| Ganapathy V
Spring 2014, 01:198:419:01 — Computer Security
Enrollment= 39, Responses= 16
Part A: University-wide Questions:
|Student Responses||Weighted Means|
|1. The instructor was prepared for class and presented the material in an organized manner||0||0||2||3||10||1||4.53||4.07||4.21||4.24|
|2. The instructor responded effectively to student comments and questions||1||0||0||5||9||1||4.40||4.00||4.26||4.15|
|3. The instructor generated interest in the course material||1||0||2||5||7||1||4.13||3.63||3.92||3.91|
|4. The instructor had a positive attitude toward assisting all students in understanding course material||1||0||1||4||9||1||4.33||4.00||4.32||4.26|
|5. The instructor assigned grades fairly||0||0||3||5||7||1||4.27||3.85||4.22||4.12|
|6. The instructional methods encouraged student learning||1||1||1||7||5||1||3.93||3.63||3.93||3.88|
|7. I learned a great deal in this course||0||0||2||6||7||1||4.33||4.11||4.20||3.96|
|8. I had a strong prior interest in the subject matter and wanted to take this course||0||1||1||3||9||2||4.43||4.35||4.27||3.62|
|9. I rate the teaching effectiveness of the instructor as||0||2||0||6||7||1||4.20||3.74||4.05||3.91|
|10. I rate the overall quality of the course as||0||2||0||8||5||1||4.07||3.93||4.04||3.79|
What do you like best about this course?:
The homework assignments helped me learn a lot. I especially liked the programming ones (buffer overflow/NIDS).
Hands on experience where we coded for projects like the bufbomb lab
Professor Ganapathy lectures with fervor that makes it easy to get excited about the material. He's very friendly and approachable.
I liked the examples the professor gave in lecture. They are very helpful when trying to remember the specifics of a certain attack or security protocol.
All the examples were good demonstrators of the course material.
The buffer overflow project was somewhat interesting.
project was cool
If you were teaching this course, what would you do differently?:
I would like to see more hands on stuff in class than just in the homework.
Be less arrogant to students asking questions. The professor tried to encourage asking questions, however he did not respond with satisfying attitudes where students may have felt shutdown or embarrassed.
I would have more frequent homework assignments
The beginning section about Cryptography was a turn off for the rest of the class. The material was unnecessarily difficult. I mean that as a comparison to the actual class on Cryptography, Math 348. The best thing to do would be to make Math 348 a prerequisite to the class rather than try to stuff it into the first couple weeks. Also, looking at the syllabus, the class felt all over the place. The material went from the super theoretical with the cryptography section to stuff I could google with the mobile and web security sections and then back again with the tpm and information flow. Once again, cutting out cryptography would help with spending more time on a subject rather than jumping all over the place. The class would have flowed better if the material started with the web security stuff and then went deeper and more theoretical as the material showed how protocols, encryption, hardware, etc. solved the problems that we learned in web security.
In what ways, if any, has this course or the instructor encouraged your intellectual growth and progress?:
It increased my interest in computer security.
learned a lot about how Operating Systems through security
Other comments or suggestions::
Was not at all prepared for the amount of math in the beginning of the course. The amount of formulas and proofs we needed to miraculously know was obscene. If I had known about the math, I would not have taken the course. There should either be a prereq for the course that covers the math or you should pull the majority of it out into a CS crypto course.
Overall, this class felt disappointing. I was looking forward to learning how real world exploits happen and being able to do them in an academic environment, but instead I got a review on cryptography and memorizing things I could google in 10 seconds. The class definitely had a "researcher standing in as a professor" feel to it. The projects had potential but it too was wasted. Something current would have been fascinating but instead, we learned how to stack smash software from 20 years ago. At least now I know how to secure Windows 95. The custom IDS in HMWK 3 was also useless. It would have been more interesting to actually write software to do ARP spoofing or a port scan rather than writing a dumbed down version of something Wireshark can do. Actually, a lesson on Wireshark and all of its features and why they are useful would have been more interesting. In addition, this past semester saw the Heartbleed vulnerability. I was excited to hear what insight I could learn from being in a Computer Security class as the events were unfolding. But again I was disappointed. This was probably the most frustrating part of the class. This was something that was massive news for a good portion of the internet. I signed up for this class because I wanted to learn about things like this and we hardly talked about it. At this point in the class it felt like the instructor did not really care about teaching a class where a student could properly learn, and for me the class became about what grade I could get rather than what I could learn.
I feel the class was challenging because the prerequisites did not necessarily cover some of the base material. Best example was the modular arithmetic. I found out that Chinese remainder theorem was a key thing to know and we were supposed to learn it in CS205 here. I did not learn about it until now.