Reviews for CMSC414

Information Review
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/19/2024
No exams and standards-based grading. Those are the primary reasons people flock to take Dr. Marsh, and for good reason. Most assignments can be resubmitted until the end of the semester, and you know exactly where you stand for most of the class. There are pitfalls in the philosophy, but overall, it was a nice change of pace compared to most of the classes I've taken. Dr. Marsh is a very chill professor, and he clearly has good experience in computer security. Unfortunately, I don't think he's the best lecturer. There's a reason attendance reportedly got as low as about 5 people some classes: people just didn't see a reason to keep going. For personal reasons, I didn't go to lectures in October. It's not like class performance suffered very much in spite of this, as a majority of the class are getting A's, if the ELMS statistics are anything to go by. I think it's mostly a presentation issue, as while there are (optional) exercises worked through live in class, I never really understood anything based off of the lectures. Live coding is a hard act to pull off effectively, and I don't think live demonstrations are Dr. Marsh's strongsuit. I feel like class periods were much more effective when they were essentially just office hours, as Dr. Marsh seemed much better at answering individual and specific questions about assignments. I'm conflicted because I see what Dr. Marsh is trying to do, but I think there needs to be more supplemental material (maybe a whiteboard program with a drawing tablet to illustrate the point of the coding exercises) to really make the lectures work. The nature of the build-it document resubmission should have been more clear (for context, build-it is designing a basic client-server architecture in C with all compiler security helpers turned off, and break-it consists of finding and exploiting a vulnerability in another group's submission). Dr. Marsh stated that the initial submission was due December 2nd, and that resubmissions would be available until the day before the final challenge problems were released. However, resubmissions weren't allowed to address vulnerabilities not addressed in the original submission, as we would have had an opportunity to look at other groups' build-it documents during the break-it phase. I think that's fine in general, but it wasn't explicitly stated in the syllabus or project description, so I believed that resubmissions just needed to correspond to the implementation submitted on December 2nd. It was a problem for my group, as for the 5 vulnerabilities we included, 2 of them were deemed invalid in our first submission, which resulted in an R (we needed an M or better on the EMRN scale to get a B or better in the class). We got it regraded to an M based on the criteria outlined for resubmissions (which a TA sent in a Piazza reply rather than any sort of official announcement), but things really should have been more clear from the start. Speaking of clarity, the projects. There's value in keeping certain things ambiguous, but I think the cryptography project in particular was a bit too vague. I couldn't really figure out what I needed to do from the project description, and I mainly figured out what to do by corresponding with others (corresponding with others is not an academic integrity violation in Dr. Marsh's eyes, though sharing implementation details is of course). It didn't help that to start with, the Gitlab repository for the project only has the README, and all of the ciphertext streams (64K in total, so not large files) are in ELMS. A bit more clarity, and maybe an example for the expected output of task 1 at least, would be helpful. Additionally, not particularly related to clarity, project 1 is kind of a rude awakening for many people. From what I can tell, the last time many people in the class did C was CMSC216. It's not much code, and it's free if you live and breathe assembly, but it relies on really understanding the stack layout of a compiled C program. The class has several challenge problems, which are essentially just write-ups. Honestly, I kind of enjoyed them. They're kind of what you put into them, and due to my internal need to answer each of them as thoroughly as I could, I did a lot of research for many of them, so I'd say I learned a fair bit. They're not going to give you expertise in any particular topic or anything, but for a class focused on the breadth of computer security, I would say these assignments did their job. Please just do them throughout the semester as intended. Procrastination was not my friend, so I didn't just barely get an A, but I barely passed as well. Overall, if you can get into this class, you should be fine if you have any sort of self-control. I have my issues, but given the structure and grading scheme of this class, they are far from deal breakers.
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/14/2024
Because of the way he structures his course, I think you might learn more if you take a different professor. That being said, you could also learn a lot less and be far more stressed about it. Overall I think he's a decent teacher but this definitely felt like a much more conceptual course than a technical one (after the first few weeks, which were admittedly quite technical and a bit difficult).
Zaoxing Liu
CMSC414

Expecting an A
Anonymous
09/30/2024
I got an A and I learned a lot from the class. Pros: Dr. Liu is a nice guy. He was engaging, knowledgeable, and can explain things well. His lectures were good. He was a generous grader I can tell and he gave extensions. email and piazza response were fast. Cons: Some topics cover like ML security was not fitting the scope of the course well. One thing was that all sections of the course had some late turnaround on projects and midterms, which really annoyed people. His TAs were medicore - made a lot of mistakes. I gave 5 star just for the prof but the TAs.
Dave Levin
CMSC414

Expecting a B
Anonymous
08/27/2024
I had an A in this class but he refused to acknowledge my regrade requests and ignored all my emails so I received a 17 percent on project 4 and my grade dropped 3 letter grades gg
Yizheng Chen
CMSC414

Expecting a B
Anonymous
06/19/2024
Seems like she cares more about research than teaching the class. Project were WAY to long and very unclear. By the beginning of may only midterm 1 and project 1 had been graded. Averages on exams were C-/D+. Lectures were fairly boring and she doesn’t really answer questions in a clear way. She has no practice material of her own, so studying for exams was difficult. And ZERO communication on piazza. All in all avoid!!
Yizheng Chen
CMSC414

