CSCI 427 Advanced Cybersecurity

 

 

 

General Information

 

Class Location: 216 Thompson

Class Time: T/Th 1300-1415 hours

 

Instructor:

Dr. Shankar M Banik

Office: 222 Thompson

Email: shankar.banik@citadel.edu

 

Office Hours:

Wednesday 1000-1200 hours

Friday 1000-1200 hours

 

 

Course Description

 

This course will cover the techniques used to secure cybersystems. Topics covered will include security policies, security design principles, cyber threats, cyber defense, risk assessment, software security issues, ethical and legal aspects of cybersecurity, and secured systems management, and vulnerability analysis. Special emphasis will be given to hands-on lab exercises.

 

Prerequisite: CSCI 327

 

 

Course Objectives

 

 

1.      Explain main components of Information Security and describe security development lifecycle model

2.      Examine the architecture of a cybersystem to analyze vulnerabilities and learn tools and techniques for identifying vulnerabilities

3.      Distinguish various types of intrusions, explain key features of host-based intrusion and network-based intrusion, understand the concepts of honeypots

4.      Describe firewall technology and various implementation and configuration of firewalls, explain VPN

5.      Describe approaches used by modern intrusion detection and prevention systems and their implementations

6.      List and define major categories of network scanning and analyzing tools

7.      Explain the concept of denial-of-service attack and distributed denial-of-service attacks and common defense mechanisms

8.      Define buffer overflow, stack overflow and various defense mechanisms

9.      Describe how poor programming practices can lead to software vulnerabilities and explain the concept of defensive programming

10.  Explain key features of handling program input and writing safer codes

11.  Explain key components of SSL, HTTPS, and IPsec, IEEE 802.11 wireless security

12.  Identify the major laws and policies in cybersecurity, describe the ethical responsibilities of each user in the cyberspace for protecting data and resources, understand the legal aspect of cybercrimes

13.  Describe the roles and responsibilities for detecting and handling vulnerabilities in cybersystem

14.  Understand the culture and roles in cyberethics

15.  Describe managementís role in development, maintenance, and enforcement of cybersecurity policy

16.  Describe the lists for risk assessment, and characterize identified threats and consequences to determine risk

17.  Describe various controls for addressing risks and understand the importance of human factor in security and benefits of awareness, training and education in cybersecurity

18.  List the steps for secure OS installations, initial setup and patching, removing unnecessary services, applications and protocols, configure users, groups and authentications, configure resource control, and install additional security controls

19.  Analyze vulnerability of a network by using network scanning and mapping tool (Nmap)

 

 

 

Course Outcomes

 

Upon successful completion of this course, students will be able to

1.      Identify different types of attacks in the cyberspace and compare and contrast their resources, capabilities/techniques and motivations;

2.      Describe different types of attacks and their characteristics;

3.      Examine the architecture of typical, complex system and identify vulnerabilities

4.     Perform system administration activities which include setting up user accounts, configuring authentication policies, and installing patches;

5.      Perform OS hardening activities which include removing unnecessary components, closing unnecessary ports, perform vulnerability scan, install patches and updates;

6.      Apply different tools for network defense;

7.      Use network monitoring and mapping tools;

8.      Analyze secured software practices;

9.      Understand the legal and ethical issues of cybersecurity;

10.  List the applicable laws and policies related to cybersecurity;

11.  Perform basic risk assessment for cybersystems,

12.  Describe various controls for addressing risks, and

13.  Describe role of management in developing and maintaining cybersecurity policy

 

 

Course Material

 

 

Principles of Information Security

Michael E. Whitman and Herbert J. Mattord

Course Technology

 

Hands-On Information Security Lab Manual

Michael E. Whitman and Herbert J. Mattord

Course Technology

 

Computer Security: Principles and Practices

William Stallings and Lawrie Brown,

2nd Edition

Pearson

 

Introduction to Computer Security

Matt Bishop

Addison Wesley

                                   

Virtual Lab by National CyberWatch Center

                                   

Course Handouts

 

 

 

Tentative List of Topics

 

1.      Basic of Attacks and Defense in Information Security

2.      Vulnerability Analysis

3.    Ethical Hacking

4.      Firewalls and VPNs

5.      Intrusion Detection and Prevention Systems (IDPS)

6.      Database Security

7.      Buffer Overflow

8.      Software Security

9.      Network Security Protocols and Standards

10.  Legal, Ethical and Professional Issues in Information Security

11.  Planning for Security

12.  IT Security Management and Risk Assessment

13.  Security Controls, Plans and Procedures

14.  Network Scanning Tools

15. Secure OS installation, hardening and system administration

16. Cyber Warfare

 

 

 

Course Outline

 

 

Topics

Reading

Week 1

Basic of Attacks and Defense Mechanisms, Secure SDLC, Attack Trees

Read Chapters1 and 2 from Whitman, Read Attack Trees by Bruce Schneier.

Week 2

Vulnerability Analysis

Read Chapter 20 from Bishop and paper on ROP(Return Oriented Programming).

Week 3

Intrusion Detection and Prevention Systems

Read Chapter 8 from Stallings, and Chapter 7 from Whitman.

