-layer attacks -Side channel attacks on network protocols -DNS attacks -Web security -Firewalls and NAT -VPNs -NIDS -NIDS evasion
Second half of the course: Information controls on the Internet and related Internet measurement research…
-On-path censorship (Great Firewall of China as an example) -In-path censorship (Great Cannon and Russia’s TSPU as an example) -In-path machine-in-the-middle attacks (NSA QUANTUM INSERT and Turk Telekom as examples) -In-path machine-in-the-middle attacks (Great Cannon as an example) -Surveillance (WeChat and Meituan as examples) -Throttling (Russia’s TSPU as an example) -Internet blackouts
Refer to the course website for readings on Mondays. You are expected to read the assigned paper(s) for each day and come prepared to discuss it.
Students will be evaluated on attendance, their performance on homework assignments and final projects, and their performance on exams. Details are above.
Homework due dates will be posted in advance on Canvas and announced in class. All times will be Mountain Standard Time, i.e., Arizona time.
Students in this class must adhere to ASU’s academic integrity policy, which can be found at https://provost.asu.edu/academic-integrity/policy. Students are responsible for reviewing this policy and understanding each of the areas in which academic dishonesty can occur. In addition, all engineering students are expected to adhere to both the ASU Academic Integrity Honor Code and the Fulton Schools of Engineering Honor Code. All academic integrity violations will be reported to the Fulton Schools of Engineering Academic Integrity Office (AIO). The AIO maintains record of all violations and has access to academic integrity violations committed in all other ASU college/schools.
This course has a zero-tolerance policy:
-Any violation of the academic integrity policy (detailed below) will lead to a failure on this course. -The violation will be reported to the AIO.
If you need more time to accomplish a homework assignment, please tell the instructor and ask for an extension. Extensions will be considered for circumstances that are/were beyond your control. Do not attempt plagiarism.
For this course, you are allowed to use code snippets that you find on the Internet as long as you specify clearly in the comment of your source code where the code snippets come from, and the source snippets existed before the assignment was assigned. You are not allowed to upload any part of your solution online or show it to other students. Using other students’ answers or code, past or present, with or without a citation is seen as a violation of the academic integrity policy. You may or may not be asked to turn in your source code for any given assignment. In any case, if I suspect cheating I reserve the right to require you to come to my office and show me a live demonstration of your source code and answer questions to get full points. Some assignments are graded automatically by grade scripts with anti-cheating mechanisms built-in. Do not cheat – it is not worth risking your grade and your academic profile.
Title IX is a federal law that provides that no person be excluded on the basis of sex from participation in, be denied benefits of, or be subjected to discrimination under any education program or activity. Both Title IX and university policy make clear that sexual violence and harassment based on sex is prohibited. An individual who believes they have been subjected to sexual violence or harassed on the basis of sex can seek support, including counseling and academic support, from the university. If you or someone you know has been harassed on the basis of sex or sexually assaulted, you can find information and resources at https://sexualviolenceprevention.asu.edu/faqs. As a mandated reporter, I am obligated to report any information I become aware of regarding alleged acts of sexual discrimination, including sexual violence and dating violence. ASU Counseling Services, https://eoss.asu.edu/counseling is available if you wish to discuss any concerns confidentially and privately. ASU online students may access 360 Life Services, https://goto.asuonline.asu.edu/success/online-resources.html.
All course content and materials, including lectures (Zoom recorded lectures included), are copyrighted materials. You may not share outside the class, upload to online websites not approved by the instructor, sell, or distribute course content or notes taken during the conduct of the course. See ACD 304-06, “Commercial Note Taking Services” and ABOR Policy 5-308 F.14 for more information.
You must refrain from uploading to any course shell, discussion board, or website used by the course instructor or other course forum, material that is not the student’s original work, unless the students first comply with all applicable copyright laws; faculty members reserve the right to delete materials on the grounds of suspected copyright infringement.
Students, faculty, staff, and other individuals do not have an unqualified right of access to university grounds, property, or services. Interfering with the peaceful conduct of university-related business or activities or remaining on campus grounds after a request to leave may be considered a crime. All incidents and allegations of violent or threatening conduct by an ASU student (whether on- or off-campus) must be reported to the ASU Police Department (ASU PD) and the Office of the Dean of Students.
Suitable accommodations will be made for students having disabilities. Students needing accommodations must register with the ASU Disabilities Resource Center and provide documentation of that registration to the instructor. Students should communicate the need for an accommodation in sufficient time for it to be properly arranged. See ACD 304-08, Classroom and Testing Accommodations for Students with Disabilities.
Any information in this syllabus may be subject to change with reasonable advance notice. If there is a contradiction in the syllabus or between something I said elsewhere (e.g., in class or on Canvas) and the syllabus, please bring it to my attention and it will be corrected.