Expecting an A-
Anonymous
06/13/2024
She is super kind and tries to be understanding but she is not great at teaching. There are four projects that are time-consuming and confusing because the project descriptions are very contradicting and do not give enough information. The content of the projects are not covered in class very well, so you are expected to do a lot of learning on your own. Practice exams are very old and do not reflect how the actual exam will look. Her exams were written so poorly that everyone was confused about different assumptions and means were consistently Cs/Ds. Overall, the class is interesting but very difficult. It was heavily curved.
Dave Levin
CMSC414

Expecting an A+
Anonymous
05/23/2024
Dave's an engaging lecturer and explains topics relatively well. His exams are fair, but he likes to throw some curveballs. The projects were not too difficult, but the TAs were awful. The only issue is that he's really bad with course organization. Projects and midterms have an extremely late turnaround which can get quite annoying. However, he makes it up by lowering cutoffs and giving extra credit (up to 5%). He covered some topics this semester such as ML security which didn't fit in the scope of the class, and he also didn't do the traditional build-it/break-it which was disappointing.
Dave Levin
CMSC414

Expecting an A
Anonymous
05/19/2024
The content of this class is incredibly useful, even to those who are going for a career in software engineering, which is something the title might not initially suggest. Dave does a really good job of covering the essentials for all the topics in the class, without diving into details that aren't relevant. He reminded us regularly that this is not a course in networking or crypto, and thus when we get to the security of those topics we treat concepts as "black-boxes", as in he goes over applicable functionality without diving into details. This is something I really appreciated, because it kept the class relevant and focused on security. Assignments in this class are each weighted heavily because there aren't that many of them. Projects are generally somewhat difficult, but you have plenty of time to work on them and they reinforce the topics well. The exams are fair, the questions are hard but he gives tons of partial credit and practice exams. The grading in this course wasn't great. It took about 6 weeks to get our midterm 1 grade back, and some of the project grades didn't come back until weeks after the deadlines. Going into the last week of the semester a lot of students weren't sure where they stood in the class since we were missing a lot of our grades. He frequently missed the deadlines he set for himself to get grades back to us. This was my only real complaint with the class.
Zaoxing Liu
CMSC414

Expecting an A
Anonymous
05/19/2024
Note: I believe Professor Liu's U.S. name is Alan Liu, so all of his other reviews are listed on PT under that name. That being said, Alan is a great dude, and I would say that he teaches the course well. If you like to break stuff (in the software sense) then this is the course for you. This course is like the opposite of CMSC417 project-wise. Projects don't require nearly as much code - sometimes you an pass a test case with just 4, 5 lines - however, they still require a significant time investment. A lot of the effort that is used to complete it is spent on *thinking* and not actually programming because you're trying to induce a particular type of behavior that isn't supposed to happen. Don't be surprised if you have to sit and think for 75-80% of the time or play around with a bunch of different values based on what you understand about the computer architecture/processing before you start to actually implement a solution. Exams and projects are fair if you don't slack off, and he even provides a one-time no excuse extension. I definitely learned a lot in this course, not just security-wise but in general with topics including but not limited to SQL, DNS, TLS, x86 Assembly, Torr, etc. I would def recommend.
Michael Marsh
CMSC414

Expecting an A
Anonymous
05/17/2024
I took 414 Spring 2023. His flipped classroom approach and low-stakes quizzes were a breath of fresh air. His grading policy was very straightforward which made figuring out your grades a lot less stressful. If you consider yourself bad at time management, he may not be the right professor for you. Things may have changed since I took this class, so this might not be accurate anymore, but assignments weren't officially due until the very end of the semester. If you're unable to keep up with the recommended schedule, you might find yourself having to do everything at the last minute. Some of the projects (especially the first one, which was about buffer overflow and NOP sleds) took quite some time to do, so watch out! 414 was very interesting and you learn a little bit about a lot of different things. I think it's quite useful in figuring out whether computer security is a field you'd be interested in pursuing. Marsh was also very nice and friendly; the TAs on piazza were also super helpful (shout out to Julio!).
Dave Levin
CMSC414

Expecting a B
Anonymous
05/16/2024
One of the best lecturers UMD has, but his research is what really makes them interesting. Always has funny stories and is a real expert in his field. Couldn't recommend this class (with Dave) any more to any CS undergrad. The content is super relevant, eye-opening, and you'll learn a lot. First two projects were most challenging. Take the class seriously and you'll be rewarded, not something that can be said about every upper level cs class.
Dave Levin
CMSC414

Expecting an A
Anonymous
05/15/2024
Pros: Excellent lecturing Kind professor Reasonable grade distribution (projects are weighted 50% and exams are the other 50%) Nice workload (though I wish we have more practice) Cons: Piazza is fairly unanswered Projects are released far later than stated Grades are far behind schedule. Midterm 2 was a month after 1, but we took the 2nd midterm without having grades for the 1st. OH are limited <10 hrs a week total with insane queues. Dave is great. His TAs were the problem imo. I'm giving him 5 stars because he did a pretty great job overall.
Yizheng Chen
CMSC414

Expecting a C
honestcskid
05/14/2024
Don't take this class. I came in with significant cybersecurity experience and the class is extremely poorly directed. Exams have little relevance to what we do in class, and the projects weren't graded until finals week, when it was too late to realize how poorly I was doing in the class-- projects had no test cases and no submit server, so I was blindsided by the grades I received on them. TAs and professor are absent on piazza and the lectures were boring. I dont think I learned anything. Our last project was a machine learning project for some reason. This class destroyed my GPA. Do not recommend
Yizheng Chen
CMSC414

