CSCI 427 Advanced Cybersecurity

 

 

 

General Information

 

Class Location

Grimsley 322

 

Instructor

Dr. Shankar M. Banik

 

Coursepage: http://macs.citadel.edu/baniks/427/Syllabus/Syllabus_CSCI427.htm 

 

Course Description

 

This course will cover the techniques used to secure cybersystems. Topics covered will include security policies, security design principles, cyber threats, cyber defense, risk assessment, software security issues, ethical and legal aspects of cybersecurity, and secured systems management, and vulnerability analysis. Special emphasis will be given to hands-on lab exercises.

 

Prerequisite: CSCI 327

 

 

Course Objectives

 

 

1.      Explain main components of Information Security and describe security development lifecycle model

2.      List the steps for secure OS installations, initial setup and patching, removing unnecessary services, applications and protocols, configure users, groups and authentications, configure resource control, install additional security controls, perform backups, and test the system security, virtualization security, and list specific steps for securing Windows system and Linux system

3.      Examine the architecture of a cybersystem to analyze vulnerabilities and learn tools and techniques for identifying vulnerabilities

4.      Distinguish various types of intrusions, explain key features of host-based intrusion and network-based intrusion, understand the concepts of honeypots

5.      Describe firewall technology and various implementation and configuration of firewalls, explain VPN

6.      Describe approaches used by modern intrusion detection and prevention systems and their implementations

7.      List and define major categories of network scanning and analyzing tools

8.      Explain the concept of denial-of-service attack and distributed denial-of-service attacks and common defense mechanisms

9.      Define buffer overflow, stack overflow and various defense mechanisms

10.  Describe how poor programming practices can lead to software vulnerabilities and explain the concept of defensive programming

11.  Explain key features of handling program input and writing safer codes

12.  Explain key components of SSL, HTTPS, and IPsec, IEEE 802.11 wireless security

13.  Identify the major laws and policies in cybersecurity, describe the ethical responsibilities of each user in the cyberspace for protecting data and resources, understand the legal aspect of cybercrimes

14.  Describe the roles and responsibilities for detecting and handling vulnerabilities in cybersystem

15.  Understand the culture and roles in cyberethics

16.  Describe managementís role in development, maintenance, and enforcement of cybersecurity policy

17.  Describe the lists for risk assessment, and characterize identified threats and consequences to determine risk

18.  Describe various controls for addressing risks and understand the importance of human factor in security and benefits of awareness, training and education in cybersecurity

19.  Analyze vulnerability of a network by using network scanning and mapping tool (Nmap)

 

 

 

Course Outcomes

 

Upon successful completion of this course, students will be able to

1.      Identify different types of attacks in the cyberspace and compare and contrast their resources, capabilities/techniques and motivations;

2.      Describe different types of attacks and their characteristics;

3.      Examine the architecture of typical, complex system and identify vulnerabilities

4.      Install and configure OS successfully and perform system administration activities which include setting up user accounts, configuring authentication policies, installing patches, peforming backups and restoring the system from backup;

5.      List Perform OS hardening activities which include removing unnecessary components, closing unnecessary ports, perform vulnerability scan, install patches and updates;

6.      Apply different tools for network defense;

7.      Use network monitoring and mapping tools;

8.      Analyze secured software practices;

9.      Understand the legal and ethical issues of cybersecurity;

10.  List the applicable laws and policies related to cybersecurity;

11.  Perform basic risk assessment for cybersystems,

12.  Describe various controls for addressing risks, and

13.  Describe role of management in developing and maintaining cybersecurity policy

 

 

Course Material

 

Textbooks:    

 

Principles of Information Security

Michael E. Whitman and Herbert J. Mattord

Course Technology

 

Hands-On Information Security Lab Manual

Michael E. Whitman and Herbert J. Mattord

Course Technology

 

Computer Security: Principles and Practices

William Stallings and Lawrie Brown,

2nd Edition

Pearson

 

Introduction to Computer Security

Matt Bishop

Addison Wesley

                                   

Virtual Lab - iLab

                                   

Course Handouts

 

 

 

Tentative List of Topics

 

1.      Basic of Attacks and Defense in Information Security

2.      Secure OS installation, hardening and system administration

3.      Vulnerability Analysis

4.      Intrusion Detection

5.      Firewalls and VPNs

6.      Intrusion Detection and Prevention Systems (IDPS)

7.      Denial of Service Attacks

8.      Buffer Overflow

9.      Software Security

10.  Network Security Protocols and Standards

11.  Legal, Ethical and Professional Issues in Information Security

12.  Planning for Security

13.  IT Security Management and Risk Assessment

14.  Security Controls, Plans and Procedures

15.  Network Scanning Tools

 

 

Course Outline

 

 

Topics

Assignment

Week 1

Basic of Attacks and Defense Mechanisms, Secure SDLC, Attack Trees

Read Chapters1 and 2 from Whitman, Read Attack Trees by Bruce Schneier, Register with iLab Certified Ethical Hacking (CEH) v8 exercises, Form groups for Term Project.

