This is our expected Syllabus and reading list. Most topics will take
several lectures to cover. In addition to the primary discussion for
each lecture, 5-10 minutes of each lecture will be set aside for
discussion of current events in the computer security arena. Specific
coverage within each leacture will be updated from year to year to
keep the course material up to date with current practice. In
particular, there will be additional material added this semester on
DNS Security, IP Sec and IP V6 Security, the Trusted Network
Interpretation (TNI or Redbook) for high assurance systems. By
mid-september we will also have a specail online recorded lecture
covering background networking material that should have been covered
in your undergradutate program, but which will be available for those
without that background.
Dates may change depending on progress throug the semester. Reading
assignments are designated as such. Links from system names in the
syllabus are for general information only.
Readings are on topics related to the lecture, but lectures are not
from the book. Students are expected to have completed the assigned
readings prior to lecture so that they have backround appropriate for
class discussion.
Date | Topic/Readings | Slides | Lab Info |
Lecture 1
August 25
2017 |
The Security Problem
- A working definition of security
- Evaluating security
- Systems security vs network security vs data security
- Societal aspects of security, ethical and legal foundations
Readings:
- Bishop, Chapter 1, An Overview of Computer Security
|
PPT
|
Lab Introduction.
|
Lecture 2 September 1 2017 |
Cryptography - An Overview
- Secret key cryptography
- Public key cryptography
- Hashes and message digests
- Steganography
Readings:
- Bishop, Chapter 9, Basic Cryprography
- Bishop, Chapter 11 (only through section through 11.2), Cipher Techniques
- Garfinkel (Is Encryption Doomed)
|
PPT at Slide 27
PDF at Slide 27
|
Cryptography
|
Lecture 3 September 8 2017 |
Key management
- Diffie-Hellman Key Exchange
- Ties to Authentication Protocols
- Public-key Key Exchange (PGP, X.500, S/MIME)
- Peer-to-peer
- Group key management
Readings:
|
|
Authentication
|
Lecture 4,5 September 15,22 2017 |
Authentication and Identity Management
- Password-based authentication
- Unix vs Windows
- Kerberos
- X.500
- Hardware authentication
- Biometrics
- (plus more material to be added)
Readings
|
PPT at Slide 126
PDF at Slide 126
|
Authorization(9/16)
Application Security(9/27)
|
Lecture 6 September 29, 2017 |
Authorization and Policy
Readings:
|
|
Packet Sniffing
|
Mid-term October 6 2017 |
Mid-Term Exam (9:00 AM - 10:40 AM)
|
Followed by Lecture start of lecture on untrusted computing
|
PPT
|
Lecture 8 October 13 2017 |
- Viruses
- Worms
- Spyware
- Denial of service attacks
- Transmission vectors, e.g. spam
Readings
|
|
.
|
Lecture 9 October 20 2017 |
Countermeasures
- Firewalls
- Virus checkers
- Patch and configuration management
Readings
Bishop, Chapters 26 and 27, Network and System Security
|
|
Intrusion Detection
|
Lecture 10 October 27 2017
(will extend
into lecture 11) |
Intrusion detection and response
- Commercial Itrusion Detection Systems
- Research Itrusion Detection Systems
- Response systems
Readings
- Bishop, Chapter 25, Intrusion Detection
- Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of
Security Faults, Proceedings of the National Computer Security
Conference, Coast TR 96-05, 1996.
- C. Ko, G. Fink, K. Levitt, Automated
Detection of Vulnerabilities in Privileged Programs by Execution
Monitoring, Proc. of the 10th Annual Computer Security
Applications Conference, December 1994, pp 134-144.
- Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection
Expert System (NIDES) a Summary, SRI Computer Science Laboratory
Technical Report SRI-CSL-95-07, May 1995.
- S Singh, C Estan, G Varghese, S Savage,
The EarlyBird System for Real-time Detection of Unknown Worms
, ACM Workshop on Hot Topics in Networks, 2003.
|
. .
|
Arp Spoofing
|
Lecture 11 November 3rd 2017
|
The Human Element
- Social Engineering
- Complexity of proper security deployment
- Configuration issues
- Passwords
Readings
|
PPT
print
|
Tunnels/VPNs
|
Lecture 12 November 10 2017
| p
Trusted Computing
- The Public Perception of Trusted Computing
- The Hardware Basis for Trusted Computing
- The Software and OS Basis for Trusted Computing
- Virtualization
- Negotiating Trust and Obligation
- Case Studies
Readings
|
|
Forensics
|
Lecture 13 November 17th 2017
|
Privacy
|
|
none
|
TG November 24 2017
|
Thanksgiving Recess, No Lecture
|
N/A
|
None
|
Lecture 14 December 1st 2017
|
Cyber-Physical Systems
- Requirements for Security
- Need for performance isolation
Security for Cloud Computing
Readings
Selected Topics and Review
|
.
|
None
|
Final Exam Monday December 11, 2017 |
Final Exam (11:00 AM - 1:00 PM)
|
N/A
|
None
|