October 24, 2014, BY Heather Johns

Please note: You are viewing an archived Bucknell University news story. It is possible that information found on this page has become outdated or inaccurate, and links and images contained within are not guaranteed to function correctly.

[X] Close this message.

Welcome to "Cool Classes," a regular feature that highlights the interesting, intriguing and unexpected in Bucknell University's course catalog.

What class? CSCI 362: Computer and Network Security

Who teaches it? Professor L. Felipe Perrone, computer science

"This class covers the theory behind computer security and, at the same time, gives students a lot of practical experience. Throughout the semester, students work in teams to install, configure and maintain a networked computer in a simulated hostile environment.

"Although our lab provides us with a network circuit that is isolated from threats that would come in from the internet, teams of students are asked to try their best to break into the systems maintained by others. This creates a sort of game in which students learn by directly experiencing the hardships of keeping a computer secure. When we work with theoretical aspects of security, we work with an active learning approach, so that students have the opportunity to put concepts to practice as much as possible.

"Every time a team gets hacked, it gives me an invaluable teaching moment to use. We discuss the vulnerability that opened the system up to attack, and how to recover from the attack and patch the system to be stronger in the future.

"I want students to know that security is hard work, which requires one to stay up to date on the most recent exploits advertised in the technical media. At the same time, I want them to be able to relate the practical aspects of security to broader considerations that include theory and also the psychological framework of users, system administrators and malicious hackers. The overarching idea is that I want to develop a security mindset in my students, which will guide them in thinking about security throughout all stages of the development and the operation of a computing system or application.

"More often than not, students are actively working  in the classroom, so that they can put concepts to practice and test them immediately. Additionally, we have programming assignments in which we refine our abilities to develop secure programs.

"It surprises students how easily their systems get hacked at the start of the semester, and how much hard work is involved in securing a computing system. Paraphrasing Bruce Schneier, a well-known security expert, you cannot just sprinkle some 'magic dust' on a system to make it secure. Security needs to be 'baked in' to the system from its first conception and maintained throughout its lifecycle."

Learn more about the Department of Computer Science.

Are we missing out on a cool class? Send suggestions to heather.johns@bucknell.edu.