CPSC 6136 - Advanced System Security

Instructor(s): Dr. Lydia Ray

Office: CCT429                                                                                  Office phone: (706) 565-3615
Department phone: (706) 568-2410                                                              Department FAX: (706) 565-3529
Office Hours: Mon - Thu 9.00 -11.00AM, Tue, Thu: 4.15 PM - 5.15 PM
e-mail address: ray_lydia@columbusstate.edu
homepage:http://csc.columbusstate.edu/ray

 

Catalog Description of Course: (Prerequisite CPSC 6126 Information Systems Assurance). This course provides the student with the skill or ability to design, execute, and evaluate information security procedures and practices. This level of understanding will ensure that students are able to apply security concepts while performing their tasks. Topics include encryption algorithms, developing a security policy, attack monitoring, attack response, and disaster planning and recovery. The student will be presented with practical approaches to security and the use of security tools (3 credits).

Required Textbook(s):

·         Computer Security: Principles and Practice By William Stallings & Lawrie Brown, ISBN-10: 0136004245 ISBN-13:  9780136004240 Publisher:  Prentice Hall

 

Reference Textbook(s):

·         The Art of Deception: Controlling the Human Element of Security, by Kevin D. Mitnick and William L. Simon, John Wiley & Sons, 2002, ISBN: 0471237124.

 

Supplementary Materials:

 

·         You must have Internet connection with Windows XP operating system.

·         If you use a different operating system, you may setup a virtual machine with Windows XP (available from CSU website). For this you must have at least 2-4 GB RAM.

·         If you want to use other operating systems such as Windows Vista, it is your responsibility to find out tools compatible with your OS and complete assignments.

 

 

Course Objectives

1.       Students will understand the major issues in network and computer system security, focusing mainly on threats from malicious software and intrusion detection.

2.       Students will have an understanding of common attacks on computer networks and methods to detect and remediate such attacks.

3.       Students will have an understanding of the guiding principles of computer system security.

4.       Students will be able to evaluate information security procedures and practices.

5.       Students will be able to design and implement information security procedures and practices.

 

Major Topics

1.      Overview of basics of computer security:  Threats and vulnerabilities.

2.      Cryptography.

3.      Authentication and access control techniques.

4.      Intrusion detection and malware detection.

5.      Software security.

6.      Issues in physical security.

 

Instructional Methods and Techniques

  1. The class will be taught online. Lecture notes will be uploaded in web CT vista.
  2. Process of accessing online courses will be published in my website before class starts.
  3. All students must have access to networked computers for doing assignments.
  4. Students will have an opportunity to use a variety of security tools to reinforce their learning of the concepts.

How This Course Will Work

This course will consist of readings, assignments, “lab” assignments, a final project/paper, one midterm examination and discussions. On a weekly basis, you will need to:

  1. review the week's lesson;
  2. complete the readings from the textbook;
  3. complete the assignments;

Rule of Assignments:

1.      An assignment will contain hands-on activities and questions on those assignments and other general questions to test your knowledge on that week’s reading lessons.

2.      You do NOT need to attach screen shots of your hands-on work unless you are specifically asked to do so.

3.      You need to write the answers of assignment questions in enough details. Do not assume I know what you want to mean.

4.      No late assignment will be accepted unless there is a medical reason.

5.      Assignments must be submitted in web ct drop box. It is your responsibility to work ahead of time and ensure timely submission in proper place.

6.      If you submit assignments via e-mail, timely grading of those assignments cannot be guaranteed (unless there is any medical reason). If you submit assignments in my CougarNet account, assignments may get misplaced. I will not take responsibility of any lost assignment that was not submitted in assignment drop-box.

