Course Meeting Times

Lectures: 2 sessions / week, 1.5 hours / session

Recitations: 1 session / week, 1.5 hours / session


The prerequisites for the course are 6.033 Computer System Engineeringand 6.042J Mathematics for Computer Science. It is recommended that students have had 6.006 Introduction to Algorithmsor 6.046J Design and Analysis of Algorithmsand experience with modular arithmetic.


6.857 Network and Computer Securityis a 12-unit (3-0-9). H-level course intended primarily for seniors and first-year graduate students. It fits within the Computer Systems Concentration. Graduate students will receive H-credit for this class.


There is no required textbook for this course; lecture notes will be provided. A list of recommended books is available on the Related Resources page; that page also lists other references you may find useful.


6.857 Network and Computer Securityis a group-oriented course. Students will work in groups on both homeworks and the final project. It is not expected that your project group will be the same as your homework group(s), although that is perfectly fine.

The final project team should be determined by Lecture 10. To keep groups running smoothly, students should ensure that their fellow members are actively participating and should communicate regularly.


We will distribute five problem sets on a biweekly basis.

Homework should be submitted in PDF format. For homework involving non-trivial mathematics, students are strongly encouraged to use LaTeX to typeset their answers. Homework that is difficult for the graders to read will lose points.

Late homework will not be accepted. If in doubt, turn your problem set in early. Solutions will be distributed with corrected homework–hopefully within a week of being collected.

Generally, homework must be done in groups (although we reserve the right to require individual homework assignments). You are to work on group problem sets and final projects in groups of (preferably) three or four. Each group will turn in one problem set, and one grade will be given for each problem set. You must work in groups; homeworks turned in by individuals, pairs, pentuples, etc. will not be accepted.

Be sure that you understand and approve the solutions turned in to each problem. As noted above, the staff will establish the initial organization into groups for the first three problem sets, but you may organize your own groups for the later homeworks and for the final project.

We may occasionally assign homework that you must answer individually; see "Collaboration and Plagiarism" for the policy governing these assignments.


We will have one in-class quiz (Lecture 19). The quiz will test your knowledge of material from lectures, problem sets, and readings. There is no final exam.

Final Project

Students will be responsible for a final project. You must work in a group of three or four people. The nature and the topic of the project is your choice, although it needs the approval of the teaching staff. We will generally approve interesting topics about cryptography, network security, and / or computer security.

It is advisable to get started early; we will gladly accept proposals before the deadline. Early submission gives us a chance to review and approve your project proposal, and to suggest references that you may have overlooked.


Problem Sets 40%
Quizzes 20%
Final Project 40%

Collaboration and Plagiarism

No collaboration is permitted on the in-class quiz. All tests are open book and open notes, but closed electronic devices. We encourage you, however, to prepare for the quiz by discussing course material with your classmates.

You may collaborate with individuals from other groups in problem sets, but your solutions must be written up only by individuals from your group. For individual homework assignments (if any), you may discuss the problem set material with others. You must, however, write up your solutions independently.

If you do collaborate, acknowledge your collaborators in the write-up for each problem. If you obtain a solution with help (e.g., through library work or a friend), acknowledge your source and write up the solutions on your own. In most of your solutions, we will expect to see citations.

You may use any reference material to complete your homework assignments, including material on the Internet and material from previous years. However, we cannot emphasize enough that you must cite all your sources properly.

You must remove any possibility of someone else's work from being misconstrued as yours. Plagiarism and other anti-intellectual behavior will be dealt with severely.


This is a course on Network and Computer Security. Although the course is primarily concerned with techniques that are designed to increase the security of networks and computer systems, a proper understanding of those systems requires that you be versed in their vulnerabilities and failings as well.

Nevertheless, unless you have explicit written authorization from the owner and operators of a computer network or system, you should never attempt to penetrate that system or adversely affect that system's operation. Such actions are a violation of MIT policy and, in some cases, violations of State and Federal law. Likewise, you should refrain from writing computer viruses, worms, self-reproducing code, or other kinds of potentially damaging software for this course unless you have explicit, written approval for the specific type of software that you wish to create. These kinds of programs are notoriously difficult to control and their release (intentional or otherwise) can result in substantial civil and criminal penalties.

In particular, term projects involving an evaluation of security of existing commercial products or systems need the approval of the course staff, who may require that you obtain permission from the vendor / supplier (depending on the nature of your proposed evaluation).

We strongly recommend that you consult the Athena Rules of Use and Section 13.2 of the MIT Policies and Procedures "Policy on the Use of Information Technology".

Finally, we recommend that you read and review the ACM Code of Ethics and Professional Conduct.

We expect all students in this class to follow the guidelines presented in this document, and in the documents just cited. If you are in doubt about the legality or ethics of any activity related to this course, please consult the staff before undertaking any such activity.