Syllabus

Course Title and Description

CPEN 442, “Introduction to Cybersecurity,” is a fourth year undergraduate elective course that introduces students to the subject of cybersecurity from the technical, economic, and human points of view. The purpose of this course is to help students in learning the principles of cybersecurity in general and of designing secure systems in particular.

For the course description and pre/co-requisites, see the entry for CPEN courses in UBC Academic Calendar.

Registration restrictions: see the course entry in the UBC Course Schedule.

Announcements: Most announcements for the course are made during class sessions. If you miss a class, it’s your responsibility to learn from your classmates about the announcements made during the missed class. Sometimes, the teaching staff will make time-sensetive announcements on Canvas. It’s expected that all students check Canvas site every working day.

Communications

Announcements: Most of announcements are made during class sessions. It’s responsibility of each student to be aware of the announcements, even if they miss the class for any reason. On rare occasions, announcements will be made on Canvas (see Canvas Announcements module of the course).

Online Discussions: The students are welcome to use Canvas for online discussions among themselves.  The teaching staff neither monitor these discussions or participate in them.

Contacting Teaching Staff

  • All course-related questions relevant to most students in the course should be asked during the class.
  • Course-related questions relevant to individual students can be asked during instructor’s office hours (see the course session calendar) or right after the class.
  • Time-sensitive questions can be  directed to the teaching assistant(s) via a direct message (i.e., not in Discussions) on Canvas. Make sure to choose “All Teaching Assistants” as the recipient of your message. If the teaching assistant(s) finds it necessary to involve the course instructor, they will forward the message to him. Teaching staff will do their best to reply to direct messages no later than one working day after receiving them.

Course Instructor

Prof. Konstantin Beznosov, Ph.D., PEng. Office hours: online and in-person,  see course session calendar for instructor office hours.

Teaching Assistants

Course Structure, Activities, and Assessment

In order to pass the course, each student must complete the following modules:

  1. Term Project

    Students will be responsible for a final project. You should work in groups of 4 students. There should be no more than one graduate student in each group. Contribution of each student to the term project will be evaluated by the other team members via iPeer, and prorated accordingly to the scores given by the other teammates.

    The nature and the topic of the project is your choice, although it needs the approval of the course instructor. For inspiration, you are encouraged to familiarize yourself with projects done by students in the previous years to figure out the best scope and the technical level of your project. We will generally approve any interesting topic related to the wide area of cyber security and privacy.

    Your group will need to present the project proposal and submit a written proposal (see the course calendar for the submission deadline). It is highly advisable to get going early. The instructor will gladly discuss proposals during office hours before the deadline. Presentation and submission of project proposals give the teaching staff a chance to review and approve your project proposal, and to suggest improvements.

    One whole day (in the form of mini-conference) at the end of the term will be devoted to short presentations of each term project. You will submit a written report on your project and a video clip.

  2. Homework assignments

    There are both in-class assignments (which you are to solve during lab sessions) and take-home assignments. The assignments are to be submitted through Canvas.

    All assignments are to be done in groups. Once term project groups are finalized, you are to work on group assignments with the same team as term projects (for the first assignment, students might be assigned to groups randomly). Get your group organized as soon as you can, and create your group on Canvas. For take-home assignments, contribution of each student will be evaluated by the other team members via iPeer. See the assignments page for more information.

    No special accommodations will be made for students who miss or otherwise don’t contribute to the group work on the assignment, even if there is a valid reason for missing (underperforming on) an assignment. However, one assignment with the worst mark will NOT be used for calculating the assignment portion of final grade for each student. This arrangement provides a safety net for students who experience unexpected hardship during the term.

  3. Lab sessions

    Lab sessions are for the students (1) to learn in more details some of the material by tackling in-class assignments, (2) to ask one of the TAs clarification questions about take-home assignments and term projects, and (3) to meet their term project team and discuss project ideas/methodology with the team and the class (through short in-lab presentations). See the course session calendar for lab times. Attendance is mandatory for lab sessions, as there will be in-class assignments.