Rule for Examination:

1.      You will take only one midterm examination.

2.      The examination will be proctored.

3.      The rules and requirements of proctoring will be published within the first week of class.

Discussions:

1.      There will be threaded discussions to interact with other classmates and the instructors.

2.      The topic of discussion can be anything you want to share with your classmates. However, the focus of these discussions will be to discuss any problem that you encounter while taking this course. For example, if you have problem downloading or installing specific forensic software, you may create a discussion thread and ask for suggestion from your classmates. If you think there is a wrong question in an assignment, you may create a threaded discussion. However you are not allowed to discuss any examination question. Any issue with the examination will be discussed only via e-mail exchange with the instructor (and only with the instructor). 

3.      These discussions will be reviewed by the instructor. Individual discussion posts will not be graded.

Rule for Final Project:

1.      You will be provided with a list of projects and research topics. You have to select one from that list.

2.      If you like to work on a topic not listed in the list, you MUST discuss the topic with the instructor well ahead of time and get it approved by the instructor before you start working on it.

3.      Detailed instructions will be provided later.

Student Responsibilities

 

As a student in this course, you are responsible to:

“I didn’t know” is not an acceptable excuse for failing to meet the course requirements. If you fail to meet your responsibilities, you do so at your own risk.

Instructor Responsibilities

 

As your instructor in this course, I am responsible to:

·         post weekly lessons outlining the assignments for the week,

·         read all responses to discussion questions and comment if necessary,

·         grade assignments, midterm and the final project, and post scores within one week of the end of the week in which they are submitted, and

·         read any e-mail sent by the you and respond accordingly within 48 hours.

 

Course Evaluation (tentative):

Grades may be determined according to this scale:

A 90% - 100%

B 80% - 89%

C 70% - 79%

D 60% - 69%

 

General Policies

You are responsible for all class work missed, regardless of the reason for the absence(s). Late assignments will not be accepted. No makeup exams or quizzes will be given, so please make sure you are present for all exams/quizzes. Refer to the CSU Catalog (http://aa.colstate.edu/advising/a.htm#Attendance%20Policy) for more information on class attendance and withdrawal.

Academic dishonesty
Academic dishonesty includes, but is not limited to, activities such as cheating and plagiarism (http://aa.colstate.edu/advising/a.htm#Academic%20Dishonesty/Academic%20Misconduct). It is a basis for disciplinary action. Any work turned in for individual credit must be entirely the work of the student submitting the work. All work must be your own. [For group projects, the work must be done only by members of the group.] You may share ideas but submitting identical assignments (for example) will be considered cheating. You may discuss the material in the course and help one another with debugging; however, any work you hand in for a grade must be your own.  A simple way to avoid inadvertent plagiarism is to talk about the assignments, but don't read each other's work or write solutions together unless otherwise directed by your instructor. For your own protection, keep scratch paper and old versions of assignments to establish ownership, until after the assignment has been graded and returned to you. If you have any questions about this, please see your instructor immediately. For assignments, access to notes, the course textbooks, books and other publications is allowed. All work that is not your own, MUST be properly cited. This includes any material found on the Internet. Stealing or giving or receiving any code, diagrams, drawings, text or designs from another person (CSU or non-CSU, including the Internet) is not allowed. Having access to another person’s work on the computer system or giving access to your work to another person is not allowed. It is your responsibility to prevent others from having unauthorized access to your work.

No cheating in any form will be tolerated. Penalties for academic dishonesty may include a zero grade on the assignment or exam/quiz, a failing grade for the course, suspension from the Computer Science program, and dismissal from the program. All instances of cheating will be documented in writing with a copy placed in the Department’s files. Students will be expected to discuss the academic misconduct with the faculty member and the chairperson. For more details see the Faculty Handbook: http://aa.colstate.edu/faculty/FacHandbook0203/sec100.htm#109.14 and the Student Handbook: http://sa.colstate.edu/handbook/handbook2003.pdf

 

Getting help
You can always contact me during my posted office hours, by e-mail, or by appointment.

 

CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of 1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and would like to request academic and/or physical accommodations please contact Joy Norman at the Office of Disability Services in the Center for Academic Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible. Course requirements will not be waived but reasonable accommodations may be provided as appropriate.