Expecting an F
Anonymous
05/14/2024
Yo please do not take this prof, she is so unorganized and she is so bad at teaching. During lectures she contradicts herself each time when a student asks a question. She also makes the exams look nothing like the practice that she gives. To add on, when she answers questions, she is always not sure about her answer. The grading in this class is so bad that they release grades two months after the deadline. PLEASE AVOID THIS PROF
Yizheng Chen
CMSC414

Anonymous
05/10/2024
this is her first semester teaching at umd and she really needs to improve. this has to be the worst, most disorganized class i've ever taken here. she goes very fast during lectures and expects us to know much more than we should. the piazza was very inactive and we had questions about projects that were only answered after the projects were due. the TAs were also clueless about the projects and we ended up going to other sections' TAs' office hours which were much more helpful. our midterm averages were very low (about 72 and 70) and there was no clear curve. when students asked questions about projects or grading in class she said "I don't know". our project grades from months ago were only posted recently. instead of network security our 4th project was on ml security which was almost completely irrelevant to our lectures and was apparently given only because she does ml security research. there was also no clear way to check if our results were correct. the only positive thing about this class was that the projects were worth half our grade. i would never want to take this class again. please avoid.
Yizheng Chen
CMSC414

Expecting a B
Anonymous
05/10/2024
While this is her first semester teaching an undergrad class at UMD, she isn't the best. Far from it. I think she could learn from Cliff and his TAs and actually answer any Piazza posts. I'm not confident in her knowledge on the subject given how much she says "I think" and "I don't know". I think the only lecture she knew her stuff about was the one about her research: ML security. Furthermore, how she structures her exams are completely different than previous ones. The first exam barely corresponding to the format of any previous practice exams. Its Reading Day and we have 3 and a half grades. The autograder script for our second project is broken and we all have bad grades. I swear half the TAs are comatose and if they wake up, they spout incorrect information and mislead us. The last project was changed from the typical networking one (allegedly because they couldn't get it working) to a ML project that had nothing to do with anything in the latter half of the class, and I swear the only reason why we had the ML project is because of her research being in the same field. What pisses me off the most is that the next and previous semesters have had and will have a much easier time than us.
Yizheng Chen
CMSC414

Expecting a B-
Anonymous
05/09/2024
This professor is so bad like omg. She cannot teach for life and her lectures is basically reading the slides. Both her exams averages are bad and idk if im going to pass because only 2 grades are in canvas and I am writing this in finals wee.
Michael Marsh
CMSC414

Expecting an A
Anonymous
02/17/2024
Took this class Spring 2023. Self paced, and guaranteed A if you're willing to put the work on it. Highly Highly recommend.
Michelle Mazurek
CMSC414

Expecting a B
whiskers
12/22/2023
the goat 414 professor shes a really really good lecturer whos really interested and invested in the subject matter. i came into this class with a lot of prior experience, and she hit all the checkboxes on explaining the material. for extra credit on the final, she let u send her an original meme or joke about the class material. that should say everything u need to know about her attitude towards teaching. the projects were kind of code based, but it was more of, the code was set up for the environment of whatever attack you are studying. for the first 3 projects you get 6 free, no penalty late days to use for those projects. the last project is a group project, so understandably no free late submissions. as for exams, shes kinda harsh if the questions are conceptual, but there are a good amount of applied knowledge questions to make up for it if she doesnt like the way you write about something.
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/21/2023
Apart of the reverse classroom era so take this review with a grain of salt incase things change. This semester we had no exams and the final was "challenge" questions that the TAs pretty much just gave everybody A's on. Projects were unlimited submissions and there were no hard deadlines until the last day of the semester. As somebody who doesn't like going to much class, the reversed classroom style was really great for my convenience.. Unfortunately, I can't say I learned as much as I probably should have throughout the semester since the projects and unlimited attempt quizzes were pretty minimal in terms of the content Marsh probably covered in lecture. That being said, this was my choice to not really engage with the material as much as I probably should have. The flipped classroom exacerbated this but if you're into computer and network security and really want to learn a lot, Marsh makes that 100% possible. It seems like everybody's only really on board for the free A, which I can tell you is free as long as you do everything.
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/14/2023
Great professor, very smart, and loves to help. With that, it feels as if his style is too chill, so if you often procrastinate, it may be bad to take it with him because you can push every assignment to the last week of the semester with no punishment. The flipped classroom for me was positive in that I didn't go to class, but I don't feel I learned that much. It lead me to just do the rather simple projects and just guess and check on the unlimited attempt quizzes until I finished modules. You do not need much knowledge from the course to do the projects (besides the hardest one which is the buffer overflow one), so watching or going to the lectures is up to you. I recommend him if you can handle doing work on your own time and/or will go to all of the discussions (there were max 15/200+ students that went to the lecture by the end).
Michelle Mazurek
CMSC414

Expecting an A
kcanha
12/02/2023
Great professor, lectures were easy enough to understand and engaging enough for me. Some projects were kinda hard, but i learned a lot. Also late days were great, she gave us 6 to use for any project to distribute as we like. Made it much lower stress. She was generally nice and answered questions well. Class was consistent, organized well.
Michelle Mazurek
CMSC414