  4. Presentation of the term projects (mini-conference)

    Each group will present their term project to the rest of the class during a mini-conference at the end of the course.

  5. Quizzes

    In-class quizzes: There will be quizzes in most (if not all) class sessions. Quizzes will test your knowledge of the study material. In-class quizzes will be given during the first 10 minutes of the class. As such, students who start the quiz late, will have whatever time left before the quiz gets unpublished 10 minutes after the start. This policy aims to avoid situations when a student starts their quiz when almost everyone else has finished the quiz and now the whole class has to wait for that late student.

    To do in-class quizzes, each student will need to have a laptop and be logged into the course on Canvas. It’s the responsibility of each student to be ready for the quiz at the beginning of each class.

    Entrance Quiz:
    This quiz will be given on Canvas at the beginning of the course. It’ll help students to assess their own skills and required knowledge in relation to the expectations for the course. The quiz tests (1) students’ knowledge that they are expected to learn in prerequisite courses, and (2) their ability to study course material provided in the flipped classroom format. Those students who score 55% or more on the quiz, will receive full credit for the quiz. Other students will receive no credit for the quiz.

  6. Midterm and Final Examinations

    There will be one mid-term and one final open-book examinations. See the course session calendar for the mid-term examination date. The date of the final examination will be set and announced by the UBC services. It’s the student’s responsibility to know the date, time, and location of the final examination.

  7. Sessions

    When: Mondays and Wednesdays, from 11:00 AM to 12:20 PM; January 8 to April 11, 2024.
    Where: see the course entry in the UBC Course Schedule.

    Attendance is mandatory and might be recorded. If a student has to miss a class, they must request an academic concession at their soonest convenience (see section “In Term Concessions” of this syllabus for instructions). It is the responsibility of each student to be aware of any announcements made during missed sessions and to know the material discussed at the sessions.

    Sessions will be in flipped classroom format and will involve mostly group activities focused on problem solving. Slides used by the teaching staff during the class sessions will be posted on Canvas or the course session calendar in 5 working days.

  8. In-Class Participation

    Participation during course sessions will be in groups. Students will be assigned randomly to groups at the beginning of each class. All groups will be working on the same practice problems or questions. For each practice problem/question, after the time is up, a particular group and a particular student from that group will be chosen randomly. The chosen student will present, on behalf of the group, their solution to the problem or answer to the question. All students from that group (except for the absent ones) will receive the same participation mark. Absent students from the chosen group will receive 0. Course participation mark of each student will be averaged over all  participation marks that student receives during the term.

  9. Self-Study Before and After the Class Sessions

    Each student is expected to study all required material for each class. The study of all the required material should be guided by learning objectives for each study module. There will be also optional and bonus study material for some sessions, which will help you to gain deeper and/or broader understanding of a particular topic.

Grading

Grading will be done according to the following break-down:

 

Module
Grade %
Entrance Quiz (5 points will be given only to those who get 55% or more on this quiz, the rest will get 0). 5
In-class participation
10
In-class quizzes
8
Mid-term examination 7
Final examination
16
Term project proposal presentation & write-up (G)*
5
Term project presentation at the mini-conference (G)
6
Term project report (G)

Pre-final draft of the report (required for security analysis projects), which contains all parts of the report required, according to the project type.

7

Final report (all the sections, according to the project type)

14
Project video clip (G) 4
Homework assignments (both in and outside of the lab) (G)
18
Total
100

* group elements of the final mark are indicated with (G)

If the mean final mark for the cohort is less than 75%, the final mark of each student in the cohort will be pro-rated so that the mean final mark will be 75%.

Students in those term project groups that win best and second-best prizes for their work on the projects (see mini-conference page for the details) will receive bonus marks.

