Course Details

Course CSC 591/791 - Cellular Network Security, Spring 2019
Meeting Location 1228 EB2
Meeting Times M/W 4:30 PM - 5:45 PM
Credits 3
Instructor Prof. Brad Reaves
Email bgreaves -at- ncsu.edu (Include “[CSC 591/791]” in subject)
Office 3256 EB2
Phone 919.513.7835
Office Hours TBD and By Appointment
Final Exam Period May 3 1-4pm
Piazza https://piazza.com/ncsu/spring2019/csc591791
MediaSite https://mediasite.wolfware.ncsu.edu/online/Channel/6744f3b74a674509ac90239ec547c8a65f

Course Prerequisites

Formal: A computer networking course at the undergraduate or graduate level (equivalent to CSC 401 or CSC 570) and a computer security class (examples include CSC 474, 574, 405); or permission of the instructor.

Overview

Cellular networks are essential to modern infrastructure. Not only do they power the daily communications of billions of individuals, they are and will be the primary access medium for over a billion people in developing regions. The newest generation of cellular networks (5G) will not only accelerate current uses of cellular networks, but potentially enable exciting new applications like vehicle-to-vehicle communications, IoT devices, and even remote robotic assisted surgery.

Despite their ubiquity and import, cellular networks present a number of unique security challenges. In this course, we will study in detail how these networks function and the current state of the art of their security. This course provides an in-depth investigation into security issues in areas including cellular air interfaces, core networking (SS7, IMS), cellular data networking, and mobile device architectures. In particular, we will study how these networks provide (or fail to provide) high confidentiality, integrity, availability, authentication, and privacy. A key focus of the course will be how the design philosophy of telephone networks differs from the Internet, complicating traditional security solutions. The security of these networks are poorly understood by computing professionals, making competence in this area a rare and valuable skill.

A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) will be available on the course schedule.

Textbooks and Reading Material

This course will use a textbook: P. Traynor, P. McDaniel and T. La Porta. Security for Telecommunications Networks. Springer, Series: Advances in Information Security, August, 2008. ISBN: 978-0-387-72441-6.

The textbook is available online if you are on NCSU’s campus. It can also be purchased for $25 from that same link.

Readings will also come from recent network security research papers. You should expect to read and review 1 chapter or two papers most class periods.

Student Learning Outcomes

By the end of this course, students will be able to:

  • Explain the design and functioning of cellular networks
  • Explain and critique existing cellular network security mechanisms

  • Know the most important conferences and journals for network security research
  • Summarize and explain orally a research idea / contribution in a clear and appealing way
  • Critique published research
  • Identify some of the current trends and open problems in cellular and telephone network security research
  • Define a network security research problem and justify it
  • Do research in network security using proper methodology
  • Write ideas and results in a clear, technically appropriate way

CSC 791: Course Structure and Grading

The course will consist primarily of in-class lectures, readings from recent literature, homework assignments, a midterm exam and a course research project.

Your grade will be determined as follows:

  • 50% Class Project
  • 20% Midterm exam
  • 15% Assignments
  • 15% Participation

The final letter grade will be based on the final percentage as follows:

A+ <= 97% < A <= 93% < A- <= 90% < B+ <= 87% < B <= 83% < B- <= 80% < C+ <= 77% < C <= 73% < C- <= 70% < D+ <= 67% < D <= 63% < D- <= 60% < F

REG 02.50.03 describes the grade point interpretation of letter grades.

CSC 591: Course Structure and Grading

The course will consist primarily of in-class lectures, readings from recent literature, homework assignments, and a midterm and final exam. Students who are enrolled in 591 may also elect the option to follow the CSC 791 assignments and grading in the first week of class, but no later.

Your grade will be determined as follows:

  • 25% Midterm exam
  • 25% Final exam
  • 35% Assignments
  • 15% Participation

The final letter grade will be based on the final percentage as follows:

A+ <= 97% < A <= 93% < A- <= 90% < B+ <= 87% < B <= 83% < B- <= 80% < C+ <= 77% < C <= 73% < C- <= 70% < D+ <= 67% < D <= 63% < D- <= 60% < F

REG 02.50.03 describes the grade point interpretation of letter grades.

Assignments: The instructor will assign homework assignments on a periodic basis for topics associated with the class . These homeworks require the students to write, program, or perform other basic research. The content and due dates of these assignments will be decided over the course of the semester. If you cannot attend a lecture, contact other students to see if any assignments have been made and consult the syllabus.

CSC 791 Course Project: The course project requires that students execute research in cellular network security. The result of the project will be a complete research paper formatted for submission to a workshop of conference. Project topics will be discussed in class about 25% of the way through the class. Be realistic about what can be accomplished in a single semester. However, the work should reflect real thought and effort — projects executed in the closing days of the semester are unlikely to be well received. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort.

Class Participation: Enthusiastic, intentional class participation is an essential element of this course. To do well in this course, students must take active and regular roles in discussion and demonstrate comprehension of the reading themes. Students are required to do the assigned reading before class.

Devices Students are encouraged to use computing devices during lectures in ways that facilitate their learning and do not distract others. However, using devices for activites not related to the class (including excessive off-topic browsing, social media, or for out-of-class assignments) will result in poor participation grades.

Grading Concerns Timely and informative feedback is an essential element of effective education, and the instructional staff makes every effort to fairly and accurately grade every assignment and exam. If a student believes that a grading error has been made, they should contact the instructional staff by email clearly and objectively detailing the error and how the student believes it should be corrected. Grading corrections will not be made without a request in writing. While we are happy to correct honest errors, note that in the case of a grade dispute, the instructional staff reserves the right to regrade an entire assignment.

