415 Syllabus

Catalog Description:
CSCI 415:  4 s.h. Computer and Network Security

This course is designed to introduce student to topics which include attacks, standards, data integrity, symmetric key encryption, public key encryption, authentication, electronic mail security, IP security, web security, database security, secure electronic transactions, network management security, malicious software, and firewalls. This course includes a laboratory component.

Objectives of the course:
At the end of this course, a successful student will be expected to:

  • explain the nature of attacks, security mechanisms, types and motivation of attacks.
  • describe and explain symmetric encryption and public key encryption, authentication, cryptography algorithms and application of public key infrastructure.   
  • describe the key aspects of several network security elements like secure sockets layer (SSL), transport layer security (TLS), secure electronic transaction (SET).
  • demonstrate a solid understanding of current  network security vulnerabilities, for example, SQL injection, cross-site scripting, over flow.
  • describe and design a secure network, complete with the physical components, equipped with appropriate bandwidth, protocols, and internetworking concepts that are covered as theory in class.  They also required to be able to identify and assess the efficiencies of a network.
  • demonstrate a practical insight on secure electronic transactions

 

Recommended Textbooks (you are NOT required to buy these):
Network Security Essentials: Applications & Standards, Stallings, 6th ed., Pearson

Digital Archaeology, Graves, Addision Wesley

Thinking Security: Stopping Next year’s Hackers, Bellovin, Addison-Wesley

Required Labs: CodePurchaseRedemptionWithAnIntegration 

Prerequisites:

C- or better in CSCI 362 (Data Structures).

Course Outline

Module 1:  Introduction and Overview (LAB: Using Social Engineering (SET) AND Scanning the Network on the LAN)

Module 2:  Cryptographic Tools, Symmetric and PKI (LABS: Using Public Key Encryption to Secure Messages AND Symmetric Key program)

Module 3: User Authentication, Access Control, Internet Authentication (LABS: Remote and Local Exploitation AND Hash Digest program)

Module 4: Internet/Web security (LABS: Exploiting a Vulnerable Web Application AND Attacking Webservers from the WAN)

Module 5:   Malicious Software, DOS, Buffer Overflow, other Software Security (LAB: Performing a Denial of Service Attack from the WAN AND Performing SQL Injection to Manipulate Tables in a DB)

Module 6:  Intrusion Detection, Firewalls/ IPS, Security Auditing, Internet Security Protocol (LAB: Attacking the Firewall and Stealing Data over and Encrypted Channel)

Module 7:  Digital Forensics  (LABS: To Catch A Fake (Exercise) AND Steganography (exercise with external program) )

Module 8:  IT Security and Management (LAB: Capturing and Analyzing Network Traffic Using a Sniffer)

Module 9:  Legal and Ethical (LAB: Using Browser Exploitation to Take Over a Host’s Computer)

Module 10:  Wireless Security (LAB: WEP & WPA & Decrypting the Traffic)

 

Grading:

Exam 1:  25%  (October 18)

Exam 2:  25% (November 15)

Exam 3 (Final): 25% (Finals week)

Lab Assignments (programming projects, labs):  25%

 

Final Letter Grades based on the following weighted scale

93 – 100:  A      90-92.9:  A-   86 – 89.9:  B+  82 – 85.9  B  79 – 81.9: B-

76 – 78.9:  C+   73 – 75.9:  C  70 – 72.9 C-      66 – 68.9:  D+   63 -65.9:  D

60 – 62.9  D-      <59.9:  Fail

 

Lab/ Programs/ Other Assignments:  due dates are announced in class and are printed on top of each lab – be sure to take note of the due date

Late submissions will NOT be accepted barring extenuating circumstances. If your assignment is incomplete, submit it for possible partial credit. Programs must compile and run for any credit.

The exams cover material from class lectures, assignments, and labs – and they are cumulative by nature.  There are NO make-up exams, so if you miss an exam you will receive zero credit, barring extenuating circumstances.

Reading Assignments:

Reading are given as handouts or links.  Check class website frequently.  There will be case-studies that you will be required to read, understand, and present.

All work must be submitted on the assigned date or they will not be graded – barring acceptable emergencies. Check website for important dates.