Week 2

Secure OS installation, hardening and system administration

Read Chapters 12 from Stallings,  Work on OS Installation and Hardening Homework (HW 1), System Administration Homework  ( HW 2).

Week 3

Vulnerability Analysis

Read Chapter 20 from Bishop and paper on ROP(Return Oriented Programming), Work on iLab CEH exercises on Footprinting and Reconnaissance, and Enumerations

Week 4

Intrusion Detection

Read Chapter 8 from Stallings, Work on iLab CEH exercises on Scanning Networks, and System Hacking

Week 5

Firewall and VPNs

Read Chapter 6 from Whitman, Work on Firewall Homework (HW3)

Week 6

Intrusion Detection and Prevention Systems

Read Chapter 7 from Whitman, Work on iLab CEH exercises on Evading IDS, Firewall and Honepots

(Term Project Proposal Due)

Week 7

Denial of Service Attacks

Read Chapter 7 from Stallings, Work on iLab CEH exercises on Denial of Service Attack.

Week 8

Buffer Overflow

Read Chapter 10 from Stallings, Work on iLab CEH exercises on Buffer Overflow, Hacking Webservers and Web Applications

Week 9

Software Security

Read Chapter 11 from Stalling, Software Security Homeworks (HW4, HW5), Work on iLab CEH exercises on SQL Injections

Week 10

Network Security Protocols and Standards

Read Chapters 22 and 24 from Stalling, Work on iLab CEH exercises on Network Sniffing, and Hacking Wireless Networks

Week 11

Legal, Ethical, and Professional Issues in Information Security

Read Chapter 3 from Whitman, Work on iLab CEH exercises on Trojans and Backdoors, and Viruses and Worms.

Week 12

Planning for Security

Read Chapter 4 from Whitman, Work on iLab CEH exercises on Social Engineering and Session Highjacking

Week 13

Security Management and Risk Assessment

Read Chapter 14 from Stallings, Work on Risk Assessment Homework (HW6)

Week 14

Security Controls, Plans and Procedures

Read Chapter 15 from Stallings

Week 15

Term Project Presentations

(Term Project Final Report Due)

 

 

 

Required Work

 

Assignments

There will be approximately ten assignments. Each assignment will have a due date. For every 24 hours late, you will be deducted 10% of the grade of the assignment.  Any assignment that is more than 5 days late will not be evaluated. Some assignments will be done in a virtual lab environment.

 

Papers

Students will write 1 to 3 papers on cybersecurity. Typical topics of the papers are description of NSA security standards, discussion on spyware, description of firewall, discussion on cybercrimes, and discussion of legal and ethical aspects of cybersecurity.

 

Weekly Reports

Students will write weekly reports on recent events on cybersecurity. Each Thursday one student will present his/her weekly report in front of the class.

 

Examination

There will be one Midterm Exam during the semester. Missing an examination without a previously approved excuse will result in a grade of zero for that examination. Makeup examinations are never available. 

 

Term Project

Students are required to produce a term project, building upon and complementing the material covered in class. You will be working with other class members as part of a team. Teams will be formed during the third class, in plenty of time for you to meet, plan, and work with other members of your team. Some class time may be set aside for team meetings. Projects must culminate with a presentation for the class and the submission of a final report.

 

 

Course Policies

 

Class Attendance and Discussion: It is advised that students attend all lectures. Everyone in the class is expected to participate in the class discussion.

 

Class Webpage: All course materials and grades will be posted on CitLearn.

 

E-mail: Any announcement will be sent through email. Class emails are sent to your official email address using CitLearn. You are responsible for making sure that you are receiving class e-mails. It is your responsibility to have your official email account working properly and forwarding to the location where you read emails.

 

Grading: There are five components to the course grade. They are weighted as follows.

 

Component

Percent

Midterm

20

Term Project

20

Assignments

30

Papers

15

Weekly Reports

15

 

The grading scale will be no higher than the following. It may be lower at the discretion of the instructor.

 

Grade

Percentage

A

90+

B

80-89

C

70-79

F

Otherwise

 

Grading Policies

 

If you have a question about the grading of a homework/project/paper, please see the instructor during his/her office hours. All disagreements about the grading of a homework/project/paper must be brought to the attention of the instructor within one week of when the item was returned.

 

If there is a dispute about the grading of an examination problem, you may stay after the class the day the exams are returned to discuss it with the instructor. If you cannot stay at this time, return the paper to the instructor at the end of class and visit with the instructor during his/her office hours. ONCE AN EXAM HAS BEEN REMOVED FROM THE CLASSROOM AFTER IT HAS BEEN RETURNED, THE GRADE IS FINAL AND WILL NOT BE CHANGED, EVEN IF IT IS FOUND TO BE IN ERROR.

 

Disability

 

Any student in this course who has a disability that may prevent him or her from fully demonstrating his or her abilities should contact the instructor personally as soon as possible so that accommodations necessary can be made to ensure full participation and to facilitate educational opportunities.

 

Academic Misconduct

 

It is your responsibility to be familiar with the policies mentioned in The Honor Manual of The Citadel. Ignorance of these policies is not an excuse for violating them.