CPSC 6136 - Advanced System Security
Instructor(s): Dr. Lydia
Ray
Office:
CCT429 Office phone: (706) 565-3615
Department phone: (706) 568-2410 Department FAX: (706) 565-3529
Office Hours: Mon - Thu 9.00 -11.00AM, Tue, Thu: 4.15 PM - 5.15 PM
e-mail address: ray_lydia@columbusstate.edu
homepage:http://csc.columbusstate.edu/ray
Catalog Description of Course: (Prerequisite
CPSC 6126 Information Systems Assurance). This course provides the student
with the skill or ability to design, execute, and evaluate information security
procedures and practices. This level of understanding will ensure that students
are able to apply security concepts while performing their tasks. Topics
include encryption algorithms, developing a security policy, attack monitoring,
attack response, and disaster planning and recovery. The student will be
presented with practical approaches to security and the use of security tools (3 credits).
Required Textbook(s):
·
Computer
Security: Principles and Practice By William
Stallings & Lawrie Brown, ISBN-10: 0136004245
ISBN-13: 9780136004240 Publisher: Prentice Hall
Reference
Textbook(s):
·
The Art of Deception: Controlling the Human Element of
Security, by Kevin D.
Mitnick and William L. Simon, John Wiley & Sons,
2002, ISBN: 0471237124.
Supplementary
Materials:
·
You must have Internet connection with Windows XP
operating system.
·
If you use a different operating system, you may
setup a virtual machine with Windows XP (available from CSU website). For this you
must have at least 2-4 GB RAM.
·
If you want to use other operating systems such as Windows
Vista, it is your responsibility to find out tools compatible with your OS and
complete assignments.
Course Objectives
1. Students will
understand the major issues in network and computer system security, focusing
mainly on threats from malicious software and intrusion detection.
2. Students will
have an understanding of common attacks on computer networks and methods to
detect and remediate such attacks.
3. Students will
have an understanding of the guiding principles of computer system security.
4. Students will
be able to evaluate information security procedures and practices.
5. Students will
be able to design and implement information security procedures and practices.
Major Topics
1.
Overview of basics of computer security: Threats and vulnerabilities.
2.
Cryptography.
3.
Authentication and access control techniques.
4.
Intrusion detection and malware detection.
5.
Software security.
6.
Issues in physical security.
Instructional Methods and Techniques
- The
class will be taught online. Lecture notes will be uploaded in web CT
vista.
- Process
of accessing online courses will be published in my website before class
starts.
- All students
must have access to networked computers for doing assignments.
- Students
will have an opportunity to use a variety of security tools to reinforce
their learning of the concepts.
How This
Course Will Work
This course
will consist of readings, assignments, “lab” assignments, a final
project/paper, one midterm examination and discussions. On a weekly basis, you
will need to:
- review
the week's lesson;
- complete
the readings from the textbook;
- complete
the assignments;
Rule of Assignments:
1.
An assignment will contain hands-on activities and
questions on those assignments and other general questions to test your
knowledge on that week’s reading lessons.
2.
You do NOT need to attach screen shots of your
hands-on work unless you are specifically asked to do so.
3.
You need to write the answers of assignment questions
in enough details. Do not assume I know what you want to mean.
4.
No late assignment will be accepted unless there is a
medical reason.
5.
Assignments must be submitted in web ct drop box. It is your
responsibility to work ahead of time and ensure timely submission in proper
place.
6.
If you submit assignments via e-mail, timely grading
of those assignments cannot be guaranteed (unless there is any medical reason).
If you submit assignments in my CougarNet account,
assignments may get misplaced. I will not take responsibility of any lost
assignment that was not submitted in assignment drop-box.
Rule for
Examination:
1.
You will take only one midterm examination.
2.
The examination will be proctored.
3.
The rules and requirements of proctoring will be
published within the first week of class.
Discussions:
1. There will be
threaded discussions to interact with other classmates and the instructors.
