Spring 2014


[Home] [Syllabus]



This course has an external class website at where the lecture notes will be posted. The Blackboard (Bb) site will have the other course material.  

Instructor: Dr. Sen-ching Cheung (cheung at

Office: DMB 217 (218-0299)

Office hours: TTh 1-4pm

Teaching Assistant: Zhaohong Wang (zhaohong dot wang at uky dot edu)


TTh 9:30am-10:45pm (FPAT 265)


Course Description

This course is about cyber-security or information security, which focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction. As information systems, databases, and Internet-based distributed systems and communication become pervasive, cyber-attacks and digital spying eclipse terrorism to become the top threat to national security. Cyber-security education has emerged as a national goal in the United States and other countries, with implications to both national defense and homeland security.


The goals of this course is to provide an up-to-date survey of developments in cyber-security through study of the theoretical foundation and hands-on practical implementation. Topics covered will include basic security technology, cryptography, security management, risk assessment, operations and physical security, software and network security, as well as ethical and legal issues. Hands-on experiments will include encryption/decryption, authentication and authorization protocols, network protection approaches including firewalls and intrusion detection systems, as well as operating systems and application vulnerabilities, exploits, and countermeasures.

Expected outcomes of student learning

·        Understand and discuss the concept of cyber-security management

·        Perform risk assessment of a cyber-system

·        Analyze different methods of attacking and defending cyber-systems

·        Develop secure computer programs

·        Understand and discuss the concepts of network security and secured protocols

·        Explain the legal and ethical issues of cyber-security

·        Implement standard practices of backup and recovery


Your grade will be based on:






Midterm, Final


Final Project



  1. Homework and Laboratory Exercises

-        They will be assigned roughly bi-weekly.

-        While we will discuss homework in class, each student must do his or her homework.

-        Late homework will not be accepted without prior notice.   

  1. Quizzes

-        Quizzes will be given online on Blackboard.

-        While all quizzes are open-book, each quiz must be completed within half an hour.

  1. Midterm and Final

-        One double-sided chat sheet is allowed for midterm and two for final

-        Make-up exams will only be given if the student contacts the instructor prior to the exam and receives permission to make up for the test.

  1. Final project

-        It is a team project of two-three students.

-        Grading is based on an in-class presentation+demo and a project report.

  1. Grade Assignment

-        The letter grade assignment is based on the following scale: from 100 to 90 pts => A, from 89 to 80 pts. => B, from 79 to 70 pts => C, from 60 to 69 pts. => D, from 59 to 0 pts. => E.   

6.      Plagiarism

-        I have a zero-tolerance policy for all forms of plagiarism, from copying a homework answer from your friend or solutions from previous terms to cheating in the exams. Not only you will lose all the points for that assignment, the incident will also be reported to the Department Chair who will determine the appropriate disciplinary action.

Required Text

Required Text


 Stallings and Brown

Computer security: principles and practice, second edition, Pearsons, 2012.

Book Online Content

Selected papers provided by the instructor

Programming Assignments

There is a fair amount of programming and simulation assignments throughout the semester. Basic familiarity of the Unix system is required. We will apply the knowledge from the class in realistic security scenarios, attacking or defending real servers on the DeterLab testbed for security experimentation. The DeterLab testbed is a general-purpose experimental infrastructure that supports research and development on next-generation cyber security technologies. The testbed allows repeatable medium-scale Internet emulation experiments for a broad range of network security projects, including experiments with malicious code. We will get you accounts on the DeterLab network. For this purpose, your names and email addresses ( will be forwarded to the DeterLab administrator.


This course is suitable as an elective for computer engineering or computer science seniors and graduate students. Good working knowledge of the following courses or equivalent is required:

1.      CS 315 Algorithm Design

2.      EE 586/CS 571 Computer Networking (desirable)

3.      CS 470 Operating System (desirable)