CPSC 601.29 Information Systems Security Analysis (Winter 2011)

This course provides students with methods, techniques, and tools for analyzing the security properties and characteristics of real systems code.
Instructor: Michael E. Locasto

[topics] [U of C's Honesty in Academics Page] [ACM Code of Ethics] [course policies]

General Information:
Description: This course focuses on the principles of analyzing, penetrating, and defending computer systems. This subject complements a course of study that examines the theory and practice of securing computer networks. It is appropriate for graduate students or advanced undergraduates who want to learn fundamental concepts in security architecture and tools for computer system attack and defense. The course begins with a brief review of assembly programming and operating systems internals. For concreteness, concepts are demonstrated relative to the x86/Linux platform (and Windows, Solaris, or OS X as appropriate).

Topics and Goals: The instructor will cover topics including shellcode disassembly, memory protection, debugging, sandboxing (isolation & virtualization), reverse engineering, and intrusion recovery. We stress to students that this course is not solely a ``How-To'' training guide for a particular tool chest. This course relies on underlying principles for thinking about how systems can be made to fail, and its central aim is to help students understand the following abstract concepts:

The course will start with an overview of the ethical considerations involved in adopting a security analysis mindset. Additional ethical considerations will be introduced as necessary. Students will be required to adhere to the Agreement and Policy documents posted at:



Ethical Statement

Prerequisites and Related Coursework: The course assumes some familiarity with computer architecture and basic OS concepts. A background in writing C programs may help. CPSC 625: ``Principles of Computer Security'' is recommended but not required. CPSC 325 may supply background knowledge on Intel machine architecture. Students may find the course useful in conjunction with CPSC 627 and CPSC 628 for understanding related topics like code injection, rootkits, spam, botnets, spyware, and malware creation and operations.

Name Role email Office Hours
Michael E. Locasto Instructor locasto at ucalgary by appointment

Class Time: Wed/Fri 11:00 -- 12:15
Class Duration: 10 Jan to 15 April
Final Exam: no final exam
Class Location: ENA 235 [map]

Academic calendar

Course Textbook(s):


There is no required text for this course. Instead, you may find the book "Hacking: The Art of Exploitation" (2nd Edition) by Jon Erickson to be a useful reference.

Supplemental Texts: (not required, but helpful C and systems programming references)

  1. The C Programming Language, Second Edition by Kernighan and Ritchie. (ISBN 0-13-110362-8) [Prentice Hall] [Amazon] (wikipedia entry)
  2. Advanced Programming in the UNIX(R) Environment by W. Richard Stevens, Addison-Wesley Professional; 2nd edition (June 17, 2005), ISBN-10: 0201433079, ISBN-13: 978-0201433074.
  3. UNIX Systems Programming: Communication, Concurrency and Threads, 2 Ed. by Kay Robbins and Steve Robbins. San Antonio, Texas, Prentice Hall ISBN-10:0130424110, ISBN-13: 978013042411
  4. Practical C Programming, Third Edition by Steve Oualline. (ISBN 1-56592-306-5) [Barnes & Noble][Amazon][OReilly]
  5. Mastering Algorithms with C by Kyle Loudon. (ISBN 1-56592-453-3). [Amazon][OReilly][Barnes & Noble]

Lecture Notes and Course Schedule:

Please see the course wiki for notes, links to presentations and demos, and reading assignments.

The course wiki is located at: http://wiki.ucalgary.ca/page/Courses/Computer_Science/CPSC_601.29.ISSA

Course Policies:

This course is a graduate seminar, and it differs drastically from an undergraduate course. The point of this course is your intellectual enlightenment and enjoyment. I want the course to run as smoothly as possible, so I encourage feedback on both positive and negative aspects. Feel free to drop by my office, send email, or leave a note. Note that the Instructor reserves the right to modify the schedule and topics as needed.

Students should emerge from the course with an appreciation for the principles and skills of the informal ``Hacker Curriculum''. The instructor will assess student proficiency through (1) two hands-on investigative assignments, (2) a brief midterm exam, and (3) an evaluation of scientific literature. Your grade is based on 1000 points and is split according to the following partition:

I typically DO NOT scale or curve grades unless there is a classwide epidemic of failure. Plan your work and effort based on the assumption that there will be no curve. I also DO NOT typically accept late work.

You can contact me via email, but please start your email's subject with the string [CPSC601.29]; it helps me filter my email. Short (one or two paragraphs) emails are appreciated. Short emails are more likely to get a response.

I encourage collaboration in every aspect of the course but the actual assignments and midterm. Your answers to these exercises must be your original work.

Cheating and Plagiarism are absolutely forbidden. I assume that you have read U of C's policies on academic honesty. This is the Faculty of Science boilerplate text on this topic: "ACADEMIC MISCONDUCT: (cheating, plagiarism, or any other form) is a very serious offence that will be dealt with rigorously in all cases. A single offence may lead to disciplinary probation or suspension or expulsion. The Faculty of Science follows a zero tolerance policy regarding dishonesty. Please read the sections of the University Calendar under K. Student Misconduct http://www.ucalgary.ca/pubs/calendar/current/k.html to inform yourself of definitions, processes and penalties."

Disability Statement: If you have a documented learning disability or other condition that may affect academic performance, you should make sure this documentation is on file with the Disability Resource Center. Please talk with me to discuss your accommodation needs.

last updated: 16 December 2010
Copyright © Michael E. Locasto 2010-2011