CS348: Introduction to Information Security (정보보호개론)
Logistics
- Instructor: Kihong Heo (허기홍, kihong.heo@prosys.kaist.ac.kr)
- TAs (mailing list: cs348.ta@prosys.kaist.ac.kr)
- Yeonhee Ryou (류연희)
- Jongchan Park (박종찬)
- Sujin Jang (장수진)
- Time: Mon/Wed 09:00 - 10:30
- Location: N1 117
- Office hours:
- Instructor: Mon 10:30 - 11:30
- TAs: Wed 13:30 - 14:20
Course Description
This course covers the overall contents of information security. Students will be exposed to fundamental concepts in information security including cryptography, system security, software security, web security, and network security. This course introduces how security attacks occur in modern computing environments. Students will also have opportunities to understand techniques to discover and disable such security attacks.
Grading
- Homework 50%
- Exam 40%
- Participation 10%
Notice that participation does not mean attendance but includes various activities during the semester. There is no attendance score because attendance is expected by default.
Textbook
- Lecture slides will be provided
- Ross Anderson, Security Engineering (SE)
- Paul C. van Oorschot, Computer Security and the Internet (CSI)
- J. Katz and Y. Lindell, Introduction to Modern Cryptography (IMC)
- Andreas Zeller et al., The Fuzzing Book (Fuzzing)
- Xavier Rival and Kwangkeun Yi, Introduction to Static Analysis : an abstract interpretation perspective (ISA)
Homework
This course includes written and programming assignments.
Students will use a few tools which are described here.
All submissions will be managed using Github.
For each assignment, a unique invitation URL for Github Classroom will be posted in the issue board.
Once you accept the invitation, a private repository for your assignment will be created.
You can push as many commits as you want before the deadline. We will grade the final commit of your main branch.
The late homework policy is as follows:
- 80% credit for one day late
- 50% credit for two days late
- NO credit given after two days late
Academic Integrity Violation
Students who violate academic integrity will get F. See the KAIST CS honor code.
Schedule
| # | Topics | Reading | Homework |
|---|---|---|---|
| 0 | Functional Programming in OCaml | HW0: Hello-world, OCaml programming | |
| 1 | Introduction | ||
| 2 | Concepts in Security | ||
| 3 | Classical Cryptography | IMC Ch1 | HW1: Classical Cryptography |
| 4 | Symmetic-key Encryption | IMC Ch2, Ch3, AES Visualization | HW2: Mini-AES |
| 5 | Message Integrity | IMC Ch4,  Birthday Paradox |
|
| 6 | Availability | ||
| 7 | Public-key Cryptography | IMC Ch11, Ch12, Ch13, Diffie-Hellman |
HW3: Mini-RSA |
| 8 | Access Control | Zelkova | HW4: Access Control System |
| 9 | Web Security | CSI Ch9 | |
| 10 | Software Vulnerabilities | HW5: Exploitation | |
| 11 | Safe Programming Systems | Undecidability   |
|
| 12 | Dynamic Analysis and Fuzzing | HW6: Fuzzer | |
| 13 | Static Analysis | CACM'19, Zoncolan | HW7: Static Analyzer |
| - | Final Exam |
Hall of Fame
See the outstanding achievement of our friends here.
Advanced Course
Acknowlegement
A large part of the slides is based on the lecture notes of Prof. Min Suk Kang at KAIST.