Week 4

Firewall and VPNs

Read Chapter 6 from Whitman.

Week 5

Database Security

Read Chapter 5 from Stallings.

Week 6

Buffer Overflow

Read Chapter 10 from Stallings.

Week 7

Software Security

Read Chapter 11 from Stalling.

Week 8

Network Security Protocols and Standards

Read Chapters 22 and 24 from Stalling.

Week 9

Legal, Ethical, and Professional Issues in Information Security

Read Chapter 3 from Whitman.

Week 10

Planning for Security

Read Chapter 4 from Whitman.

Week 11

Security Management and Risk Assessment

Read Chapter 14 from Stallings.

Week 12

Security Controls, Plans and Procedures

Read Chapter 15 from Stallings.

Week 13

Secure OS installation, hardening and system administration

Read Chapters 12 from Stallings.

Week 14

Cyber Warfare

Course Handout

Week 15

Term Project Presentations

(Term Project Final Report Due)

 

Ethical Hacking Exercises

 

1.      Performing Reconnaissance from the WAN

2.      Scanning the Network on the LAN

3.      Enumerating Hosts Using Wireshark, Windows, and Linux Commands

4.      Remote and Local Exploitation

5.      Using the Dark Comet Remote Access Trojan (RAT)

6.      Capturing and Analyzing Network Traffic Using a Sniffer

7.      Using SET (Social Engineering Toolkit)

8.      Performing a Denial of Service Attack from the WAN

9.      Using Browser Exploitation to Take Over a Hostís Computer

10.  Attacking Webservers from the WAN

11.  Exploiting a Vulnerable Web Application

12.  Breaking WEP and WPA and Decrypting the Traffic

13.  Attacking the Firewall and Stealing Data Over an Encrypted Channel

14.  Using Public Key Encryption to Secure Messages

15.  Performing SQL Injection to Manipulate Tables in a Database

 

Software Security Exercises

 

1.      Integer Error

2.      Input Handling

3.      Buffer Overflow

 

Risk Assessment Exercise

 

Required Work

 

Assignments

Each assignment will have a due date. For every 24 hours late, you will be deducted 10% of the grade of the assignment.  Any assignment that is more than 5 days late will not be evaluated. Some assignments will be done in a virtual lab environment.

 

Papers

Students will write 1 to 3 papers on cybersecurity. Typical topics of the papers are description of NSA security standards, discussion on spyware, discussion on cybercrimes, discussion of legal and ethical aspects of cybersecurity, and discussions from NSA CAE Tech Talks.

 

Weekly Reports

Students will write weekly reports on recent events on cybersecurity. Each Thursday two students will present their weekly report in front of the class.

 

Examination

There will be one Midterm Exam (Thursday March 9th) during the semester. Missing an examination without a previously approved excuse will result in a grade of zero for that examination. Makeup examinations are never available. 

 

Term Project

Students are required to produce a term project, building upon and complementing the material covered in class. You will be working with other class members as part of a team. Teams will be formed during the first class, in plenty of time for you to meet, plan, and work with other members of your team. Some class time may be set aside for team meetings. Projects must culminate with a presentation for the class and the submission of a final report.

 

 

Course Policies

 

Class Attendance and Discussion: It is advised that students attend all lectures. Everyone in the class is expected to participate in the class discussion.

 

Class Webpage: All course materials and grades will be posted on CitLearn.

 

E-mail: Any announcement will be sent through email. Class emails are sent to your official email address using CitLearn. You are responsible for making sure that you are receiving class e-mails. It is your responsibility to have your official email account working properly and forwarding to the location where you read emails.

 

Grading: There are five components to the course grade. They are weighted as follows.

 

Component

Percent

Midterm

20

Term Project

20

Assignments

30

Papers

15

Weekly Reports

15

 

The grading scale will be no higher than the following. It may be lower at the discretion of the instructor.

 

Grade

Percentage

A

90+

B

80-89

C

70-79

F

Otherwise

 

Grading Policies

 

If you have a question about the grading of a homework/project/paper, please see the instructor during his/her office hours. All disagreements about the grading of a homework/project/paper must be brought to the attention of the instructor within one week of when the item was returned.

 

If there is a dispute about the grading of an examination problem, you may stay after the class the day the exams are returned to discuss it with the instructor. If you cannot stay at this time, return the paper to the instructor at the end of class and visit with the instructor during his/her office hours. ONCE AN EXAM HAS BEEN REMOVED FROM THE CLASSROOM AFTER IT HAS BEEN RETURNED, THE GRADE IS FINAL AND WILL NOT BE CHANGED, EVEN IF IT IS FOUND TO BE IN ERROR.

 

Disability

 

Any student in this course who has a disability that may prevent him or her from fully demonstrating his or her abilities should contact the instructor personally as soon as possible so that accommodations necessary can be made to ensure full participation and to facilitate educational opportunities.

 

Academic Misconduct

 

It is your responsibility to be familiar with the policies mentioned in The Honor Manual of The Citadel. Ignorance of these policies is not an excuse for violating them.