Expecting an A
Anonymous
10/25/2023
Dr. Mazurek is a clear lecturer with enthusiasm for the topic. Lectures are recorded and slides posted. The content itself includes memory safety, web security, password stuff, cryptography, network security, privacy, and human factors stuff, with a couple guest lectures as well. Exam questions closely follow the material from slides and the projects: if you make a good cheat sheet you're golden. Grading is only based on the 2 midterms, the final, and 4 projects. The projects take time but are very doable with 6 late days to use as you please. 414 with Mazurek is definitely one of the easier 41Xs.
Michael Marsh
CMSC414

Expecting an A
Anonymous
05/31/2023
do yourself a favor and take any class marsh teaches. ive had him for 414, 436, and 420 - his teaching style is extremely chill and fair. highly recommend, one of the goats.
Michael Marsh
CMSC414

Expecting an A
Anonymous
05/28/2023
Used the flipped classroom model with every assignment due at the end of the semester. Personally wasn't a big fan of this. If you do take the class, take it with one or two of your friends so you can do work with them and stay up to date. Also don't wait to start projects or challenge problems. TAs were very helpful for projects. You definitely don't learn as much as you would with a normal class, but you still learn a decent amount nonetheless. Also its an extremely low-stress class due to there not being any exams which is nice.
Michael Marsh
CMSC414

Expecting an A
Charl1e1029
05/26/2023
As you may have seen in other reviews, Marsh used a flipped classroom model for this course and made all deadlines soft for assignments. This made all assignments have a hard deadline on the last day of finals with no late penalties on assignments. I definitely appreciated this classroom formatting, as it made it a lot less stressful to get the grade you're working towards. This class was graded off of 3 core modules: Basic Objectives, Challenge Problems, and Projects. The basic objectives were simply canvas quizzes you had to get a 5/5 on based off of recorded lecture material, and the Challenge Problems were written response prompts graded out of 3. Although you had to get at least a 2/3 on many of the challenge problems, everything was resubmittable, thus making it easy to improve upon any bad grades. The projects of this class were not like standard CS projects you'd typically face. Most of these projects required MUCH more thinking rather than physical coding. I personally spent a majority of the time on these projects thinking it out rather than typing out lines of code/debugging. You will most likely be completely lost at first when starting projects, but one you get it, its a no brainer. To get an A or B in this class, you MUST score 100% on these projects, which is daunting at first, but the ability to resubmit as well as the fact that the projects are graded mostly off of functionality and not things like secret tests makes them more bearable. There is also a group project... and lets just say you can do it individually but finding a good group really helps with it's completion. Lastly, there is a final that is 4 extra challenge problems. It is only required if you want an A or B, and isn't much more difficult than the standard challenge problems. I would say the hardest thing about this class is staying motivated. Because the deadlines are soft, it is easy to brush assignments away and let them pile up throughout the semester. I'd say 3/4ths into the semester, only about half the class had finished the FIRST project (note that by this time you should've been done with the THIRD). This will make this class BEYOND stressful for the end of semester, so if you do take this class, do yourself a favor and STAY ON TOP OF YOUR WORK. Other than that, Marsh truly is an understanding professor, and his lectures are typically helpful practice on project concepts and/or Q&A sessions regarding projects/course topics.
Michael Marsh
CMSC414

Expecting a B
Anonymous
05/16/2023
Marsh used a flipped classroom model with soft deadlines for 414, which based on other reviews is something that he does frequently. As a lecturer he is pretty good and engaging, however, I disliked pretty much every other thing about his teaching style and class structure. Soft deadlines is great on paper, until you realize that they provide absolutely no motivation to get any work done before the end of the semester, which is something that every other student I've talked to has also struggled with in this class. Additionally, it is much harder to be motivated to watch an hour worth of lecture videos than it is to attend lecture. Finally, his instructions for the projects are essentially completely useless and don't give any guidance at all. I legitimately do not believe I learned a single thing from this class.
Michael Marsh
CMSC414

Expecting an A
Anonymous
01/11/2023
Like Marsh's other classes, he uses a flipped classroom model for 414. For Fall 2022, he did something a bit different for 414. He made all the deadlines soft, meaning he had suggested deadlines but you didn't actually have to finish the coursework until the end of the semester. He said it was an experiment for this semester, but I believe he planned on doing it again. This also meant that there were no tests. This lead to some people putting off projects for the whole semester, which I do not recommend. I think like 3/4 of the way through the semester, he said only 50% of people completed the first project. Marsh had quizzes "due" before every lecture, but since we had soft deadlines you could complete them at any time. The quizzes had unlimited tries and it told you what you got wrong. His lectures for some of the latter course material could be a bit tough to understand. He has to quickly explain complex topics like cryptography and networking, in order to dive into the security exploits for them. A lot of the material is tough to understand, but he doesn't test on it aside from the lecture quizzes and challenge problems (more on that later). There were 3 solo projects and 1 team project. The first and third projects (buffer overflow and cryptography) are the hardest. The hardest part of Marsh's projects is starting them because you can be completely lost in the beginning. Once you figure out how to start them, they aren't that bad. His lecture videos don't really help at all, but he tends to answer questions for in-person lectures that help you start. The second project is easy and the fourth is a group project which is not that hard, but you have to do it in C so that makes it hard. You had to get a 100 on all the projects and quizzes in order to pass the class, but that isn't as daunting as it seems. He gives detailed notes on the projects to tell you what you did wrong if you didn't get a 100 so you can fix it. Your entire grade is calculated by "challenge problems" which are scored from a scale of 1-3. These are free-response, practical questions about a module usually based on lecture material. You get unlimited time to do them, they're all online, and you are encourage to look up stuff to help with them. These were graded very leniently with most people getting full points on them. They can be a bit of pain to research, but as I said, they are graded leniently. You also get to re-submit them for corrections. If Marsh keeps his soft deadline model for this class, I would definitely recommend it. Without it, this class could definitely be tough. I enjoyed not feeling too stressed when a project deadline loomed since I could submit it a few days later. If Marsh actually tested on the lecture material instead of doing challenge problems, I would not have done well on the tests. With this system though, the class was not that bad and I believe the average was an 85.
Michael Marsh
CMSC414

