Practicum in Computer Security
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
slides
README.md

README.md

Syllabus for CS 5439

Syllabus for CS 5439

Welcome to CS 5439, Practicum in Computer Security. The goal is to learn about computer security as seen in practice. The class can be taken as a supplement to the security survey course CS 5435, or by itself.

For Fall 2018 the practicum will focus on the technology-related threat models that arise in intimate partner violence (IPV), which is sexual, physical, financial, technological, or emotional violence against an intimate partner. IPV is experienced by roughly one quarter of women and one sixth of men at some point in their lives. We will learn about how abusers exploit technology to spy on, harass, or otherwise harm their victims. We will investigate how security mechanism design fails to account for attackers with intimate knowledge of the target and physical access to devices. We will explore ways to improve technology to better empower (potential) victims. Homeworks will be designed to not only gain understanding and appreciation of computer security mechanisms, but also to produce materials useful in practice for advocates and survivors of technology abuse.

Lectures: Wednesdays, 9:30am-10:45am

Classroom: Bloomberg Center 161

Instructor: Tom Ristenpart (https://rist.tech.cornell.edu)

Office hours: By appointment

TA: Diana Freed dlf92@cornell.edu (https://infosci.cornell.edu/content/freed)

Office hours: By appointment

Pre-requisites

Students should have knowledge of contemporary consumer technologies (smartphones, social networking apps, etc.).

Requirements

The class will involve a combination of lectures, in-class exercises, readings, and homeworks. Readings for a lecture should be completed before lecture. All homework assignments should be submitted by midnight of the Monday prior to the next class meeting. You'll be graded according to the following:

  • Participation: 20%
  • Homeworks: 80% (each homework will count an equal amount)

There will likely be opportunities for extra credit, as well.

For those taking a third unit via independent study, there will additionally be a course project. You will receive the same grade across both independent study and the 2-unit portion fo the course. Grading will be broken down according to the following:

  • Participation: 20%
  • Homeworks: 50% (each homework will count an equal amount)
  • Project: 30%

Background reading and Lecture notes

For an easy introduction to some of the issues, check out a mainstream press article we wrote, and some coverage of our work in the NY Times. These articles provide a good overview of a subset of the tech issues we will discuss in the class, namely spyware. For more in-depth discussion, see our IPV Tech Research group website and research papers.

Lecture schedule

A very preliminary schedule is shown below. It will be updated with topics and associated readings as we progress.

Date Topic Speaker Readings Homework Slides
Aug 29 Intro & overview Tom Slides
Sep 5 IPV 101 Hannah Pennington, Assistant Commissioner for Policy and Training (OCDV) Required reading: Freed et al. 2018 Suggested reading: Domestic Violence: Intersectionality and Culturally Competent Practice HW1 due 9/2 by midnight Slides
Sep 12 Account Compromise Tom HW2 due 9/9 by midnight Slides
Sep 19 Cyberharassment Legal Clinic Andrew Sta. Ana (New York Law School, Day One) "A Stalkers Paradise" How Intimate Partner Abusers Exploit Technology. Freed et al. 2018 HW3 due 9/24 by midnight Slides
Sep 26 Spyware apps Tom Chatterjee et al. 2018 Slides
Oct 3 Internet of things Tom Thermostats, Locks and Lights: Digital Tools of Domestic Abuse HW4 due 10/9 by midnight Slides
Oct 10 Abusive messages/content Tom HW5 due 10/22 by midnight Slides
Oct 17 Information disclosure (``doxxing'', non-consensual intimate imagery, fake accounts) Tom Slides
Oct 24 Clinical Models for Computer Security Tom Slides
Oct 31 Online harassment cases, the law Carrie Goldberg The One Law That's The Cause of Everything Good and Terrible About the Internet and Herrick v. Grindr HW6 due by midnight 11/6
Nov 7 Abuser-aware HCI Tom Slides
Nov 14 Prosecuting stalking and other abuse Michelle Kaminsky (Chief, Domestic Violence Bureau, Kings County District Attorney’s Office)
Nov 21 No Class
Nov 28 Case Studies HW7 due at the start of class on 11/28