CSE 4303 Introduction to Computer Security

Term: Spring 2026
Credit awarded: 3.0
Course mode: in-person

Description and Pre-requisites

Secure computing requires the secure design, implementation, and use of systems and algorithms across many areas of computer science. Fundamentals of secure computing such as trust models and cryptography will lay the groundwork for studying key topics in the security of systems, networking, web design, machine learning algorithms, mobile applications, and physical devices. Human factors, privacy, and the law will also be considered. Hands-on practice exploring vulnerabilities and defenses using Linux, C, and Python in studios and lab assignments is a key component of the course.

Prerequisites: CSE 247 and either CSE 361 or CSE 332.

Learning Objectives

1. Understand principles of security analysis
2. Explain key security concepts such as confidentiality
3. Explain the root causes of current security problems
4. Produce clear and concise descriptions of security problems on real world systems
5. Analyze systems for potential vulnerabilities
6. Gain hands-on experience using security tools to attack and defend vulnerable systems

Meeting Time and Location

Tuesdays and Thursdays, 11:30 AM - 12:50 PM
Urbauer 218

Instructor

Jon Shidal
shidalj@wustl.edu
Lopata 204A

Office hours: See Piazza pinned post.

Textbook

Strongly Recommended: Wenliang Du, Computer & Internet Security: A Hands-on Approach (3rd ed.)

This book is the companion to the SEED labs from Kevin Du at Syracuse that we will use for many of our hands-on exercises.

• Textbook website  with a few sample chapters and links to slides and Udemy videos

Technologies

Laptop capable of running VM hypervisor (VirtualBox, or VMWare Fusion for Apple machines with an M1 or later processor chip)

Educational Resources Used

• Canvas (main portal for class)
• Gradescope (assignment turnins)
• Piazza (course communication)

Class Workflow, Assignment Types, and Grading

This class consists of lecture as well as a large hands-on studio component. A typical week (but not every week…) will consist of:

• Pre-lecture prep work: Materials to read or watch outside of class and prior to class/lecture
• Lecture (typically on Tuesday): in-class lecture over a new topic
• Studio (typically on Thursday): in-class hands-on group exercises. Graded on best effort and completion. Studios must be completed outside of class if they are not finished during the assigned class period.

There will also be additional homework assignments that should be completed individually outside of class.

Other Assignment Types

• Homeworks: To be completed individually outside of class, graded on correctness
• Midterm exam: The midterm will be held in class on March 5th. It will cover all material up until that point in the semester
• Final project: The project will give you and your group mates an opportunity to take a deep dive into a particular security concept of your choice.
• News reports: Short summaries of security-related current events from credible news sources. You are required to complete 1. You may complete a second for extra credit.

Grading Breakdown

A typical 10 point grading scale will be applied when converting number grades to letter grades: A (90+), B (80-89), C (70-79), D (60-69), F (<60). I will modify letter grades with +/- within 2 points of a boundary. I will not do any rounding of grades.

Example:

• 98.00: A+
• 97.99: A
• 92.0: A
• 91.99: A-
• 90.00: A-
• 89.99: B+

A grade of C- is required to receive a passing grade in this course if the course is being taken pass/fail.

Course Policies

Late Work/Extension Policy

Studio and Homework deadlines are organized in a way that you should be able to complete all assignments on-time. However, we understand things come up that require flexibility. To account for this, each student will be automatically given two “late coupons”. A late coupon allows you to turn any Studio or Homework assignment in up to three days late without a grade penalty. You must notify the instructor via email prior to the assignment deadline to use a late coupon. Once you have used all late coupons, any late work will result in a 0. Late coupons may not be used on the exam, the final project, or news reports. Due to this built-in flexibility, no other extensions will normally be considered. Please contact the instructor ASAP to request an excused absence or special accommodation on any assignment if absolutely necessary.

Regrade Requests

Effort will be made to grade work consistently across all students. If you believe your work was graded incorrectly, you may submit a regrade request via Gradescope explaining what you think was graded incorrectly (e.g. “Some of my work was on a different page and does not appear to have been seen by the grader.”) within one week of grades being returned. Please note that questions about why an answer is incorrect are not regrade requests, and should be asked on Piazza for the benefit of everyone rather than submitted as regrade requests. If you are not sure whether your answer is correct, please ask on Piazza first.

Collaboration

Studios, lecture, Piazza, final project: You are encouraged to work together with other students in groups of 2-3 for studios and the final project, and to fully embrace the public spaces of the class (class discussions on news and the topics of the days, Piazza) to maximize our chance to learn together. The benefit of learning in a class rather than individually is the chance to all engage the material together!

Homeworks, news reports, and the exam are to be completed individually to allow you to demonstrate your learning.

Academic Integrity

Please refer to the McKelvey Academic Integrity Policy .

From the University: In all academic work, the ideas and contributions of others (including generative artificial intelligence) must be appropriately acknowledged and work that is presented as original must be, in fact, original. You should familiarize yourself with the appropriate academic integrity policies of your academic program(s).

Note on AI Tools

Using an AI-content generator (such as OpenAI’s ChatGPT or GitHub Copilot) to complete coursework without proper attribution or authorization is a form of academic dishonesty. Here are my rules for this course:

1. You may not ask generative AI to solve your homework for you. You may use generative AI as a tool to help you develop your own solution.
2. If your solution has bugs, you may use generative AI to help you find and understand the bugs so that you can fix them. You may not ask generative AI to fix the bugs for you.
3. If you use generative AI in one of the above legal ways, you should describe your conversation and what you learned. Please also list which generative AI model or tool was used.

Ethics

In a computer security course, it is necessary to study many vulnerabilities and exploits. You will be acquiring theoretical and technical knowledge that could be used for good or for ill, and it is your responsibility as an ethical computer scientist to use it for good.

Our school is generous in providing us resources with which to learn and trusting us to use our knowledge wisely, and we as your instructors are trusting you with the same. Any attempt to use knowledge gained in this class, now or in the future, to compromise, gain unauthorized access to, or otherwise maliciously affect any university- or non-university-managed resource will be prosecuted to the full extent of all applicable Washington University polices and all local, state, and federal laws. Any such attempt will also earn the ire of your instructors and bring you dishonor and discredit as a scientist. Many legitimate means of practicing offensive and defensive techniques are available; there is no need to resort to illegitimate ones. If you have a question about whether testing a particular technique in a particular context beyond the scope of course assignments is permissible, please ask first.