| |
Course Syllabus
Course objectives:
The course will introduce security threats, such as hackers, masqueraders, information
spoofing, sniffing, and distribution of damaging software, the associated security risks,
and prevention/detection/response techniques. The course focuses on several aspects of
Internet security, such as client and server side security, secure scripts, and application
security. Upon completion of the course, students acquire in-depth knowledge as well as
experience of major Web security risks.
Student Work:
- Research project: Students, working as small groups (2-4 students), will be required
to complete a research projects during the semester. Each group will choose a topic
of interest in the field of Internet security, perform a thorough study of the chosen
topic, identify limitations of current solutions and outline a feasible solution for
one of the identified problems. Students must present their research to the class
during the last lectures of the semester.
- Homework: There will be 3-4 homework assignments during the semester. Homework
should be individual work.
- Tests: there will be two open book tests covering course materials.
Grades: Will be calculated from grades received for project (35%) and its
presentation (5%), assignments (20%), and tests (20% each).
Tentative Schedule
Week 1:Introduction;
Week 2:Networking Primer;Hackers, Crackers and Attacks
Week 3:OSI Security Architecture; Security Management
Week 4:Conventional Encryption; Public-Key Encryption
Week 5:Authentication and Key Distribution; PKI
Week 6:Hacking 101: Spoofing Attack; Hacking 101: Hiding One's Identity
Week 7:Anonymity; TEST 1
Week 8:Firewall 1. - Packet Filtering, Circuit-Level Gateways;
Firewall 2. - Application-Level Gateways, Firewall Configurations
Week 9:Intrusion Control 1. - Detection; Intrusion Control 2. - Anomaly-Based IDS
Week 10:Intrusion Control 3. - Intrusion Recovery; Intrusion Recovery
Week 11:Vulnerability Scanners; Login, Audit, and Sniffers
Week 12:Communication Security 1. - Network Access Layer;
Communication Security 2. - Internet Layer
Week 13:Communication Security 3. - Transport Layer;
Communication Security 4. - Application Layer
Week 14:Communication Security 5. - Message Security;
Risk Analysis, Policies, Procedures and Enforcement
Week 15:Student Presentations; TEST 3
Basic Bibliography
Required:
- Rolf Oppliger: Internet and Intranet Security, Second edition; ISBN: 1580531660;
Publisher: Artech House, Incorporated; Pub. Date: November 2001 Edition: 2ND
- Maximum Security, Third edition; ISBN: 0672318717; Publisher: Sams
Pub. Date: December 2000; Edition: 3RD BK&CDR
Recommended:
- N. Doraswamy, D. Harkins: IPSec: The Security Standard for the Internet, Intranets,
and Virtual Private Networks; ISBN: 0130118982; Publisher: Prentice Hall PTR
Pub. Date: Oct. 1999
|
|
|