COMP 4580 Computer Security





      15/01: Lecture 6 is now available

      08/01: Project proposal is due on Jan 22nd in Class (hardcopy)



      Instructor: Noman Mohammed

      Email: (Please mention COMP 4580 in the subject)

      Lecture time and location: M/W/F 1:30 in EITC E2 Room # 150

      Office location: EITC E2-417

      Office hours: M/W 11:00 AM to 12:30 PM

      Course website:


Course Description


This course provides an introduction to security and privacy issues in various aspects of computing, including cryptography, software, operating systems, networks, databases, and Internet applications. It examines causes of security and privacy breaches, and gives methods to help prevent them.




      COMP 3430 and COMP 3720 or COMP 3010


Textbook and Other Readings


  • Introduction to Computer Security, by Michael T. Goodrich and Roberto Tamassia. Addison Wesley, 2011.


  • Recommended optional textbooks:
    1. Computer Security – A Hands-on Approach, by Wenliang Du, 2017.
    2. Security in Computing, by Charles P. Pfleeger and Shari Lawrence Pfleeger.  Prentice Hall, 4th edition, 2007.
    3. Understanding Cryptography, by C. Paar and J. Pelzl. Springer, 2010.
    4. Network Security: Private Communication in a Public World, by Charlie Kaufman, Radia Perlman, and Mike Speciner. Prentice Hall, 2nd edition 2002.
    5. Hacking: The Art of Exploitation, by Jon Erickson. No Starch Press, 2nd edition, 2008.




      Assignments (3-5): 30%

      Midterm: 20%

      Final: 30%

      Research Paper: 20%


Administrative Policy


1.     There will be 3-5 assignments worth a total of 30% towards your final grade. The assignments may include both written and programming questions. Late submissions suffer a penalty rate of 20% per day, up to 5 days (weekends count).

2.     The midterm and final are closed-book exams. The midterm covers all material presented up to that point in the course. The final exam covers material from the whole term, with emphasis on the second half of the course. Detailed information about the midterm will be released at a later time.

3.     There is no makeup to a missing midterm, so make sure that you write the midterm at the scheduled time. In the case of a serious illness or emergency, the weight of the midterm will be moved towards the final exam.

4.     Final exam make-up is possible ONLY under a university-approved condition, such as sickness with a doctor's note. Be prepared to provide written documentation (e.g., a medical excuse from your doctor) to verify the emergency and its seriousness.

5.     Students are expected to attend every class. Some material may only be covered in class and not made available on the course note/website. Students are expected to read the assigned materials and to actively participate in class discussions.

6.     In the event of extraordinary circumstances beyond the University's control, the content and/or evaluation scheme in this course is subject to change.








Reading & Assignments


Jan 3

Course Logistics and Overview

      Course Outline

      Read Sections 1.1.1 and 1.1.3

Lecture 1

Jan 5

Security basics and Crypto Intro

      Read Section 1.3.1

Lecture 2

Jan 8


Historical Ciphers

      Watch a talk on The Growth of Cryptography by Professor Ronald Rivest.

      Read Sections 8.1.1 to 8.1.3

Lecture 3


Jan 10


Historical Ciphers, AES

      Read Sections 8.1.4 to 8.1.6

Lecture 4

Jan 12


Modes of Operation (ECB, CBC, CTR)

      Read Section 8.1.7

Lecture 5

Jan 15


Public-Key Cryptography

(DH Key Exchange)

      Read Section 8.2.4

Lecture 6

Jan 17


Public-Key Cryptography


      Read Section 8.2.2

Lecture 7

Jan 19





Jan 22


      Research Proposal Due in Class (hardcopy; maximum half page)

o   Mention the Name and ID of the group members

o   Title and a brief description of the project


Jan 24




Jan 26




Jan 29




Jan 31




Feb 2




Feb 5




Feb 7




Feb 9




Feb 12




Feb 14




Feb 16




Feb 26




Feb 28