Expecting an A
Anonymous
01/05/2023
He changed his course around a lot for this semester which made it extremely easy. With the new system, everything is self paced and you can do the assignments/projects whenever as there is no true due dates. One person speed ran the entire class in a few weeks. In addition, he utilized standards based grading which means that there are no tests, but rather goals which are to be completed. Instead of tests, there are challenge problems which are little assignments that are very easy but make you think. Lectures are not required (but are helpful nonetheless) Overall, this semester’s version has been the most laid back and least stressful CS class I have ever taken as you can easily self pace the entire course and not feel stressed.
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/12/2022
414 teaches a lot of useful concepts in computer and network security! And taking it with Marsh is a no brainer
Michael Marsh
CMSC414

Expecting an A
Anonymous
05/20/2022
Marsh has a bad rep for CMSC414, but I don't agree with it whatsoever. All his exams are online open-book open-internet, so they aren't stressful at all. He gives quizzes before the scheduled class time, but you have unlimited attempts on them and all together they added up to 6% of your grade. He had 4 midterms (one for each unit: programming errors, cryptography, networking, human incentives) and some of them can be tricky, but even if you mess up they aren't worth a lot of your grade. He uses a "flipped-classroom" model, where he has us watch videos before class and during class he answers our questions on any material. As a result, not many people showed up to class (I personally stopped going after the second week). One thing I will agree with the criticism about Marsh is that his projects are extremely open ended. The lectures are more or less useless in trying to figure out what he wants you to do in these projects, and you'll find yourself banging your head against a wall for a few days trying to get started, but he gives a lot of time (close to three weeks) for each project. Overall, I'd whole-heartedly recommend Marsh to anyone wanting to take CMSC414.
Michelle Mazurek
CMSC414

Expecting an A
Anonymous
05/12/2022
Idk what the rest of these reviews are saying. When I took the class this year, I thought Mazurek to be very organized, the class structure to be good, and the class as breezy. She's a good lecturer too, she explains what is happening security wise very high level but yeah her voice is very soothing and if you're not paying attention then yeah, you might fall asleep. The late days on project policy is awesome. For reference, I think I went to about 60% of the lectures, and would binge watch a couple before exam time, and get decent B grades. Even then, I was able to get a pretty good grade in the class. One qualm that is valid that I see echoed here, however, is that the projects sometimes do not have enough set up or foundation for someone who is new to these security concepts to finish thoroughly. I am biased because I came into this class with some general knowledge and experience with how security worked, so the buffer overflow project, the XSS project, and other projects were pretty good. Still, others that I knew who didn't have security experience did pretty well on the projects when they went to office hours. The class is chill, and I would compare its difficulty to 1/3-2/3 difficulty of 250 with Jason Filippou; and 1/4-1/2 the difficulty of 216 with Herman. I personally had a lot of security concepts solidified in this class, and learned a lot about the way security does work, and have come away with a greater appreciation of the technical aspects of security to the high level design and concept-wise approach to security.
Michael Marsh
CMSC414

Anonymous
05/05/2022
I have a love-hate relationship with this course. I have come to the conclusion, after much flip-flopping, that although Marsh has a bit of a strange protocol for running a course, he is my favorite CS instructor. At first it is a little tricky to get into his headspace, but once I had my head around the groove of the course I found it very enjoyable. I thought that the projects were fun, and that Marsh really wants his students to succeed in the course. He is always responsive and willing to help out and give feedback. Marsh himself is your most valuable resource in this course, I think. I highly recommend 414 in particular, but I would recommend Marsh as an instructor for any other course as well. I would absolutely take a class with him again.
Dave Levin
CMSC414

Anonymous
01/23/2022
He's nice and includes all sorts of really cool cybersecurity stuff in the lectures including some of his research. The course organization was stressful at times BUT he also gave us a million extensions and wild amounts of extra credit, and the exams were easy and take home. So it all works out, 5/5.
Michael Marsh
CMSC414

Expecting an A
Anonymous
12/23/2021
Pros: - All exams were timed, open note, and open internet. They were not structured to be extra difficult because of this caveat. The final was supposed to be in person, but got moved online. - The goals for assignments (home works and projects) were fairly clear. It takes some time to adapt to Marsh's "unique" approach to projects in the class, but office hours and campuswire were always open and the instructors actually answered questions (Most of my previous class piazzas had questions ignored on piazza) - Marsh genuinely cares about the course. Cons: - Lectures are asynchronous. You watch the lectures in your own time, and the lecture itself was a "discussion". I attended almost every in person lecture, and it was a waste of time. - All of his projects are graded with bash and python scripts, and you submit through a gitlab commit. You will always have that feeling in the back of your head that the project might not run the same on his system. - This class has A TON of overhead knowledge. C, docker, git, bash, python, linux, etc. You aren't expected to be an expert, but you will spend a lot of time learning content independent of the class just so you can do the projects. Overall I recommend 414 with Marsh. This is the CS class I had the best experience in. It doesn't hold your hand, but help is there if you need it. It is structured in a way where you ACTUALLY LEARN stuff on your own. With that in mind, you have to put in work to do well in this class. Do not expect this class to be a free A unless you already have security knowledge.
Michael Marsh
CMSC414

