Office: EOW415
Office hours: Monday, Thursday: 10:00-12:00
Email:
Phone: (250) 721-8697
Students are
advised to read the faculty of Engineering document Standards for professional
behavior (http://www.engr.uvic.ca/policy/professional-behaviour.html), which
contains important information regarding conduct in courses, in labs and in the
general use of facilities.
Time/Location:
DSB C114, 8:30-9:50am, Monday, Thursday.
Recent years have seen a steady increase in the number of attacks on
computer systems and networks. It is essential to understand the nature and
modus operandi of these attacks in order to be able to design or select
effective countermeasures. The course introduces fundamental concepts and
techniques underlying the science and art of computer security. Examples of
attack techniques and tools are introduced. Network and web application
vulnerability assessment (i.e. penetration testing) techniques are covered.
Various countermeasures are presented, with a particular emphasis on network
protection technologies such as firewall, intrusion detection systems, virtual
private network, and access control policies and mechanisms.
The fundamentals of network forensics and cyber-crime scene
investigations and analysis are introduced.
In order to give students hands-on experience, practical assignments are
conducted in a security lab environment using a test-bed on which various
attack scenarios and countermeasures can be explored.
Since some of the techniques learned in this course could be misused,
students will be asked at the beginning of the course to sign a consent form in
which they accept not to use any of the techniques learnt malevolently.
It is
assumed that students have basic knowledge of networking concepts and
protocols, notions of operating systems, and basic programming skills in at least
one of the following languages-Java, C or C++.
"Computer Security: Art and Science" by Matt Bishop,
Addison-Wesley, 2002; ISBN: 0201440997
The following syllabus is subject to the time available and may change
during the term. Some of the topics may not be covered.
The titles of the units match as much as possible corresponding chapters
in the textbook; in any case the corresponding textbook chapters are indicated
in bracket.
-
Ethical issues.
-
Introduction of fundamental security
principles and concepts.
-
Review of attack methods and tools
-
Generic penetration testing methodology
-
Port scanning, denial of service, attack on
authentication system, and input validation attacks, web application
vulnerabilities (e.g. SQL injection, Cross-Site Scripting, Directory traversal)
etc.
Unit 3:
Malicious Logic
(Chap. 22)
-
Trojan horses
-
Rootkits
-
Viruses
-
Worms
-
Botnets
Unit 4:
Security Policies (TB:
Chap 2, 4-7)
-
Notions and examples of security policies and models:
Bell-LaPadulla, Biba,
Chinese Wall etc.
-
Basic access control model, reference monitor concept,
security kernel.
-
Role-based access control model.
Unit 5:
Firewall Systems
(Chap. 26)
-
Classes of firewall
-
Firewall configurations and architectures
-
Network Address Translation (NAT)
-
Linux IP Tables
Unit 6:
Intrusion Detection Systems (IDS) (Chap. 25)
-
IDS models, architectures, and tools
-
IDS performances
Unit 7:
Virtual Private Network (VPN) (Chap. 26)
-
Network Layer Security
-
IPSec protocol
-
VPN Technology
-
Secure Network Architecture
Unit 8:
Network Forensics
-
Forensics Logs
-
Investigation of hacking incidents
Unit 9:
Computer Forensics
-
Investigative Techniques
-
Linux-based Forensics Analysis
-
Windows-based Forensics Analysis
Unit
10: Biometrics
(Chap. 12)
-
Biometric system
-
Types of biometrics (iris scan, fingerprints, voice,
keystroke etc.)
-
Biometric system errors
The dates given are subject to change, so you are responsible for
checking this page regularly.
|
Jan 5-6 |
Unit 1: An Overview of Computer Security |
|
Jan 9-13, 16-20 |
Unit 2: Network attacks and Penetration Testing |
|
Jan 23-27 |
Unit 3: Malicious Logic |
|
Jan 30-Feb 3 |
Unit 4: Security Policies |
|
Feb. 6-10 |
Unit 5: Firewall System |
|
Feb. 13-17 |
Reading Break |
|
Feb. 20-24 |
Unit 6: Intrusion Detection System |
|
Feb. 27-Mar. 2 |
Unit 7: Virtual Private
Network |
|
Mar. 5-9 |
Unit 8: Network Forensics |
|
Mar 12-16 |
Unit 9: Computer Forensics |
|
Mar 22 |
Midterm exam |
|
Mar 19-24, 26 |
Unit 10: Biometrics |
|
Mar 29, Apr 2-6 |
Seminar |
|
Apr 5 |
Last day of classes |
|
|
Weight |
|
Assignment 1 (due Feb.
2/2012) |
10% |
|
Assignment 2 (due Mar.
1/2012) |
10% |
|
Mid-term Exam (March 22/2012) |
35% |
|
Seminar: Modern Security Technologies (Report due March 29/2012, Presentation: Mar 29, Apr 2-6/2012) |
10% |
|
Project: Network Security and Forensics Analysis (due April 5/2012) |
35% |
Announcements and course-related material will be posted here.
Unit 1: An
Overview of Computer Security
Unit 2: Network
Attacks and Penetration Testing
Unit 3: Malicious
Logic
Unit 4: Security
Policies
Unit 5: Firewall
System
Unit 6: Intrusion
Detection System
Unit 7: Virtual
Private Network
Unit 8: Network
Forensics
Unit 9: Computer
Forensics
Unit 10: Biometrics
3. Seminar
The seminar topic is open and may be related to the research interest of the
students (as long as it is geared towards computer security). Possible topics
include (but are not limited to):
- Intrusion Detection
- Firewalls
- Biometrics
- Digital Watermarking
4.
Mid-Term
- Mid-Term
Guidelines & Review Questions
5. Final
Grades
2. "A Security Policy
for Clinical Information Systems", Ross J. Anderson, IEEE Symposium on
Security and Privacy, 1996.
3. "Attack Modeling
for Information Security and Survivability", A.P. Moore, R.J. Ellison,
R.C. Linger, Technical note CMU/SEI-2001-TN-001.
4. "Security
Cryptography and Data Security", D. E. Denning, Addison-Wesley, 1982.
5. C. E. Landwher et al. "A
Taxonomy of Computer Program Security Flaw", ACM Computing Surveys,
vol. 26, No. 3, september
1994
6."Hacking Exposed:
Network Security Secrets and Solutions", 4th Edition, S. McLure, J. Scambray, G. Kurtz
7. M. Ranum,
“Network Forensics: Network traffic Monitoring”, Tech. Rep, Network Flight
Recorder Inc., 1997.