Weekly Course Schedule

See the course schedule. Note that the schedule is subject to change as the semester evolves.

Assignment Lateness Policy

All out-of-class assigments will be due at 11:50pm the day of the deadline unless otherwise specified. All deadlines are hard. Late homework will be accepted within 72 hours with a 20% reduction in grade per day. Homeworks submitted after 72 hours will have a 100% penalty. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.

Attendance Policy

The instructor will not take any formal attendance for class meetings. However, exam material includes anything in the readings, slides, and topics discussed in class. Students missing class should consult classmates on missed material and review the class recordings.

The university policy on excused absences will be observed (see REG 02.20.03). The students are responsible for discussing makeup exams if they miss exams due to excused absence. The instructor will choose a mutually agreed date and time for the makeup exam. Late submission of homework assignments due to excused absences is not subject to the policies on late assignments.

Academic Integrity Policy

Students are welcome and encouraged to discuss homework and project solutions (unless otherwise directed by the assignment). However, this discussion should be at a high-level and code or text should not be shared. All students should indicate their collaborators on every assignment turned in.

Students are explicitly forbidden from copying the work of others (with or without superficial modification). This includes Internet or text sources for code or prose. One exception is snippets of code (up to 5 lines) from reference sources (like man pages or library documentation). Snippets copied from references should be cited with a code comment.

My experiences with NC State students so far have lead me to believe that nearly every student is honorable, and I have every reason to believe that the students in this course will complete assignments in an honest fashion.

However, should an incident arise where I believe academic misconduct has occured, the university, college, and department policies against academic dishonesty will be strictly enforced. You may obtain copies of the NCSU Code of Student Conduct from the Office of Student Conduct. The instructor expects honesty in the completion of test and assignments. For everyone’s sake, the instructor has a zero tolerance policy for violations of academic integrity. which include but are not limited to plagiarism and illegal collaboration. If a student is in doubt about the conduct of themselves or others, the instructor welcomes questions about this policy. In this case, it is far better to ask permission, as there will not be forgiveness of academic misconduct. The penalties for academic misconduct will include assigning at least a negative grade and refering the student to the appropriate University bodies for possible further action.

It is the understanding and expectation of instructor that the student’s signature on any test or assignment means that the student neither gave nor received unauthorized aid. For additional information, visit studentconduct.ncsu.edu.

Ethics Statement

This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.

When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from the instructor.

Resources for Support

The instructor’s goal is to help students gain a clear understanding of the course material, to foster a deep interest in the topic of computer security, and develop the basic research skills essential to a career at the frontiers of technology. With security, the devil is often in the details, and crucial understanding often relies on subtleties. Accordingly, it is natural for students to struggle both with the content of this course and with requisite background material.

To this end, the instructional staff are providing a number of mechanisms for support. These include:

  • Piazza The course will feature a Piazza message board. This should be your first go-to resource for any questions about course structure, deadlines, class material, or anything else that could possibly be relevant to other students. Note that active participation in Piazza will enhance your participation grade. The instructional staff receives emails from Piazza, so any questions posted to Piazza will be addressed as fast or faster than those sent by email.

  • MediaSite I will make recorded lectures available to you to aid in studying or to help in catching up after absences. These will be available on Mediasite. Please be advised this course is being recorded for current and potential future educational purposes. By your continued participation in this recorded course, you are providing your permission to be recorded.

  • Office Hours The instructor and teaching assistants will hold office hours every week. Students are highly encouraged to come to office hours with the instructor or TAs to discuss doubts about course material, concerns about course performance, or to discuss computer security beyond what can be discussed in class. The instructor is also available by appointment when an office hours meeting is impractical.

  • Email The instructional staff strongly requests that you limit individual emails to communications regarding private questions (like grade concerns), appointment and make up exam requests, and other communications that are not suitable for Piazza. Note that emails that are of a general nature will be posted anonymously to Piazza on a student’s behalf. To ensure that student emails receive a high priority, students should place the string “[CSC 591]” somewhere in the subject line.

If at any time you have constructive suggestions about how to improve the course, feel free to share them with the instructor during office hours or via an email.

Statement on Identity

I make an effort to treat all of my students with respect, and an important part of that is correctly addressing students with correct names and pronouns. If you would like to be called by a different name or pronoun other than what is in the directory, let me know (in person or email). Also, if I mispronounce your name, please let me know – it is not intentional!

Statement on Class Evaluation

Online class evaluations will be available for students to complete during the last 2 weeks of the semester for full semester courses and the last week of shorter sessions. Evaluations then become unavailable at 8am on the first day of finals. When the time comes, please complete these evaluations – I take them very seriously!

Statement on transportation

Students have to provide their own transportation for any and all class related trips.

Statement on safety and risk assumption

This course does not require activities that pose physical risk to students.

Statement for students with disabilities

Reasonable accommodations will be made for students with verifiable disabilities. In order to take advantage of available accommodations, students must register with Disability Services for Students at 1900 Student Health Center, Campus Box 7509, 919-515-7653. For more information on NC State’s policy on working with students with disabilities, please see the Academic Accommodations for Students with Disabilities Regulation (REG 02.20.01).

N.C. State University Polices, Regulations, and Rules (PRR)

Students are responsible for reviewing the PRRs which pertain to their course rights and responsibilities. These include: Equal Opportunity and Non-Discrimination Policy Statement, Office for Institutional Equity and Diversity, Code of Student Conduct, and Grades and Grade Point Average.