ISA 564/CS499, Security Laboratory Fall 2016

[Class Schedule] [Projects]

Instructor: Angelos Stavrou
Lecture: Tuesday 7:20pm - 10:00pm
ENGR 5358
Office Hours: Tuesday 4:30pm - 6:30pm, and by appointment Email: astavrou(_)

Teaching Assistant: Maofei Chen
ENGR 5321

Office Hours: Monday: 3:30 - 5:00pm & Wednesday: 2:50 - 4:20pm
Plan to ask for TA help/individual attention during class instead of outside
Email: mchen18(_)

se Description:

This course provides hands-on experience in configuring and experimenting with commodity networked systems and security software in a live laboratory environment, with the purpose of understanding real-world security threats. This course will take both offensive and defensive approaches and expose students to a variety of real-world attacks, including viruses, worms, rootkits, and botnets. Possible mitigation and defending mechanisms such as firewalls and intrusion detection software will also be covered.

Course Objectives:


The prerequisite for this topics class is a C or better in CS 310 Data Structures and CS 367 Computer Systems & Programming; or permission of instructor.

·        Coursework will include substantial programming projects; in order to be able to complete the projects, you are expected to have competence in programming that can be applied to to systems and networking (C, Python, etc.)

·        You are expected to have a good understanding of operating system internals (system call internals, run-time memory organization, assembly language/x86)

·        To be clear, you will be exposed to, and expected to implement, projects related to some subset of these:

o   Web application security, wireless vulnerabilities, socket programming, C2 protocols, PE life-cycle, binary packers, x86 shellcode (arbitrary code execution via stack smashing, heap spray attacks, ROP gadgets), IDS and analytics, incident response, penetration testing, maliciously repackaging mobile applications.

o   If you had to Google any of that, then think seriously about not taking this course or expect a very steep learning curve at points along the way.

 The coursework will include substantial programming projects; in order to be able to complete the projects, the students must be comfortable with C and Systems' programming.




Class participation


Labs 5 - 6




Final or Team Project




The students must achieve a total score of at least 90 (out of 100) to be considered for an A. This class is an advanced graduate-level class and is geared towards understanding the fundamental concepts behind Digital Forensics. The students will be expected to participate in large projects under the guidance of the instructor.


We are going to cover topics using the provided slides, papers, and online material.

On the course web page you will also find assigned reading from on-line articles, code snippets, and research publications. I will also have supplementary materials on reserve or handed out during class.

Computer Accounts:
All students should have accounts on the central Mason Unix system (also known as
and on IT&E Unix cluster (Instructions and related links are here). Please read the FAQ if you have any questions. Students can work in IT&E computer labs for programming projects during the specified hours.

Honor Code:

Please read and adhere to the University's Academic Honesty Page, GMU Honor Code, CS Department Honor Code
Disability Statement If you have a documented learning disability or other condition that may affect academic performance you should:
1) Make sure this documentation is on file with the Office of Disability Services.
All academic accommodations must be arranged through the ODS.
2) Talk with me to discuss your accommodation needs.

Other Usefull Resources

Writing Center: A114 Robinson Hall; (703) 993-1200;
University Libraries: “Ask a Librarian”
Counseling and Phychological Services (CAPS): (703) 993-2380;
University Policies: The University Catalog,, is the central resource
for university policies affecting student, faculty, and staff conduct in university affairs.