CS8395 — Topics in Computer Security

Meetings and Details (Spring 2024)


Meetings: MW 2:30p - 3:45p Central time

Featheringill Hall 132 (FGH132)

None required.


Prof. Kevin Leach

Office: Sony Buildling, 4110

Ngoc Tran

Office Sony Building, 4120

Office Hours
Mondays after class, 3:45p - 5:00p CT, and by appointment.
In FGH132 or Sony 4110.
Tuesdays/Thursdays 12:00p - 1:00p CT.
In Sony 4120.

Piazza Forum

Brightspace is not used for this course.


This course considers...
  • How do we read, understand, and criticize research in computer science?
  • How do we communicate novel scientific findings with the computer science and computer security communities?
  • How do adversaries compromise computer systems?
  • Can we write software that prevents adversaries from accessing systems?
  • What software techniques are used to detect when a system is compromised?

Modern computer systems have become an essential part of society. From medical devices to banking software to self-driving cars to military, software controls systems that have a critical impact on people's lives. Unfortunately, this has led to a growth in malicious adversaries seeking to steal data, hijack control of software, masquerade as legitimate users, and disable access to software systems. Computer security is an increasingly important area of computer science focsued on the detection and prevention of such adversaries.

Attendance, Participation, and COVID

You must attend the lecture meeting time, 2:30PM-3:45PM Central time in FGH 132 on Mondays and Wednesadays. Attendance will be assessed based on your participation in in-class discussions of assigned papers.

Students can earn extra credit by participating in human subject studies. Often, research projects in this class or in the department require participation from human subjects — that is, researchers often study human behavior in various contexts. For such studies, a key component to success if gathering enough participants to yield statistically significant results. When a study is advertised in class for recruitment, you are encouraged to participate, and, when possible, you will be given extra credit.

Students are also required to check the course website regularly for updates or changes to the schedule. You should also participate in the Piazza forum, which you should be enrolled in automatically. If you are not enrolled in the course Piazza, please email Kevin Leach (kevin.leach@vanderbilt.edu).

To reduce student stress and provide support for individual circumstances, each student may miss three classes without excuse without penalty. You don't need to report anything; these will be applied automatically. If other circumstances arise, you are welcome to talk to me about in-class participation.

This class is currently scheduled to be in-person following guidelines from Vanderbilt administration. Please comply with relevant Vanderbilt policies. If you are feeling ill, please contact me and we will work to ensure you are not penalized in terms of participation or grade. Please self-isolate if you contract COVID-19.

Grading Breakdown

There are no exams for this class. The grading breakdown is as follows:

By default, this class has no curve. If we do curve, it will only be to your benefit, and only calculated at the end of the semester (rather than per-assignment, etc.).


This course is primarily about reading and discussing relevant research papers in cybersecurity. As a result, you are expected to read the assigned paper before the scheduled class period. Students will be randomly assigned to create 10-minute presentations about each paper. In addition, you are required to submit a written review of the paper by 12PM Central time on the day the paper is assigned.

Reading reviews should be 400 words or fewer, in plaintext form, submitted to me via the submission system. You must include your VUNetID and Vanderbilt email address in your submission. Please address the following questions in your paper reviews:

Students will be randomly assigned to create 10-minute presentations before certain papers are discussed in class. You will receive at least a week's notice before presenting any paper. In your presentation, address the questions above, citing relevant figures or text from the paper to support your claims.


You are required to work on a research project during the semester. There will be a Project Pitch where you discuss an initial project idea early in the semester so you can establish your team and get feedback. Then, there will be a Project Proposal in which you present a proposed project to the class before Spring Break. At the end of the semester, you will present a Project Presentation containing the results you have.

You can work in groups of 1, 2, or 3 students. It is up to you to find project partners; you are welcome to use the Piazza forum to do so.

You have two options for your semester project:

  1. You can work on a novel research idea, in which you work on a technique or area that solves a security project. Under this option, the goal is to develop a project that culminates in a manuscript that can be submitted to a cybersecurity conference or workshop. This option is suitable for PhD students and is my preference if you are pursuing a research degree or are interested in joining my group.
  2. You can work on a Systematization of Knowledge project, in which you will systematize knowledge of a particular area of cybersecurity. SoK papers are a good option if you are a new researcher (e.g., a first year graduate student).

You can pick whichever option you like; there is no difference, penalty, or benefit from choosing one option over the other.

Picking a research topic

You can meet with me to discuss potential research ideas for a project. In addition, a list of potential highl-level topics is below:

Novel research

Ideally, your project will culminate in a written project report that is worth submitting to a conference or workshop venue. If you are interested in submitting your work for peer-review, I am happy to work with you, even after the semester ends, provided the work is of acceptable quality.

Systematization of Knowledge

As an alternative, you are welcome to work on a Systematization of Knowledge project. SoK projects are surveys of existing literature in a specific area (e.g., "malware analysis," "election cybersecurity," "cloud resource management," etc.). If you elect to do an SoK project, your project proposal presentation will incorporate why the area matters and is worth systematizing as well as a table of citations that you will explore and taxonomize.

In-class Discussion

You are expected to read and be prepared to discuss assigned papers before each class. Part of your grade will depend on your participation in these discussions, as criticizing research is an important skill in the scientific community that I want you to practice. A goal of this class is to help you learn to understand and scrutinize research. To that end, I do not expect you to articulate paper ideas perfectly, so please participate as best you can so you can practice this important skill.


There will be three homework assignments due throughout the semester. These assignments are meant to expose you to relevant technologies used in the security space. You will work with virtual machines, binary attacks, penetration testing tools, binary analysis frameworks, static analysis tools, and network analysis tools. These homeworks are not intended to be overly arduous as you are expected to focus on your project and the readings. To that end, please think of the homeworks as a basis for exposure to cool tools or techniques that you can use for inspiration on your own projects.

Each assignment has its own page available on the navigation bar at the top of the page.

Late Assignment Policy

Because we intend to discuss research the day the papers are assigned, we will not accept late reading review submissions without documented need for an extension (e.g., illness). Please email me if you need to submit something late, before the deadline if possible. If you are sick and unable to communicate with me in a timely manner, I may ask you for documentation (e.g., a doctor's note) in deciding how to resolve that issue.

Student Mental Health

Students often experience strained relationships, increased anxiety, alcohol or drug problems, feeling down, difficulting concentrating, family issues, or a lack of motivation, and certainly renewed risks associated with COVID are likely to introduce its own issues. Students often experience mental health problems but do not talk about them. I am committed to helping students that encounter such concerns. Please see the student care network for Vanderbilt resources for student support.

Research Materials

Your class work might be used for research purposes. For example, we may used anonymized student assignments (including reading reviews, project manuscripts, and homework assignments) to help understand how computer science majors make various decisions. Any student who wishes to opt out can contact Kevin Leach (kevin.leach@vanderbilt.edu) to do so at any point during the semester or after final grades have been released. This has no impact on your grade in any manner.

Although I am not currently recruiting students to work with me in my group, I am happy to discuss research, your career here and beyond, and other aspects of computer science and life in general. I am happy to discuss term research projects, independent study, or discussing the process for serving on a committee for you.