Expecting an F
Anonymous
12/09/2021
Michael Marsh is a decent professor, but his classes can be quite difficult. I would NOT recommend taking CMSC414 as your first upper-level class. Definitely take something else first to get used to how they operate. This class is very dense, the material is tough without a lot of background experience, and the projects can be overwhelming. The logistics of this class can also be very annoying. The slides, homework, and exercises are supposed to be helpful, but without some prerequisite knowledge, they can be incredibly difficult to use. Due to the structure of the class I would only recommend taking this if you are ready for a very large workload. I'd imagine someone much more prepared than I was might be able to succeed quite well in this class, but I also imagine my position is a pretty common one. Be careful going into this class, it will challenge you.
Michael Marsh
CMSC414

Expecting a B+
Anonymous
11/18/2021
Awful, awful professor. Lectures are incredibly high level with absolutely no application involved. Grading scripts make countless errors, which he promises to resolve, but WILL NOT ALWAYS if you are unlucky. Incredibly disorganized course webpage.
Michael Marsh
CMSC414

Expecting an A-
Anonymous
11/02/2021
Micheal doesn't teach you and expects you to learn all of the material outside of the class.
Dave Levin
CMSC414

Anonymous
09/28/2021
Really interesting lectures and great instructor!
Ian Miers
CMSC414

Expecting an A
Anonymous
03/10/2021
414 Spring 21; very unorganized lectures, did a meh job of explaining things, talks very fast, uses jargon and doesn't explain. He just wrote things down on the iPad notes app? and his handwriting is garbage/very hard to read; that plus general disorganization made it very difficult to take notes. inaccessible outside of class. no exams because of covid, only projects. interesting stories about crypto and cyberattacks and how things came to be are a plus but otherwise it was hard to learn from him.
Michael Marsh
CMSC414

Anonymous
02/10/2021
Insists on using campuswire for some reason when literally everyone else uses Piazza. Also insists on using Gitlab when everyone else uses the submit server. In 414 he gave us previous exams but would straight up refuse to answer or ignore us if we asked what the answer was. Rushes thru slides and expects us to know every single small detail about a topic, but at the same time will assign homeworks and projects that barely have anything to do with what he tests you on. Also in 420 he made exams super long for no reason, you wouldn't have finished unless you used other resources or asked your friends for help or saw the exam beforehand. Avoid him, you and your GPA will thank me later.
Michael Marsh
CMSC414

Expecting a B+
Anonymous
01/05/2021
Although Dr. Marsh was nice and a lenient regrader, I found his lectures and in-class exercises to be very boring and unintuitive. All content lectures were pre-recorded, and during our actual class time, we would ask him questions and watch him do exercises. He explains concepts in high level terms that make it difficult to understand as a student who is learning about cybersecurity for the first time. I would ask him questions about certain topics so that I could better understand them, but it became a chore as the semester went on. He is very smart and knows a lot about the concepts that he teaches, however I was able to better understand these concepts by watching youtube videos that covered them. Homeworks and exercises, while intellectually challenging, taught me more about how to navigate unix systems and find bugs than about computer and net security.
Michael Marsh
CMSC414

Expecting a B
Anonymous
12/29/2020
Dr. Marsh was a pretty solid professor. He was really accommodating during the pandemic and tried to make things as easy for us to understand given the circumstances. While I had some complaints about the tests and the format of the material, he was helpful in clarifying any confusion and was really open to hearing suggestions for how to teach the course virtually in the future. The projects for 414 were really fun and interesting, but also challenging and really made you think about the code rather than just mindlessly typing. He also was flexible with regrade requests on projects and exams, which probably saved my grade when I realized later on that something was wrong.
Dave Levin
CMSC414

Expecting an A+
Anonymous
12/26/2020
(Disclaimer: had him during fall 2020 virtual semester) He’s a really chill and caring professor. Some of the projects were a bit difficult, but he provided plenty of extra credit so you can definitely make up for a poor project grade with that. We were virtual so tests were open note, but I thought they were fair.
Michael Marsh
CMSC414

Anonymous
12/24/2020
Does not help you prepare for exams whatsoever. What's the point of showing us previous exams with no answers? Likes to ask random trivia questions that you'll never find even if you search the whole internet. Tough projects that are worth too much of your overall grade, no late deadlines either. Genuinely regret taking this class with him, honestly a miracle I passed
Dave Levin
CMSC414

Anonymous
06/08/2020
He is a super passionate professor that knows a lot about security. His lectures are great since he seems to really enjoy it, and brings up ideas from his research and experiences. The only negative of his lecture style is that he doesn't do a lot code modeling which hurts some students.
Michael Marsh
CMSC414

Expecting an A
Anonymous
05/15/2020
I was scared to take him based on past reviews, but I'm happy to say he was great. Great lecturer with interesting material and anecdotes. He was truly nice and understanding. Responded quickly and helpfully to questions. I also had read that he used to live and die by his automatic grading system. That is no longer the case and is more than willing to go in manually and re-grade something, even if it was your fault for misformatting some output.
Michael Marsh
CMSC414