Grading of Group Work

Individual marks for group work (e.g., group homework assignments, project proposals, project presentations, and project reports) is based on the group mark G (given by the teaching staff) and the teammates’ evaluations of individual student’s contribution (given by the team mates). Teammates’ evaluations are provided through iPeer. The course calendar lists deadlines for submitting these evaluations. These deadlines are usually few hours after the submission deadline.

Based on the teammates’ evaluations of individual student’s contributions, each student S gets such a contribution coefficient Cs that  (C1+C2+C3+C4)/4 == 1. The individual mark of student s is Is == G*Cs. Therefore, if no student from the team has submitted an evaluation on iPeer, each student gets mark Is==G.

Late submissions of the evaluations on iPeer are not accepted. If a student did not submit their evaluations of the teammates, individual marks of each student in the corresponding team are calculated as if that student assessed equally the contributions of their teammates.

Course Content

For the list of topics to be covered in the course and their schedule, see the course session calendar.

Course Learning Outcomes

On completion of this course, students are expected to get a solid orientation in the subject of cyber security and privacy. For details, see the learning objectives of each study material module.

Study Materials

All study materials can be purchased in (online and offline) bookstores.

  1. Mark Stamp, Information Security : Principles and Practice, Third Edition, Wiley-Interscience, 2021. This textbook might also become available online through UBC Library (CWL is required).
    Feel free to supplement your study of this textbook with watching the videos of author’s lectures closely based on the textbook.
  2. (recommended) Anderson, Ross. Security Engineering — A Guide to Building Dependable Distributed Systems. John Wiley & Sons, 2020, Third Edition. See free chapters from this book online. UBC Library also has a PDF version of the book.
  3. (Some of the assigned required reading will be from this book) Paul C. van Oorschot, Computer Security and the Internet: Tools and Jewels, 2021, Springer. See free chapters from this book online.
  4. (Recommended for the classes on Bitcoin Case Study) Narayanan, Arvind, Joseph Bonneau, Edward Felten, Andrew Miller, and Steven Goldfeder. Bitcoin and cryptocurrency technologies: a comprehensive introduction. Princeton University Press, 2016.

Course Policies

Quizzes Policy

  1. All quizzes are open-book and must be taken in the class. Each student is required to have a laptop or some other devices suitable for taking a quiz via Canvas.
  2. In-class quizzes will be given during the first 10 minutes of the class. As such, students who start the quiz late, will have whatever time left before the quiz gets unpublished 10 minutes after the start. This policy aims to to avoid situations when a student starts their quiz when almost everyone else has finished the quiz, and now the whole class has to wait for that late student.
  3. No make-up quizzes will be given, irrespectively of the reason for missing the quiz. Instead, each student will get up to 10% extra of the quiz mark for the final mark in the course.
  4. Those students who score 55% or more on the Entrance Quiz, will receive full credit for the quiz. Other students will receive no credit for the Entrance Quiz.

Assignments Policy

  1. No make-up assignments will be given for those who missed them, irrespectively of the reason for missing the assignment.

Late Submission Policies

Unless specified otherwise, late submissions of assignments, proposals, reports and other work are accepted and the following penalty scheme is applied to late submissions, irrespectively of the reason for the late submission: The mark for a late submission is reduced by 5% for each late hour or any portion of it. ABSOLUTELY NO EXCEPTIONS WHATSOEVER! This penalty scheme is implemented to provide fairness and to reward time-management skills.

Examples:

  • a work submitted 1m late will get mark of 95%, at most.
  • a work submitted 1h15m late will get mark of 90%, at most.
  • a work submitted 9h1m late will get mark of 50%, at most.
  • a work submitted 15h5m late will get mark of 10%, at most.

Examinations Policies

  1. Both mid-term and final examinations are open-book.
  2. No make-up mid-term exam will be given, irrespectively of the reason for missing the exam.
  3. If a student misses the mid-term examination, their mid-term mark will be the same (percentage wise) as their final examination mark.
  4. If a student misses the final examination, their final exam mark will be 0 and they will fail the course, unless UBC Administration grants this student deferred examination option.

