Introduction to Computer Security Fall 2019

This course teaches the security mindset and introduces the principles and practices of computer security as applied to software, host systems, and networks. It covers the foundations of building, using, and managing secure systems. Topics include standard cryptographic functions and protocols, threats and defenses for real-world systems, incident response, and computer forensics. See the schedule for details.

Prerequisites EECS 281 required; EECS 370 recommended
Lectures Section 001: Tue./Thur. 12:00–1:30, 1109 FXB
Section 002: Tue./Thur. 1:30–3:00, 1670 Beyster
Section 003: Tue./Thur. 4:30–6:00, 1500 EECS
Slides will be posted on Piazza, but recordings will be made available only during exam review or in cases of excused absence.
Lab Sections /
Office Hours
See calendar below. Lab sections will introduce tools and concepts that are important for completing the projects. All labs are in 1620 Beyster. Visit any TA’s office hours for assignment help or grading concerns. Visit the professors’ office hours for questions about lecture material.
Sabrina Brogren
Colin Boerger
Matthew Edwards
Issa El-Amir
Max Froehlich
Joe Ginsburg
Jason Kim
Sid Sawhney
Prerana Shenoy
Communication We'll use Piazza for announcements, discussion, lecture and discussion slides, and questions about assignments and other course material. For administrative issues, email to contact the course staff. Assignments will be distributed here and collected and graded via GitHub and Gradescope.
Reference Books
No textbook is required, but if you would like additional references, we recommend:
Security Engineering by Ross Anderson
Cryptography Engineering by Ferguson, Schneier, and Kohno
Resources Security Research at Michigan
Security Reading Group (SECRIT)
EECS 588 (graduate-level security class)


We'll calculate your course grade based on these components:
Homework Exercises 25% Five homework exercises, completed on your own
Programming Projects 40% Five programming projects, completed in teams of two
Participation 5% Attendance and forum activity, questions and intellectual contributions
Final Exam 30% One exam covering all material from the course (December 16, 7 – 9 PM)

Ethics, Law, and University Policies Warning

To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university’s rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy in EECS 388 is that you must respect the privacy and property rights of others at all times, or else you will fail the course.

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern “hacking.” Understand what the law prohibits — you don’t want to end up like this guy. If in doubt, we can refer you to an attorney.

Please review the university’s policy on Responsible Use of Information Resources for guidelines concerning proper use of information technology at U-M, as well as the Engineering Honor Code. As members of the university, you are required to abide by these policies.

Students with Disabilities

If you believe you need an accommodation for a disability, please let an instructor know at your earliest convenience. Some aspects of courses may be modified to facilitate your participation and progress. As soon as you make an instructor aware of your needs, they can work with the Services for Students with Disabilities (SSD) office to help determine appropriate academic accommodations. Any information you provide will be treated as private and confidential.

Mental Health and Well-being

The University of Michigan is committed to advancing the mental health and wellbeing of its students. A variety of issues—such as strained relationships, anxiety, alcohol or drug problems, and depression—can directly impact student academic performance. If you or someone you know is feeling overwhelmed, depressed, or otherwise in need of support, services are available. Contact Counseling and Psychological Services (CAPS) or University Health Service (UHS).