Expecting a B
Anonymous
12/18/2019
Marsh was fine (clearly knowledgeable, willing to take feedback, friendly in office hours), but he insisted on spending the entire class reading from his slides from behind the podium, almost totally still. The room tended to be dim, and his voice was steady and soothing. . . The final was unexpectedly all multiple choice, not ideal for me, but the curve was strong. Overall, I'm not going out of my way to take Marsh again, but he's not a dealbreaker.
Dave Levin
CMSC414

Expecting an A-
Anonymous
11/17/2019
Great lecturer, poor administrator. He co-taught the class with Bobby and Michelle and logistics were an absolute nightmare. Project descriptions were changed in random, unpinned Piazza posts at a whim, right up until the day a project was due. Points were deducted arbitrarily as there was no grading rubric and no defined test cases on the submit server like there are in other cs classes, so if you fail a single edge case that might have been covered in one test on the submit server, it could cost you a lot of points. After a while into the semester his lecture start to sound more like Ted talks than informative lectures about cyber security. At least they were entertaining. Build it break it at the end of the semester was very disappointing. Most of the points were just for writing a report, and there was very little emphasis on actually trying to break your peer's code.
Michelle Mazurek
CMSC414

Anonymous
07/08/2019
She is not a good lecturer. Pros: Class cover a lot of interesting topics Material is genuinely interesting for the most part Cons: She is a very boring an ineffective lecturer She is a harsh grader Exams are tough Projects are tough Bad at communicating/grading I would avoid taking class with her. I recommend taking Dave Levin if you can
Dave Levin
CMSC414

Expecting an A-
Anonymous
06/11/2019
He seemed like a good professor, but I think co-teaching 414 was a mistake. Between the three professors (Bobby, Michelle), he was the best lecturer but was barely there and oftened talked about the more interesting but less important (for exams) topics.
Michelle Mazurek
CMSC414

Expecting an A-
Anonymous
06/11/2019
Knows her stuff, but is quite boring. Her exam questions are also not up my alley. Nice person though.
Samrat Bhattacharjee
CMSC414

Expecting an A-
Anonymous
06/11/2019
One of the co-teachers for 414. Dude knows what he is talking about, but is a bit of a douche to students in class.
Michael Marsh
CMSC414

Anonymous
11/20/2018
Project grades are always off by at least 20% because he trusts his "scripts". Exams are tough, hard to study for. And everything else is as other reviews described. Terrible professor.
Dave Levin
CMSC414

Expecting a B+
Anonymous
10/23/2018
Favorite cs professor ive had. great lecturer. super nice guy. projects and exams were extremely fair
Michael Marsh
CMSC414

Expecting an F
Anonymous
08/30/2018
I agree with everyone else
Dave Levin
CMSC414

Expecting a C+
Anonymous
07/29/2018
Love this man. We would do our work in the student lounge, he would pass by and say hello since he recognized us and would hang out for a little while or ask us about the class. Always went up to him after lecture to ask questions and he was very cool about it. The material itself I became less and less interested in. The exams were quite open ended. A lot of short answers and a few multiple choice or word bank style questions thrown in. I did awful on all the exams, but fortunately the projects for the class were 50% of the final course grade. I did very well on all the projects but they were quite challenging...Basically they are a bunch of individual tasks you have to try out and they range from write a .c file that does this or make a txt file with a piece of code that does blah. I really disliked the final project which was a paired/team project. It caused me a lot of distress. Also several people did not submit a working project so there were only 20% of the class where you had to try and 'break' their code and write reports about it. Taking this class, I learned that Security is NOT for me. This class was more security than it was Networking which I actually like a lot more. Maybe the last month or so was focused on the Networking aspect of the class which I found quite disappointing. If you like security and networking, Dave is the man for you. His shiney bald head will make you fall in love with him.
Michael Marsh
CMSC414

Expecting a B
Anonymous
06/11/2018
Worst computer science professor I've ever had at UMD. He puts this university to shame, and the worst part is - he's a pretty nice guy (it's so frustrating). - lectures are downright impossible to follow - he gives high-level explanations and then tests on low-level code implementation - his take home exams require the use of libraries/tools that have bad documentation - his take home exams are heavily biased towards students who have already taken cmsc417/cmsc456 - warning: if he gives take homes, prepare to devote 20-30 hours of work to it and watch the average be a 40-60% - his grading scripts are terrible and you always need regrades - he uses elms discussion boards instead of piazza - he's stubborn, unhelpful, and oblivious in general My advice? Avoid this class at all costs, and don't take any class with this professor. Not worth your time.
Dave Levin
CMSC414

Expecting an A+
Anonymous
06/02/2018
Best lectures I've had for a computer science course. Lecture recordings were also posted online so attendance wasn't mandatory. Exams and projects weren't easy but they were certainty fair. Highly recommend taking CMSC414 with professor Levin.
Michael Marsh
CMSC414