 

Final Letter Grades are based on the following weighted scale:

93 – 100:  A      90-92.9:  A-   86 – 89.9:  B+  82 – 85.9  B  79 – 81.9: B-

76 – 78.9:  C+   73 – 75.9:  C  70 – 72.9 C-

66 – 68.9:  D+   63 -65.9:  D    60 – 62.9  D-      <59.9:  Fail

All work must be submitted on the assigned date or they will not be graded – barring acceptable emergencies. Check website for important dates.

The syllabus may be subject to some change due to shceduling, so be sure to check in occasionally

Graded Work and Academic Honesty:

The exams cover material from class lectures, assignments, and labs – and they are cumulative by nature.  There are NO make-up exams, so if you miss an exam you will receive zero credit, barring extenuating circumstances.

Copying or extensive collaboration on assignments is not permitted and may result in failure of the course and expulsion from the university. You may discuss approaches to solving a problem. However, if someone else types on your keyboard or you copy code or paragraphs from someone else or somewhere else, you are committing academic dishonesty. Finding or purchasing a solution on the Internet or elsewhere and submitting it as your own work is plagiarism and may result in expulsion from the university.

Consult MU’s Academic Policies for more details.

Attendance:  All students are expected to regularly attend classes, be prepared for class by doing the assigned readings, and having completed any assignments. Only previously approved and university recognized absences are excusable. Excessive (>3) unexcused absences may result in your course grade being lowered one letter grade. Contact me prior to any absence (if possible) in order to obtain clearance. The university attendance policy is given at http://muweb.millersv.edu/~register/attendance.html

Sharing:  It is the premise in this course that students learn three different ways: (1) by attentive listening during lectures; (2) by doing things themselves; and (3) by sharing information and ideas with other students. This last item is important to the learning process, but it cannot be allowed to overshadow the importance of the other two items. Students are encouraged to share ideas and to discuss common problems. Much of this course is founded on the principal of cooperative learning, meaning that you will learn from each other, generally in a team format. You are expected to be responsible to your teammates and shoulder your fair portion of the work load. This will be enforced in two ways: (1) team members will evaluate each other’s efforts with each project, and (2) students who shirk their responsibility to the team will be removed from the team and given no credit for the team’s work.

Plagiarism:  However, the preceding policy should not in any way be taken as approval of the act of plagiarism. Plagiarism shall be treated as the serious offence that it is. Acts of plagiarism shall be dealt with as severely as is permissible by university policy, including possible failure in the course. Multiple acts of plagiarism may result in expulsion from the university.

Plagiarism shall be regarded as any copying, in whole or in part, of material from any source, without explicit credit to the source. In addition, any copying from another student’s assignments, past or present, shall be treated as plagiarism. All students involved in an act of plagiarism shall be treated the same as concerns this policy, including any student who knowingly allows his or her work to be copied.

Deadlines:  Assignments are due at the beginning of the class period on the assigned due date, unless otherwise specified. No late assignments will be accepted. If your assignment is incomplete, turn it in for possible partial credit. Programs must cleanly compile for any credit. Developing your program incrementally will assure that you always have something for which you can receive some credit.

Exams:  There are no make-up exams – if you miss a test, you will receive a zero. Exceptions may be made at my discretion for reasons of illness or university excused absences.

Special Needs:  Anyone requiring special accommodations should contact me as soon as possible, before any exams or assignments are due.

Title IX:  Millersville University and its faculty are committed to assuring a safe and productive educational environment for all students.  In order to meet this commitment, comply with Title IX of the Education Amendments of 1972, 20 U.S.C. §1681, et seq., and act in accordance with guidance from the Office for Civil Rights, the University requires faculty members to report to the University’s Title IX Coordinator incidents of sexual violence shared by students.  The only exceptions to the faculty member’s reporting obligation are when incidents of sexual violence are communicated by a student during a classroom discussion, in a writing assignment for a class, or as part of a University-approved research project.  Faculty members are obligated to report to the person designated in the University Protection of Minors policy incidents of sexual violence or any other abuse of a student who was, or is, a child (a person under 18 years of age) when the abuse allegedly occurred.

Information regarding the reporting of sexual violence, and the resources that are available to victims of sexual violence, is available at http://www.millersville.edu/socialeq/title-ix-sexual-misconduct/index.php

 

Comments are closed.