Instructor: Damon McCoy (mccoy(at)cs.gmu.edu) Time: Tuesday 4:30 pm - 7:10 pm Room: Nguyen Engineering Building 4457 [map] Office Hours: Tuesday 2:00 pm - 4:00 pm also by appointment Office: 5328 Engineering Building
Teaching Assistant: Anis Alazzawe
Course Website: http://www.cs.gmu.edu/~mccoy/ISA656_S12.html Course Forum: piazza We will be using piazza for discussions on current security topics, and if you have a question this is the best place to ask it. We will check the page regularly and other students will be able to help as well.
This course will present current attacks and and defenses against networked computers. As a growing number of everyday things not typically thought as computer gain computational ability and in turn are connected to networks traditional security methods, such as locks and physical security mechanisms are no longer sufficient to protect them. This course will delve into the concepts and tools defenders have at their disposal and which threats they can mitigate.
ISA 562 and CS 555; or permission of instructor. There will be substantial programming involved in the assignments, and students should be familiar with programming in C, Java or another language.
week and date | Book | Topic and Required Reading |
---|---|---|
week 1, Jan 24th | Course Overview and Introduction to Network Security [slides on blackboard] | |
week 2, Jan 31st | chapter 23 | Firewalls [slides on blackboard] Chapman, "Network (In)Security Through IP Packet Filtering" |
week 3, Feb 7th | Malware [slides on blackboard] The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond, DHS, SRI, APWG Report, October 2006 THE PARTNERKA . WHAT IS IT, AND WHY SHOULD YOU CARE?, Dmitry Samosseiko, SophosLabs tech report 2009 The Underground Economy of Spam: A Botmaster.s Perspective of Coordinating Large-Scale Spam Campaigns, Brett Stone-Grossx, Thorsten Holzz, Gianluca Stringhinix, and Giovanni Vigna, LEET 2011 Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Usenix Security 2011 HW1 Due |
|
week 4, Feb 14th | chapters 4,5,6 | Guest Lecuter: Professor Angelos Stavrou Cryptography |
week 5, Feb 21st | Intrusion Detection Systems [slides on blackboard] Lab: IDS/Network Sniffers [instructions on blackboard under assignments] |
|
week 6, Feb 28th | Chapters 17,18,19 | Virtual Private Networks (IPsec/IKE) SSL, TLS, SSH |
week 7, Mar 6th | DNS Security Routing Protocol Security (BGP) |
|
week 8, Mar 13th | Spring Break | |
week 9, Mar 20th | DDoS Attacks and Mitigation Lab:Firewalls/Network Scanners | |
week 10, Mar 27th | Chapters 20,25 | Email SecurityMidterm Review |
week 11, Apr 3rd | Midterm | |
week 12, Apr 10th | Wireless SecurityEmbedded Device Security | |
week 13, Apr 17th | Privacy/AnonymityCloud Security | |
week 14, Apr 24th | LDAP/OAuthWeb Security | |
week 15, May 1st | TBD (Possible topics Browser Security Models, HCI and Network Security, Cellular Network Security) | |
Final May 15th 4:30-7:15 | Final Project Presentations |