CPSC 6899 – Independent Study                                             Spring 2006

 

Instructor(s): Dr. Wayne Summers

Office: CCT455                                                           Office phone: (706) 568-5037
Department phone: (706) 568-2410                             Department FAX: (706) 565-3529
Office Hours: 10-10:50 a.m. MWF (in online chat); 3-3:50 p.m. TR (in online chat); via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

TITLE: Advanced System Security

Catalog Description of Course: (Prerequisite CPSC 6126 Information Systems Assurance). This course provides the student with the skill or ability to design, execute, and evaluate information security procedures and practices. This level of understanding will ensure that students are able to apply security concepts while performing their tasks. Topics include encryption algorithms, developing a security policy, attack monitoring, attack response, and disaster planning and recovery. The student will be presented with practical approaches to security and the use of security tools (3 credits).

Required Textbook(s):

1. Introduction to Computer Security by Matt Bishop, Addison Wesley Professional, 2005, ISBN: 0-321-24744-2.
2. The Art of Deception: Controlling the Human Element of Security, by Kevin D. Mitnick and William L. Simon, John Wiley & Sons, 2002, ISBN: 0471237124.

Supplementary Books and Materials

Software and manuals found in the lab and on the Internet

Course Objectives

1.        Students will understand the major issues in network and computer system security, focusing mainly on threats from malicious software.

2.        Students will have an understanding of common attacks on computer networks and methods to detect and remediate such attacks.

3.        Students will have an understanding of the guiding principles of computer system security.

4.        Students will be able to evaluate information security procedures and practices.

5.        Students will be able to design and implement information security procedures and practices.

 

Major Topics

1.      Foundations of computer and network security.

2.      Threats and vulnerabilities

3.      Technical defenses: authentication, operating system security, firewalls, etc.

4.      Network vulnerability assessment and intrusion detection.

5.      Remediation methods, including backup and repair strategies.

6.      Encryption and methods for its usage.

7.      Business continuity planning and disaster recovery planning

8.      Issues in physical security.

 

How This Course Will Work

This course will consist of readings, discussion questions, webliography assignments, “lab” assignments, a final project and two exams. On a weekly basis, you will need to:

1. review the week's lesson;
2. complete the readings from the two texts;
3. read and if possible, listen to the lectures;
4. submit responses to weekly discussion questions based on the readings;
5. complete the “lab” assignments;
6. decide on and complete a final project.

• Every week, submit a weekly status report.  This report will be submitted every other Friday, by midnight. 
• During the weekly meeting, provide a brief on research for the week and gain feedback and be presented with new questions and challenges.
• March 2nd
• Mid-Point Report
• May 2nd
• Final Presentation/Report
• The student will write a formal paper on Systems Security.

Course Evaluation (tentative):

• Unit Homework Assignments = 200 pts.
• Discussions (20 submissions) = 200 pts.
• One midterm test = 100 pts.
• 1 Comprehensive FINAL EXAM = 200 pts.
• Research paper or project = 100 pts. (topic must be approved before starting the paper/project)

Evaluation

Participation – 25% of grade

Term paper – 75% of grade

 

Grades may be determined according to this scale:

A 90% - 100%	B 80% - 89%
C 70% - 79%	D 60% - 69%

ADA Statement: If you have a documented disability as described by the Rehabilitation Act of 1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and would like to request academic and/or physical accommodations please contact Joy Norman at the Office of Disability Services in the Center for Academic Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible. Course requirements will not be waived but reasonable accommodations may be provided as appropriate.

Academic dishonesty
Academic dishonesty includes, but is not limited to, activities such as cheating and plagiarism (http://aa.ColumbusState.edu/advising/a.htm#Academic%20Dishonesty/Academic%20Misconduct). It is a basis for disciplinary action. Any work turned in for individual credit must be entirely the work of the student submitting the work. All work must be your own. [For group projects, the work must be done only by members of the group.] You may share ideas but submitting identical assignments (for example) will be considered cheating. You may discuss the material in the course and help one another with debugging; however, any work you hand in for a grade must be your own.  A simple way to avoid inadvertent plagiarism is to talk about the assignments, but don't read each other's work or write solutions together unless otherwise directed by your instructor. For your own protection, keep scratch paper and old versions of assignments to establish ownership, until after the assignment has been graded and returned to you. If you have any questions about this, please see your instructor immediately. For assignments, access to notes, the course textbooks, books and other publications is allowed. All work that is not your own, MUST be properly cited. This includes any material found on the Internet. Stealing or giving or receiving any code, diagrams, drawings, text or designs from another person (CSU or non-CSU, including the Internet) is not allowed. Having access to another person’s work on the computer system or giving access to your work to another person is not allowed. It is your responsibility to prevent others from having unauthorized access to your work.

No cheating in any form will be tolerated. Penalties for academic dishonesty may include a zero grade on the assignment or exam/quiz, a failing grade for the course, suspension from the Computer Science program, and dismissal from the program. All instances of cheating will be documented in writing with a copy placed in the Department’s files. Students will be expected to discuss the academic misconduct with the faculty member and the chairperson. For more details see the Faculty Handbook: http://aa.ColumbusState.edu/faculty/FacHandbook0203/sec100.htm#109.14 and the Student Handbook: http://sa.ColumbusState.edu/handbook/handbook2003.pdf

	Lecture Topic	Homework
Week 1: Jan. 9-13	CS – chapters 1, 2	See Website http://csc.ColumbusState.edu/summers/NOTES/6136/labs-6136.htm and WebCT calendar
Week 2: Jan 16-20	CS - chapters 3, 4	Lab 1
Week 3: Jan 23-27	CS – chapters 5, 6, 7	Lab 2
Week 4: Jan 30 – Feb 3	CS – chapters 8, 9	Lab 3
Week 5: Feb 6-10	CS – chapters 10, 11	Lab 4
Week 6: Feb 13-17	CS – chapters 12, 13	Lab 5
Week 7: Feb 20-24	CS – chapters 14 REVIEW	Lab 6
Week 8: Feb 27-Mar 3	MIDTERM EXAM (chapters 1-14)	Lab 7
Week 9: Mar 13-17	CS – chapters 15, 16	Lab 8
Week 10: Mar 20-24	CS – chapters 17, 18	Lab 9
Week 11: Mar 27-31	CS – chapters 19, 20	Lab 10
Week 12: Apr 3 – 7	CS – chapters 21, 22	Lab 11
Week 13: Apr 10-14	CS – chapters 23 Art of Deception	Lab 12
Week 14: Apr 17-21	CS – chapters 24 Art of Deception	Lab 13
Week 15: Apr 24- 28	CS – chapters 25 Art of Deception	Lab 14
Week 16: May 1 -4	CS – chapters 26 Art of Deception	Lab 15
Week 17: May 9	FINAL EXAM