University of Southern California


CS530L - Security Systems
lab component
David Morgan

see "Syllabus" link for email address

German "Enigma" cryptographic device




CS530 main class


Cryptography & Key Mgmt



Application security

Packet sniffing


Intrusion detection

Arp spoofing

Tunnels and vpns

Filesystem labeling





FALL 2020
lecture 4:30p - 5:20p, remotely via Webex

In the past century, information systems security was the limited focus of the military and the financial communities. Now, with the explosive growth and merging of telecommunications and computing, security has become an integral element of any reliable and robust information systems environment. This class will cover information systems security at the graduate level. Students should have a basic understanding of networking and operating systems prior to attending the class.

Welcome - I am happy to be at work this Fall at USC, and that you are with me. Thank you for the adjustments you perforce have made in order to convert to remote attendance and operation, wherever you are. I am going to make this semester's lab class better than its undisrupted former incarnation.

Fall 2021 CS530 grader position - information here. (11/13)

Lab calendar adjusted
- for the October 9 midterm:

Lecture topic Lecture date Due date
cryptography 9/4 9/25
authentication 9/11 9/25
authorization 9/18 9/25
application security 9/25 10/2
   midterm 10/9
packet sniffing 10/2 10/16
firewalls 10/16 10/23
intrustion detection 10/23 10/30
arp spoofing 10/30 11/6
tunnels and vpns 11/6 11/13
selinux filesystem labeling 11/13 11/20

Office hours meetings -
We will hold a Zoom office hour on upcoming Thursdays between 11am and 12pm. Grader Akshay Kumar will provide a Zoom link, and I also plan to attend. Please bring any questions you may have about the lab exercises, grading, or related issues. (9/20)

USC hardware and software for students - An avenue for any students who have remaining difficulty importing and running my supplied virtual machines in VirtualBox has been called to my attention. The University's VMware Academic Program offers free licenses to students for VMware Workstation for Windows and VMware Fusion for Macs. ova files are agnostic to the virtualization platform, and mine should load into VMware. It's been suggested that, on Macs, a VM that has trouble under VirtualBox may be free of that trouble under VMware. (Incidentally the machine started out under VMware, whence it was exported, imported into VirtualBox, and modified; it has a VMware ancestry.) As well, there is a Technology Assistance program that can provide host computers to students on a rental basis. (9/20)

Office hours Sunday 9/20 1pm - optional tech support and catch-up meeting. No formal agenda. Your questions on mechanics and the first labs so far. Zoom invitation will be emailed. (9/18)

Today's technical therapy session on VM installation issues - that is, office hours type get-together for collective help getting your VMs off the ground. 5-10 students attended. We discussed tips and diagnosed various difficulties. If you have the distributed VM downloaded and running, you won't much need to hear this recording but someone might. (9/6)

Virtual machine usage - you may have succeeded in downloading and installing VirtualBox and my supplied base VM (last week's link below). You may also have downloaded my scripts which clone the base machine, and otherwise configure the clones. Now, when you boot one of these machines up, how do you use it?
- Your VM's configuration
- Transferring files in and out of it if necessary
- VirtualBox networking "complete guide" - a good website on the subject (9/4)

My supplementary RSA lecture available online
Here are online slides, with my narration,  from the portion of this week's lecture covering the steps and math of the RSA algorithm. We may not have time to cover them during lab. They are closely related to the first lab activity you'll do. You should listen to them if you like (it would definitely help) before doing the lab. (9/4)

Tools for our use will be Webex/D2L and VirtualBox. I will give a weekly lecture thorough USC's Webex on D2L. It will be recorded. Corresponding lab exercises for you to perform will follow. Instructions for each lab exercise will be posted online weekly, here on this website (under respective lab-specific links at left). Most if not all of the lab exercises will be performed in VirtualBox virtual machines (VMs). We will make the needed, prepared VMs available as ".ova" files for you to import into VirtualBox on your machine. (8/28)

Slides from today's lecture in color or greyscale.(8/28)

Lab calendar schedule -as currently anticipated for whole semester:

Lecture topic Lecture date Due date


8/28 n/a
cryptography 9/4 9/11
authentication 9/11 9/18
authorization 9/18 9/25
application security 9/25 10/2
packet sniffing 10/2 10/9
firewalls 10/9 10/16
intrustion detection 10/16 10/23
arp spoofing 10/23 10/30
tunnels and vpns 10/30 11/6
filesystem labeling 11/6 11/13

but expect possible adjustment to accommodate midterm week early October


First homework tasks -

 1) prepare virtual platform
     - download and install VirtualBox
     - download the virtual machine called "fedora30-fall20" and attendant scripts (detailed instructions v2, 9/5/20)
     - import the fedora30-fall20 VM into your copy of VirtualBox
 2) visit link at left entitled "Cryptography" under the heading "Labs." 
Our upcoming initial lab topic will be on the subject of cryptography. My lecture on the subject will be September 4, with corresponding lab exercise (the first one) performed during the ensuing week. (8/28)

Email filter rule keywords we use for managing the 10 reports you submit to us are:


for the respective labs we do over 10 weeks. Please be sure to embed these keywords in the titles of the email messages in which you will submit your work. (8/28)