Expecting an A-
Anonymous
05/21/2018
Nice guy. Worst professor I've ever had. I could go into all the reasons, but frankly it would just be exhausting, so I'll just say this: >He is bad at communicating >His project descriptions are borderline unfollowable >He only holds one office hour a week that is shared between 417 and 414 >His test grades are almost always wrong and you have to ask him for points back every time >His grading is completely opaque unless you bug him for his inputs >He forces you to use elms discussion boards and does not respond to any student questions posted to elms >His lectures do not cover exam topics, they just give general, high level explanations of things >He does not understand the math behind cryptography but tries to teach it anyway >If you take him, you will learn everything on your own DURING the test >He gives assignments that take much longer to complete than he says they will (his catch phrase is "30 minutes of coding per problem") The list goes on... If you take him, prepare to be paying for nothing I wasn't gonna list everything, but I did anyway. Woops. There you go. Avoid at all costs.
Michael Marsh
CMSC414

Anonymous
05/21/2018
Wish i could give a zero rating for his Excellenc in organizing lectures and his remarkable project readmes
Dave Levin
CMSC414

Expecting a C
Anonymous
05/11/2018
Wonderful lecturer. Great teacher, and great guy in office hours. His projects are difficult and the specs contain typos, but I believe that is the fault of the grad student TAs, not Dave's. I recommend taking the class, but make sure we're working with someone.
Dave Levin
CMSC414

Expecting an A
Anonymous
05/04/2018
AMAZING AMAZING AMAZING Professor. One of the best professors I had at UMD.
Michael Marsh
CMSC414

Anonymous
04/17/2018
worst class ever. Don't even know what I should get
Akhil Koul
CMSC414

Anonymous
04/05/2018
Helpful
Michael Marsh
CMSC414

Anonymous
04/04/2018
He is the worst professor. Just reads off the slides and gives like 4 15 minutes excercises in class. Doesn’t give answers to these exercises. He forced everyone to use elms discussion instead of piazza. Exams are extremely hard avergae was 52 for our first midterm. He doesn’t have time for his students. 1 hour of office hours per week and that too for 414 and 417 combined.i am not sure what grade i have in this class. Extremely unorganized professor. Biggest mistake of my life to take 414 with him.
Michelle Mazurek
CMSC414

Anonymous
01/24/2018
Professor who clearly knows her stuff. However, I'm not sure if it was the long class block or the presentation, but I struggled staying awake every class - especially about private and public keys. The programming assignments are kinda fun, but can be really challenging if you don't have the right mindset. Exams were alright, she allowed cheat sheets, but still lots of potential material. I'd maybe recommend to a final semester senior.
Peter Keleher
CMSC414

zaqu413
12/21/2013
Summary: Very average professor. Lecture: Mostly off of power-points which he posts online. Going to class is optional, but questions on the quizzes will sometimes come from things he says during class that are not on the power-points. The actual material was usually very interesting, but there was so much material to cover most of the time we just brushed over topics without really learning how they worked. Taking CMSC456 before this class will give you a slight advantage (very slight). Quizzes: There were 3 quizzes which were pretty hard. They are all short answer or diagram drawing. I felt the quizzes would emphasize a random subset of the material covered, so if you are weak on a certain topic and it shows up on the exam you are screwed. On the other hand it could not show up at all and you get lucky. Projects: The projects were actually pretty fun as we got to carry out things like buffer overflows, dictionary attacks, and XSS attacks. They also more or less got easier as the semester went on. Languages used were C, Java, and Javascript. He provides resources and examples if you don't know Javascript, I taught myself everything I needed to know for the Javascript coding in less than an hour. Final: It was a little harder than the quizzes I thought. But it is only worth 12% of your grade, which was a weird concept as I am used to it being between 30% and 40%. Grading: 5 projects 11% each 3 quizzes 11% each 1 final worth 12% Overall the material was interesting, but it seemed crammed. I think this would be a good first 400 level course as it gives you a nice overview so you can think about concentrations you would like to focus on in future courses.
Jonathan Katz
CMSC414

Expecting an A
rockinbassman
06/22/2012
Prof. Katz is a pretty good CS teacher. He teaches on the board and does not just read off of a powerpoint. The midterm was moderately difficult, but the final was in-class, online, all multiple choice and was easy. Projects and homeworks were cool, but honestly there could have been more (assuming you actually liked the topics) Biggest issue with this class is that 50% of the people come in with not a clue about any of the topics and with no security background and the other 50% has experience and knows a bit already. This makes the class either too easy/boring OR too hard/too fast. Can't make everyone happy, but this gap can make the class less enjoyable.
William Arbaugh
CMSC414

Expecting an A+
xenonscreams
01/11/2012
He's trying really hard to change this course and make it interesting. The biggest fallback comes from trying to change it too quickly, often mid-semester. Long-term changes to a course are appreciated, but within a semester a course should be completely consistent (e.g. the professor should have the labs prepared in advanced), otherwise it can be stressful to the students. Otherwise I thought his teaching style was decent and the class was pretty cool. I learned a lot. I got to do lots of awesome things that I had never looked into because I wasn't sure how to do them legally. He was pretty nice and accommodating when I spoke to him. I was just stressed out about my grade for most of the semester because of how frequently details of the course changed. And Capture The Flag is awesome, but shouldn't be a graded assignment, since that brings it straight from something fun and interesting to something worrisome and annoying.
Jonathan Katz
CMSC414

Expecting an A
Anonymous
12/19/2009
He's on OK professor. I didn't really go to class because it was boring (not the prof's fault). But he put up the slides online. Exams are actually pretty easy but everyone does badly on them (trust me, I'm no genius). The projects/homeworks are awesome and entertaining (best part of the class). The course gives you a good overview of things, although a good 25% of the course seems common sense.