Fall 2019

Prof. Charles Nicholas
ITE 356
Office hours: MW 2:30-4pm,
but it's fine to call or send email before coming to see me, since my schedule may change from week to week at short notice.

We have two TAs for this course. They will hold office hours in ITE 366. Their office schedule is:
R.J. Joyce <joyce8@umbc.edu>
Tuesday 2-3pm Wednesday 4-6pm
Anna Staats <astaats1@umbc.edu> TBD

Course information

No Class on Wednesday August 28!

Class begins on Wednesday, 7:10-9:25pm, beginning September 4, 2018

The class meets in the Public Policy building, in PUP 105.


Interest in cyberdefense, including inter-collegiate competition. Computer Science background equivalent to Data Structures CMSC 341 is assumed.

Permission of the instrcutor is required in order to enroll. Send email to nicholas@umbc.edu from your UMBC email address, and tell me your name
AND your student ID. You may attend the class sessions even if you are not enrolled. The Cyberdefense club meets in the same
place and time.

This is NOT an entry-level systems or security course. Students are expected to have a working knowledge of the Windows and Unix operating systems, networks, and/or software development techniques, along with interest if not experience in planning and conducting both penetration testing and countermeasures development.


Notes on the Schedule (Subject to Change)

Reading List

We will develop the reading list as we go. Students should know how to use the UMBC Library research port and other facilities to get access to papers they want. I suggest using a paper management system such as Mendeley. Suggestions for improving this list are welcome.

Textbook(s): None

The following book(s) are not required, but may be helpful:

Cyberoperations, by Mike O'Leary, second edition

Windows Internals, Parts 1 and 2, by Mark Russinovich

Hacking: the art of exploitation, by Jon Erickson.

Be careful when dowloading "free" copies of this or similar books! Additional resources, varying in quality, can be found on Wikibooks and other places.

Course Policies


Students enrolled in CMSC 491 will be expected to attend and participate in the weekly Cyberdawg meetings, including the prep work that may be announed before or after each class session. Also, to suggest resources that could be added to this site, such as on-line tutorials, tools, YouTubes, and so forth.

Students enrolled in CMSC 791 will be subject to the same expectations as students in 491.

Grading Scheme: 20% attendance, 20% compeition participation, 60% homeworks. Homeworks are equal weight, and there will be 8-10 of them.


Abuse of Resources PAY ATTENTION TO THIS!

Abuse of the knowledge or experience you gain in this course may subject you to discipline under UMBC policy and/or criminal prosecution. Do not expect your status as a student to protect you if you break the law! Hacking into campus computers (other than systems approved for such a purpose) is a violation of UMBC policy, and may result in disciplinary action possibly including expulsion, in addition to possible criminal charges.

Academic Honesty

Academic dishonesty of any kind will be handled in accordance with University policy.

"By enrolling in this course, each student assumes the responsibilities of an active participant in UMBC's scholarly community, in which everyone's academic work and behavior are held to the highest standards of honesty. Cheating, fabrication, plagiarism, and helping others to commit these acts are all forms of academic dishonesty, and they are wrong. Academic misconduct could result in disciplinary action that may include, but is not limited to, suspension or dismissal. To read the full Student Academic Conduct Policy, consult the UMBC Student Handbook, the Faculty Handbook, or the UMBC Policies section of the UMBC Directory." [Statement adopted by UMBC's Undergraduate Council and Provost's Office.]


Title IX

Any student who has experienced sexual harassment or assault, relationship violence, and/or stalking is encouraged to seek support and resources. There are a number of resources available to you.

With that said, as an instructor, I (Prof. Nicholas, but this applies also to RJ) am considered a Responsible Employees, per UMBC'S interim Policy on Prohibited Sexual Misconduct, Interpersonal Violence, and Other Related Misconduct. This means that while I am here to listen and support you, I am required to report disclosures of sexual assault, domestic violence, relationship violence, stalking, and/or gender—based harassment to the University's Title IX Coordinator. The purpose of these requirements is for the University to inform you of options, supports, and resources.

You can utilize support and resources even if you do not want to take any further action. You will not be forced to file a police report, but please be aware, depending on the nature of the offense, the University may take action.

If you need to speak with someone in confidence about an incident, UMBC has the following Confidential Resources available to support you:

The Counseling Center: 410-455-2742 (M-F 8:30-5)

University Health Services: 410-455-2542 (M-F 8:30—5)

For after-hours emergency consultation, call the police at 410-455-5555

Other on-campus supports and resources:

The Women’s Center (available to students of all genders): 410-455-2714 (M-Th 9:30-6pm, F 9:30-4pm)

Title IX Coordinator: 410-455-1606 (9-5)

Child Abuse and Neglect

Please note that Maryland law requires that I report all disclosures or suspicions of child abuse or neglect to the Department of Social Service and/or the police.



A collection of resources will be made available.. Suggestions are welcome!

This web site's URL should be https://www.csee.umbc.edu/courses/undergraduate/CMSC491activeCyber/