Course Syllabus

COMP 055-01/DHP D291: Computer Science for Future Presidents

Important Message re the Course Schedule

This course is a Computer Science course and follows the AS&E course schedule. The first day of class is September 3, there is no class on October 15 (AS&E Monday), and the last day of class is December 5. In addition, there will be no class on October 17.

Please note: this syllabus is subject to change. Please read announcements for changes in readings, etc.

Important message regarding enrollment:

This course is offered as both an undergraduate course (COMP 055-01) and graduate course (DHP D291). Students at the Fletcher School should enroll in the graduate version of the course; all other students intending to enroll in the graduate version will need permission of the instructor.

Assignments:

Note that this course is offered as a mixed undergrad/graduate course.

For students taking Computer Science for Future Presidents as an undergraduate course, there will be weekly labs, two short papers, and a final, with grading as follows:

Labs: 40%

Two short briefing papers: 20%

Final: 40%

For students taking Computer Science for Future Presidents as a graduate course,* there will be weekly labs, two short papers, a final, and a final paper, with grading as follows:

Labs: 33%

Two short briefing papers: 17%

Final: 33%

One final paper: 17%

* Students at the Fletcher School should enroll in the graduate version of the course; all other students intending to enroll in the graduate version will need permission of the instructor.

Course Syllabus

September 3-17: Communications Networks: How the Phone Network and the Internet are the Same—and Different          

September 3: Introduction and How the Internet Came into Being

September 5: How is SMS different from messaging? The different architecture of circuit-switched and packet-switched networks. As time permits, the architecture of mobile communications.

Readings:

• Barry Leiner, Vinton Cerf, David Clark, Robert Kahn, Leonard Kleinrock, Daniel Lynch, Jon Postel, Larry Roberts, and Stephen Wolff, Brief History of the Internet, 1997.
• David Clark, Tom Berson, and Herbert Lin, eds., At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues, National Research Council, 2014, Chapter 2.
• A Packet’s Tale: How Does the Internet Work?

September 10: Internet Architecture Part I: TCP/IP and DNS

Readings:

• Brian Kernighan, Understanding the Digital World, Part III: Communications (pp. 120-123) and 8.1-8.9.
• H. Saltzer, D.P. Reed, and D.D.Clark, End-to-End Arguments in System Design(Links to an external site.)Links to an external site., ACM Transactions on Computer Systems, Vol. 2, Issue 4, November 1984.
• Van Jacobson, A New Way to Look at NetworkingAugust 30, 2006; watch from the beginning through to minute 28.00.

Lab #1: Due September 18.      

September 12: Internet Architecture Part II: Routing, BGP; Wireshark demo.

Readings:

• Techquickie    00:00-4:20 What is TCP/IP?
• Cloudflare, The 6 Steps in a DNS Lookup in Cloudflare in What is DNS? How DNS Works
• Cloudflare, What is BGP? | BGP Routing Explained
• Tom Strickx, How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today, Cloudflare, June 24, 2019.

 

September 17: Internet Architecture Part III: How does an email get to its destination?

Readings:

• Kernighan: 9-9.4.

 

Lab #2: Due September 25.

 

September 19-October 1: Understanding the Web and Cloud Computing

 

September 19: How the Web Works Part I: Architectures: Peer-to-Peer vs. Client-Server; What is a url? How is a web page delivered?

Readings:

• Kernighan: 9.5-9.5.3 (9.5.3 for its discussion of the architecture of Napster, not the policy issues).
• Steven Bellovin, Matt Blaze, Susan Landau, and Stephanie Pell, It’s Too Complicated: How the Internet Upends Katz, Smith, and Electronic Surveillance Law, Harvard Journal of Law and Technology, Vol. 30, Number 1 (Fall 2016), pp. 57-60 (Email Headers and Envelopes).
• How the Web Works --In One Easy Lesson: http://mkcohen.com/how-the-web-works-in-one-easy-lesson
• Marco Gilles, What is a Website?