2. The topic of
discussion can be anything you want to share with your classmates. However, the
focus of these discussions will be to discuss any problem that you encounter
while taking this course. For example, if you have problem downloading or
installing specific forensic software, you may create a discussion thread and
ask for suggestion from your classmates. If you think there is a wrong question
in an assignment, you may create a threaded discussion. However you are not
allowed to discuss any examination question. Any issue with the examination
will be discussed only via e-mail exchange with the instructor (and only with
the instructor).
3. These
discussions will be reviewed by the instructor. Individual discussion posts
will not be graded.
Rule for
Final Project:
1.
You will be provided with a list of projects and
research topics. You have to select one from that list.
2.
If you like to work on a topic not listed in the
list, you MUST discuss the topic with the instructor well ahead of time and get
it approved by the instructor before you start working on it.
3.
Detailed instructions will be provided later.
Student
Responsibilities
As a student
in this course, you are responsible to:
“I
didn’t know” is not an acceptable excuse for failing to meet the
course requirements. If you fail to meet your responsibilities, you do so at
your own risk.
Instructor
Responsibilities
As your instructor in this course, I am responsible
to:
·
post weekly lessons outlining the assignments for the
week,
·
read all responses to discussion questions and
comment if necessary,
·
grade assignments, midterm and the final project, and
post scores within one week of the end of the week in which they are submitted,
and
·
read any e-mail sent by the you and respond accordingly
within 48 hours.
Course
Evaluation (tentative):
Grades may be
determined according to this scale:
General
Policies
You are
responsible for all class work missed, regardless of the reason for the
absence(s). Late assignments will not be accepted. No makeup exams or quizzes
will be given, so please make sure you are present for all exams/quizzes. Refer
to the CSU Catalog (http://aa.colstate.edu/advising/a.htm#Attendance%20Policy)
for more information on class attendance and withdrawal.
Academic
dishonesty
Academic dishonesty includes, but is not limited to, activities such as cheating
and plagiarism (http://aa.colstate.edu/advising/a.htm#Academic%20Dishonesty/Academic%20Misconduct).
It is a basis for disciplinary action. Any work turned in for individual
credit must be entirely the work of the student submitting the work. All work
must be your own. [For
group projects, the work must be done only by members of the group.] You may share ideas but submitting identical assignments (for example)
will be considered cheating. You may discuss the material in the course and help
one another with debugging; however, any work you hand in for a grade must be
your own. A simple way to avoid inadvertent plagiarism is to talk about the
assignments, but don't read each other's work or write solutions together
unless otherwise directed by your instructor. For your own protection, keep
scratch paper and old versions of assignments to establish ownership, until
after the assignment has been graded and returned to you. If you
have any questions about this, please see your instructor immediately. For assignments, access to notes, the course textbooks, books and other
publications is allowed. All work that is not your own, MUST be properly
cited. This includes any material found on the Internet. Stealing or giving
or receiving any code, diagrams, drawings, text or designs from another
person (CSU or non-CSU, including the Internet) is not allowed. Having access
to another person’s work on the computer system or giving access to
your work to another person is not allowed. It is your responsibility to
prevent others from having unauthorized access to your work.
No cheating
in any form will be tolerated. Penalties for academic dishonesty may include
a zero grade on the assignment or exam/quiz, a failing grade for the course,
suspension from the Computer Science program, and dismissal from the program.
All instances of cheating will be documented in writing with a copy placed in
the Department’s files. Students will be expected to discuss the
academic misconduct with the faculty member and the chairperson. For more
details see the Faculty Handbook: http://aa.colstate.edu/faculty/FacHandbook0203/sec100.htm#109.14
and the Student Handbook: http://sa.colstate.edu/handbook/handbook2003.pdf
|
Getting help
You can always contact me during my posted office hours, by e-mail, or by
appointment.
CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of
1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and
would like to request academic and/or physical accommodations please contact
Joy Norman at the Office of Disability Services in the Center for Academic
Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible.
Course requirements will not be waived but reasonable accommodations may be
provided as appropriate.