ISA 562, Security Laboratory

ISA 564, Security Laboratory

[Class Schedule] [Projects]

Instructor: Angelos Stavrou
Lecture: Wednesday 4:30 pm - 7:10pm
Room: Innovation Hall, room 223
Office Hours: Wednesday 3:30 - 4:30pm, 7:10 - 8:10pm, and by appointment
Email: astavrou(_)gmu.edu

Teaching Assistant: Haris Andrianakis
Office: Room 460 in Science & Technology I I
Office Hours: Thursday 4:30pm – 6:30pm
Email: candrian(_)gmu.edu

Teaching Assistant: Eunjung Yoon
Office: Room 330 in Science & Technology I I
Office Hours: Monday 5:00pm – 6:30pm
Email: eyoon2(_)gmu.edu

Course Description:

This class will be focused on current research in Security with emphasis in Network and Software
Security including:

Experiment with Attacks against Networks and Machines:
- Denial-of-service (Dos) attack

Host-based Attacks (Buffer overflows, Kernel rootkits)

Defenses, Forensics and diagnostics for security:
- Detect and Trace the attack either real-time or after the fact
Install and Test Defenses including Intrusion and anomaly detection Systems (IDS)
Examine the functionality of Botnets, Malware, anti-virus, anti-spyware

Class Objectives:

This course provides hands-on experience in configuring and experimenting with commodity networked systems and security software in a live laboratory environment, with the purpose of understanding real-world security threats. This course will take both offensive and defensive approaches and expose students to a variety of real-world attacks, including viruses, worms, rootkits, and botnets. Possible mitigation and defending mechanisms such as firewalls and intrusion detection software will also be covered.

Bibliography:

We are going to cover topics using the provided slides, papers, and online material

Grading:

	Duration (Weeks)	Grade
Class participation		10%
Lab 1: Metasploit	1	5%
Lab 2: Malware & Shellcode	2	10%
Lab 3: Network Attacks	2	10%
Lab 4: Traffic Analysis & Intrusion Detection Systems	2	15%
Lab 5: Host-based Attack Analysis Systems	2	10%

Team Project (3-4 persons)	4	40%
Total	14	100%

A+: ≥ 95%; A: [90%, 95%); A-: [85%, 90%);
B+: [80%, 85%); B: [75%, 80%); B-: [70%, 75%);
C+: [66%, 70%); C: [63%, 66%); C-: [60%, 63%);
D+: [56%, 60%); D: [53%, 56%); D-: [50%, 53%);
F: < 50%.

Please read the University's Academic Honesty Page and GMU Honor Code.

Disability Statement
If you have a documented learning disability or other condition that may affect academic performance you should:
1) Make sure this documentation is on file with the Office of Disability Services:
(SUB I, Rm. 222; 993-2474; www.gmu.edu/student/drc) to determine the accommodations you need;
2) Talk with me to discuss your accommodation needs.

Class Schedule

Week & Date	Course Lectures & Readings
Week 1, Jan. 21	Introduction and Class Mechanics [pdf]
Week 2, Jan. 28	Lab 1, Metasploit Framework [pdf] (due Feb. 11) You will also need to download the following (the password is posted here): [VM1: Linux VM(453MB)] [VM2: Windows 2000(358MB)] [VMware Player (free)] (VMware Workstation licenses will also be provided curtesy of VMware) Additional Material: The Metasploit project page http://www.metasploit.com/ The Metasploit [Primer], [Book], [Video Tutorials]
Week 3, Feb. 4	Lab 1, Metasploit Framework, extensions[pdf] (due Feb. 11th) [Lab1 Video] Malware [pdf] & Intro to Metasploit [pdf] Connection to Database & Automatic Scan Video [PostgreSQL] [Myslq]
Week 4, Feb. 11	Lab 2: Malware & Shellcode [pdf] (due Mar. 11th)
Week 5, Feb. 18	Lab 2: Malware & Shellcode [pdf]
Week 6, Feb. 25	Lab 2: Malware & Shellcode [pdf] [Lab 2, Task 1 Video] [Task 2,3 Video]
Week 7, Mar. 4	Lab 3: Network Attacks & Project Assignments [pdf] (due Apr. 8th) Project Descriptions
Week 8, Mar. 11 no class	Spring Break, no classes
Week 9, Mar. 18	Lab 3: Network Attacks & Teams Discussion RootKits [pdf]
Week 10, Mar. 25	Lab 3: Network Attacks & Teams Discussion [Lab 3, Task 1 Video] [Task 2 Video] RootKits [pdf]
Week 11, Apr. 1	Lab 4: Traffic Analysis & Intrusion Detection Systems (due Apr. 29th) Botnets [pdf] Network Analysis with Wireshark
Week 12, Apr. 8	Lab 4: Traffic Analysis & Intrusion Detection Systems
Week 13, Apr. 15	Lab 5: Host-based Attack Analysis Systems (due May 14th, 6pm) Defenses against Code Injection attacks [pdf]
Week 14, Apr. 22	Lab 5: Host-based Attack Analysis Systems
Week 15, Apr. 29	Lab 5: Host-based Attack Analysis Systems
Week 16, May 6	Open Lab
Week 17, May 13 Final	Final Project Presentations Each team will present for 10'-15' depending on the team size.

Acknowledgements: This course uses material from an earier version of the course designed by Prof. Xuxian Jiang.

Home - Publications - Teaching - CV - Contact

Last updated:
Please feel free to send your comments and suggestions to Angelos Stavrou.
© 2008 Angelos Stavrou, Computer Science Department, George Mason University.