 

September 24: Cookies and Active Content

Readings:

• Kernighan: 10-10.2.
• World Wide Web Consortium, Peer-to-Peer v. Client-Server.

 

Lab #3: Due October 2.

 

September 26: Active Content; Attacks via the Internet (Ming Chow will teach)

Readings:

• Kernighan 10.3-10.5; 11.2.
• Apalon, Cookie Policy (read this for its definitions of different types of cookies, not for Apalon’s policy per se).
• Susan Landau, Surveillance or Security: The Risks Posed by New Wiretapping Technologies, 3.4-3.5 (reading on reserve).

 

October 1: Cloud and Internet of Things (IoT): What is the cloud? Different types of services (Saas, PaaS, IaaS), Computing on the cloud, IoT

Readings:

• Kernighan, Chap. 10.7.
• Thomas Limoncelli, The Top 10 Things Executives Should Know about Software, Communications of the ACM, Vol. 62, No. 7, July 2019.

 

Lab #4: Due October 9.

 

October 3-19: Cryptography: What it is, how it works, and what services it provides.

 

October 3: Cryptography Part 1: history and uses of cryptography, why key management is essential, public-key cryptography.

Readings:

• Kernighan 11.5.
• Internet Society, Internet of Things: An Overview, October 2015 (this looks long but is a quick read).
• Jeffrey Voas, Rick Kuhn, Philip Laplante, and Sophia Applebaum, Internet of Things (IoT) Trust Concerns, NIST Cybersecurity White Paper, October 17, 2018, Sections 1-2, 6-7, 9-14, 17-18.
• Stephen Watts, SaaS vs. PaaS vs. IaaS: What’s the Difference and How to Choose, September 22, 2017.

 

October 8: Cryptography Part II: Confidentiality, Integrity, Availability (CIA) model of security; Symmetric-key cryptography; Public-key cryptography.

Readings:

• Kenneth Dam and Herbert Lin, eds., Committee to Study National Cryptography Policy, Cryptography’s Role in Securing the Information Society, pp. 51-57.
• Whitfield Diffie and Susan Landau Privacy on the Line: The Politics of Wiretapping and Encryption 11-22; 32-34.

Lab #5: Due October 16.

 

October 10: Cryptography Part III: applications to hash functions and TLS; forward secrecy.

Readings:

• Diffie and Landau, pp. 26-30, 34-43.
• Steven Levy, Battle of the Clipper Chip, New York Times Magazine, June 12, 1994.
• Akamai, Enterprise Security: SSL / TLS Primer Part 1, Data Encryption

October 15: No class due to AS&E being on Monday schedule.

Briefing paper #1: Due October 24. Please submit via Canvas but also bring a hard copy to class.

 

October 17: No class.

Readings:

• Citizen Lab, Shining a Light on the Encryption Debate: a Canadian Field Guide, pp. 7-8 (forward secrecy).
• Susan Landau, Find Me a Hash, Notices of the American Mathematical Society, Vol. 53, No. 3, pp. 330-332 (skip discussion from “A common method … And as a result, we are in trouble.”).
• Quynh Dang, Recommendation for Applications Using Approved Hash Functions, NIST Special Publication 800-107, August 2012, Section 4.1 (use Glossary, Section 3.1, for any unfamiliar terms).

 

 

October 22: Cryptography Part IV: DNSSEC, digital time stamping

Readings:

• Johannes Bickel, SSL TLS HTTPS process explained in 7 minutes, April 26, 2014.
• Akamai, Enterprise Security: SSL / TLS Primer Part 2, Data Encryption: Public key Certificates

Lab #6: Due October 30.

 

October 24-November 5: Introduction to Privacy, Security, and Malware

October 24: A Quick Description of Attacks

Readings:

• ICANN, DNSSEC: What is It and Why is it Important?

