Prof. Steven M. Bellovin
Tuesday Thursday 13:10–14:25
833 Mudd
Office Hours
See my home page.


Computer Security II is an advanced course on computer and network security. It is intended for security specialists, people who design and assess security systems.


Johnny Wang <jyw2119@...>
Wed 4:30pm-5:30pm


Thinking Security: Stopping Next Year's Hackers, Steven M. Bellovin, Addison-Wesley, 2016, ISBN 0-13-427754-6, 0-13-427754-6. NOTE WELL: the book is currently only available as an ebook. It is not available on Amazon; while you can buy the ebook from other online bookstores, if you use the publisher's site link you get three different formats: a .mobi (which you can load onto a Kindle), an .epub (for Nooks, Apple's iBooks, and many other readers), and a .pdf. All of these are watermarked to the purchaser but there is no DRM locking it to any single device.
Optional (and free!) text
Security Engineering, Second Edition, Ross J. Anderson, Wiley, 2008, ISBN-13: 978-0470068526, ISBN-10: 0470068523.
Other readings
Some readings will be from primary source materials.
Readings are listed for each lecture.


Computer Security I or the permission of the instructor.


Late assignments are subject to increasing penalties. There are no grace days or "free lates". See the slides from the first class for details.


There will be four or five homework assignments, a midterm, and a final. The (cumulative) final exam will be on the date assigned by the registrar; currently, that is May 10, 1:10–4:00.

All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures—and having the textbook open probably won't help...

Final grades are curved.