In Term Concessions

The University is committed to supporting students in their academic pursuits. Students may request academic concession in circumstances that may adversely affect their attendance or performance in a course or program. Students should be familiar with UBC policies on academic concession.

Students who intend to, or who as a result of circumstance must, request academic concession should send a message to the course instructor on Canvas requesting an academic concession. The subject of the message should contain “request for academic concession” and the date of the class session for which the concession is requested. Email messages with requests for academic concessions will not be accepted.

Students seeking academic concession due to absence from the final exam for any reason must apply to Engineering Academic Services (EAS) within 72 hours of the missed exam. This is a standard practice for all final examinations at UBC.

How in term concessions will be handled:

  • No special accommodations will be made for students who miss or otherwise don’t contribute to the group work on the assignment. However, one assignment with the worst mark will NOT be used for calculating the assignment portion of final grade for each student.
  • No make-up in-class quizzes will be given, irrespectively of the reason for missing the quiz. Instead, each student will get up to 10% extra of the quiz mark for the final mark in the course.
  • No concession will be offered on the Entry Quiz.
  • If a student misses mid-term examination, their mid-term mark will be the same (percentage wise) as their final examination mark.
  • If a student misses final examination, their final exam mark will be 0 and they will fail the course, unless UBC Administration grants this student deferred examination option.
  • If a student misses a class session, in which their assigned group is chosen to present, the student must contact the instructor on Canvas requesting an academic concession for that class session (see the instructions above), in order to avoid receiving 0 for participation in that class session.

Academic Honesty and Standards

Summary of UBC Policy on Academic Integrity:
The academic enterprise is founded on honesty, civility, and integrity. As members of this enterprise, all students are expected to know, understand, and follow the UBC codes of conduct regarding academic integrity. At the most basic level, this means submitting only original work done by you and acknowledging all sources of information or ideas and attributing them to others as required. This also means you should not cheat, copy, or mislead others about what is your work. Violations of academic integrity (i.e., misconduct) lead to the breakdown of the academic enterprise, and therefore serious consequences arise and harsh sanctions are imposed. For example, incidents of plagiarism or cheating may result in a mark of zero on an assignment or exam and more serious consequences may apply if the matter is referred to the President’s Advisory Committee on Student Discipline. Careful records are kept in order to monitor and prevent recurrences.

It is the responsibility of each student to know about academic integrity and plagiarism by studying materials of the UBC’s Academic Integrity Resource Centre. For more information, see:

The teaching staff reserves the right to check for academic integrity, using such services as turnitin, any submitted written work by any student.

Non-Academic Misconduct

Mistreatment towards anyone in our university community is not acceptable. Mistreatment is disrespectful or unprofessional behavior that has a negative effect on a person or their learning environment, or conduct that is contrary to the principles that support a respectful environment. This includes making demeaning, offensive, belittling, and disrespectful comments, using abusive language, engaging in bullying, harassment, and discrimination.

If you have witnessed or been subject to mistreatment, there are people and support resources here to help. Find out how to get support or discuss an issue related to discrimination, bullying, harassment, or sexual misconduct through the non-academic misconduct.

Students are also welcome to submit comments, suggestions, and requests around Equity, Diversity, Inclusion, and Indigeneity (EDII) to the ECE Department’s EDII Committee Suggestions Box. Submissions can be anonymous, and are received directly by the ECE EDII Committee for review.

University Policies

UBC provides resources to support student learning and to maintain healthy lifestyles but recognizes that sometimes crises arise and so there are additional resources to access including those for survivors of sexual violence. UBC values respect for the person and ideas of all members of the academic community. Harassment and discrimination are not tolerated nor is suppression of academic freedom. UBC provides appropriate accommodation for students with disabilities and for religious, spiritual and cultural observances. UBC values academic honesty and students are expected to acknowledge the ideas generated by others and to uphold the highest academic standards in all of their actions. Details of the policies and how to access support are available here.