 

October 29: Privacy and Security Part I: Technical Protections for Security: Physical security, Hardware Security, OS Security, Network Security, Web Security (Ming Chow will teach this class)

Readings (these should be completed by October 31):

• Jason Healey, ed., A Fierce Domain: Conflict in Cyberspace, 1986-2012; read sections on Cuckoo’s Egg; Morris Worm; Solar Sunrise; Moonlight Maze; From TITAN RAIN to BYZANTINE HADES; Estonian Cyberattacks; Stuxnet, Flame, and Duqu —the Olympic Games.
• Andy Greenberg, The Untold Story of NotPetya, the Most Devastating Cyberattack in History, WIRED, August 22. 2018.

 

Lab #7: Due November 6.

October 31: Security Part II: Privacy and security are the same and different; threat modeling

Readings:

• Finish the readings from October 31.

November 5 and 7: Malware (Ming Chow will teach)

• Topics:
  • Spam and phishing
  • Viruses
  • Worms
  • Trojan horses
  • Backdoors
  • Ransomware
  • Zero days

Readings:

• Verizon 2019 Data Breach Investigations Report
  • Introduction
  • Summary of Findings
  • Results and Analysis
  • Incident Classification Patterns and Subsets
• Duo Security, Digging Deep into the Verizon DBIR

 

Lab #8: Due November 13.

 

November 12-14: Attribution and Identity Management

 

November 12: Attribution

Readings:

• Gene Spafford, The Internet Worm Program: An Analysis
• Eric Roberts, Viruses 101 / Anti-Virus Software

Briefing Paper #2: Due November 21. Please submit via Canvas but also bring a hard copy to class.

 

November 14: Identity Management

Readings:

• ODNI’s A Guide to Cyber Attribution
• Dmitri Alperovitch, Bears in the Midst: Intrusion into the Democratic National Committee, June 15. 2016.
• Thomas Rid and Ben Buchanan, Attributing Cyber Attacks, Journal of Strategic Studies, Vol. 38, No. 1-2 (2015); read parts I and II.
• APT1: Exposing One of China’s Cyber Espionage Units (FireEye)

 

November 19: Open Source

November 19: Open Source: Closed source software: free software and the Free Software Foundation; open source software and licenses; GitHub and GitLab

Readings:

• Eve Maler and Drummond Reed, The Venn of Identity: Options and Issues in Federated Identity Management, IEEE Security and Privacy, March/April 2008 (read whole article but skim InfoCard section).
• Robin MacKenzie, Malcolm Crompton, and Colin Wallis, Use Cases for Identity Management in E-Government, IEEE Security and Privacy, March/April 2008.

Lab #9: Due November 26.

 

November 21 – December 3: Artificial Intelligence, Machine Learning, and Deep Learning: what’s it all about?

November 21: AI: What it is — and What it isn’t

Readings:

• Will Norris, Roads and Bridges: The Unseen Labor Behind Our Infrastructure, July 2016.
• Stanislav Dashevskyi, Achem Brucker, and Fabio Massaci, On the Effort of Security Maintenance of Free and Open Source Components, WEIS 2018.
• Choose an Open Source License: https://choosealicense.com/
• Michael Copeland, What’s the Difference between Artificial Intelligence, Machine Learning, and Deep Learning?, NVDIA, July 29, 2016.
• Michael Jordan, Artificial Intelligence — the Revolution Hasn’t Happened Yet, April 19, 2018.

 

November 26: Machine Learning

Readings:

• John Launchbury, A DARPA Perspective on Artificial Intelligence

 

December 3: Quantum Computing

Readings:

• Read slides 1-13 of Cyc Reasoning Screenshots.
• National Academies of Science, Engineering, and Medicine, Emily Grumbling and Mark Horowitz, eds., Quantum Computing: Progress and Prospects, 2019; Chap. 1-2.3.1.

December 5: In conclusion

Final paper due December 5 (for students enrolled in DHP D291, the graduate version of course)