CS 6910:

Advanced Computer and Information Security (ACIS)

Fall 2006

Department of Computer Science

Western Michigan University


Instructor:            Dr. Leszek (LEH-shek) Lilien

                                CEAS B-249, phone: (269) 276-3116

                                Email: llilien@cs.wmich.edu – please use for urgent matters only


1)   Only e-mail coming from a WMU account (ending with “wmich.edu” will be read).

2)   Files submitted as attachments will not be read unless they are scanned with up-to-date anti-viral software, and the message including them contains the following statement:

      I have scanned the enclosed file(s) with <name of software, its version>, which was last updated on <date>.


Office Hours:       Tuesdays, 7:30 pm – 8:30 pm and Thursdays 3:30 pm – 5:30 pm, CEAS B-249  


Classes:                CEAS C-124, Tuesdays and Thursdays 6:00 pm - 7:15 pm



Class Web Pages:

Main (this page):


Lecture slides and announcements:





Papers and e-books (mostly different for individual lectures) will be announced – follow the link to lecture slides and announcements.

Readings will be divided into required and recommended (optional).




Graduate student status.

Grade B or better in CS 5950/6030: Network Security or CS 5950/6030: Computer Security and Information Assurance or instructor’s permission.



Course Overview:               

This is an advanced course for graduate students only.

The course will be research-oriented, with both “more theoretical” and “more practical” research projects in the areas of computer privacy and security. Topics will be proposed by me, or proposed by students and accepted by me.

The course will cover selected areas of advanced research in computer privacy and security, the ones which are of most interest to me. Examples include:

·   Trust in open computing environments, incl. using trust for authorization.

·   Privacy-preserving data dissemination.

·   Privacy and security in pervasive systems, including opportunistic networks and other ad hoc networks, as well as embedded networks and sensor networks.

·   Authentication and privacy, with emphasis on authentication in healthcare systems.

·   Project Authentic: Authentication Attacks and Controls.

·   Analysis of computer privacy and security paradigms and development of new ones.

·   Modeling computer fraud and investigating types of fraudulent user behaviors.

·   Vulnerability analysis and threat assessment/avoidance in computer systems, esp. in database systems


Course Requirements for Students:              

·   Read and present in class the research papers selected by me, or selected by students and accepted by me. Research areas represented by the papers will be (mostly) from the “selected areas” listed above.

·   Work on own research projects, either individual or group ones. Projects will mostly belong to the “selected areas” listed above. There will be three basic types of projects: survey/overview projects, implementation projects, or simulation projects. All projects will be developed under my close supervision, including regular weekly meetings.

·   Present the project results in class (hopefully at least one presentation, lasting at least 30 min. + 5 min Q&A period).

·   Write a research paper summarizing the project work.

·   We will probably have two exams, or only take-home exams.

·   We will have quizzes testing understanding of lectures, required readings, and presentations by fellow students.



Academic Honesty Statement (WMU Policy)

You are responsible for making yourself aware of and understanding the policies and procedures in the Undergraduate Catalog (pp. 274-276) or the Graduate Catalog (pp. 25-27) that pertain to Academic Honesty. These policies include cheating, fabrication, falsification and forgery, multiple submission, plagiarism, complicity and computer misuse. If there is reason to believe you have been involved in academic dishonesty, you will be referred to the Office of Student Conduct. You will be given the opportunity to review the charge(s). If you believe you are not responsible, you will have the opportunity for a hearing. You should consult with me if you are uncertain about an issue of academic honesty prior to the submission of an assignment or test.


Note:    This is a course for honest and ethical students only!

              I will not tolerate any breaches of  academic integrity, including abuses of a lab, lab procedures, or projects.

.             In addition, due to the nature of this course, should a student use any information learned or any facilities provided by the course in an unethical way, I will ask the Office of Student Conduct for the harshest penalties applicable. This applies to acts committed both during and after the course (for example, if I hear about an incident in a faculty meeting).