Towards the end of last year, I was admitted into Georgia Tech's OMSCS graduate program as part of the Spring 2022 cohort. I chose to enroll in CS 6035: Introduction to Information Security (IIS) as my first class for a few reasons: it was highly recommended on student forums, it was project-based, and perhaps most importantly, it is a subject area that I'm very interested in. I had never taken a dedicated security course in undergrad, so most of my knowledge up until recently had been learned on the job from mentors and coworkers. Fortunately, IIS lived up to my expectations for a survey course on computer security, and I'm very glad to have taken it.
The focus of the class (and 80% of the grade) was on the projects, which for the most part were excellent. There were four projects presented in this course:
gdb
to watch the code execute at the stack level. There was also an optional extra credit assignment associated with this project that required building an input with a NOP sled to perform a different attack.
Even though I enjoyed the projects, I think there is still some room for improvement for the course in general. The lectures were helpful at presenting key concepts, but at times were a little too high level and generalized. The book was more thorough and detailed than the lectures, but was also incredibly dry and covered a huge amount of material. The exams and quizzes had so few questions relative to the material covered that I felt they weren't a great gauge of how much information was actually retained, instead just testing if the student knew a particular bit of trivia.
Overall, I'd echo the sentiment that IIS is a great first class for new OMSCS students, and would recommend it to anyone interested in a survey of different topics in computer security. It was certainly challenging to get back into the student mindset after all these years, but I can already tell it has made an impact on both my foundational computer science knowledge as well as my personal discipline. I'm looking forward to the rest of the curriculum, and hopefully my future courses live up to the standards set by IIS.
~ MAD