IA Course CPSC 4620/5620
Computer Network Security
Course Description
A study of key security issues and procedures in computer and mobile communication networks. Among the issues to be discussed are: the security of LANs, WANs, databases, and network operating systems; threats to computer networks through exploitation of network infrastructure design weaknesses; security flaws in the network infrastructure protocols; security of content in computer network services; risk assessment and security policies; and security in mobile communication networks. Procedures will include: network intrusion detection and forensics technologies, cryptographic and authentication systems, capability and access control mechanisms, and new developments in Internet routing and transport protocols, secure mail, directory, and multimedia multicast services. Current trends and research in security policies and technologies will also be discussed.
Prerequisite: CPSC 4550 or 5550 or approval of department head.
Course Outcomes
- Provide students with a high‐level understanding of how information security functions in an organization.
- To master understanding external and internal threats to an organization,
- To be familiar with information security awareness and a clear understanding of its importance,
- To be familiar with how threats to an organization are discovered, analyzed, and dealt with,
- To master fundamentals of secret and public cryptography,
- To master protocols for security services,
- To be familiar with network security threats and countermeasures,
- To be familiar with network security designs using available secure solutions (such as PGP, SSL, IPSec, etc),
- To be familiar with advanced security issues and technologies (such as DDoS attack detection and containment, and anonymous communications,),
- To be exposed to original research in network security,
- To be exposed to the importance of integrating people, processes and technology
Textbooks:
- Michael T. Goodrich & Roberto Tamassia, Introduction to Computer Security, ISBN-13: 978-0-321-51294-9, ISBN-10: 0-321-51294-4, Pearson, 2011.
- Vincent Nestler, Gregory White, wm. Arthur Conklin, Principles of Computer Security: CompTIA Security+ and Beyond – Lab Manual, ISBN: 978-0-07-174856-8, MHID: 0-07-174856-3, McGraw Hill, 2011.
CPSC 4620 Syllabus CPSC 5620 Syllabus
Course Outline
Topic 1: Introduction
CIA, Security goals, Assurance, Authenticity, Trust management, Anonymity, Threats and attacks (Eavesdropping, Alteration, Denial-of-service, Masquerading, Repudiation, Correlation and traceback), Security principles, Economy of mechanism, Fail-safe defaults, Complete mediation, Open design, Separation of privilege, Least privilege, Least common mechanism, Psychological acceptability, Work factor, Compromise recording, Access Control, Role-based access control, Symmetric cryptosystems, Symmetric key distribution, Public-key cryptography, Digital signatures, Hash functions, Message authentication codes, Digital certificates, Passwords, Password complexity, Social Engineering
Topic 2: Physical Security: Authentication, TEMPEST, RFID, Biometrics
Topic 3: Operating System Concepts and Buffer-over-flow
Topic 4: Operating System Security Application Program Security
Topic 5: Malware: Insider Attacks, Malware, Privacy-Invasive Software, Countermeasures
Topic 6: Network Security: ARP, ICMP, Sniffing, IP Spoofing
Topic 7: Network Security: TCP, UDP, NAT, TCP Session Hijacking, DoS
Topic 8: Network Security: DNS, SSH, VPN
Topic 9: Network Security: IPSec, SSL, Firewall, Wireless security
Topic 10: Web Security
Topic 11: Cryptography
Topic 12: Security Models and Practice
Topic 13: Digital Right Management
Topic 14: Spam and Cybercrime
Hands-on Labs
1. Buffer Overflow Vulnerability Lab
2. Race Condition Vulnerability Lab
3. Cross-Site Scripting (XSS) Attack Lab
6. Attack Lab: Attacks on TCP/IP Protocols
References
Journal
- IEEE Signal Processing Society., & Institute of Electrical and Electronics Engineers. (2006). IEEE transactions on information forensics and security. New York, NY: IEEE Signal Processing Society.
- Network security. (1900). New York, NY: Elsevier Science Pub. Co.
- Association for Computing Machinery., & National Institute of Standards and Technology (U.S.). (n.d.). ACM conference proceedings. New York: Association for Computing Machinery.
- Association for Computing Machinery. (2005). ACM transactions on storage. New York, N.Y: ACM.
- International journal of electrical power & energy systems. (1979). Guilford, Eng.: IPC Business Press.
Article
- Aydin, M. A., Zaim, A. H., & Ceylan, K. G. (May 01, 2009). A hybrid intrusion detection system design for computer network security. Computers and Electrical Engineering, 35, 3, 517-526.
- Network security. (January 01, 2006). Broadcast Engineering, 48, 7.)
- Bradbury, D. (January 01, 2006). Modeling network security. Computers & Security, 25, 3.)
- Network Security Appliance Adds Compliance Reports; Network Intelligence enhances network security appliance to report on Sarbanes-Oxley compliance.(enhancement of Network Intelligence Engine)(Brief Article). (January 01, 2005). Informationweek.
- Wilson, J. (January 01, 2005). The Two Sides Of Network-Security Devices; Today's IT security buyers have a wide variety of network-security products to choose from, which can be broken into two primary categories: network-integrated security and standalone security. Informationweek.
- Langley, N. (January 01, 2005). hot skills Firewalls and VPNs are the mainstays of network security; Network security can be lucrative but be prepared for costly training.(virtual private networks). Computer Weekly, 40.
- Periolat, J. (January 01, 2005). A new network perimeter.(network security). Communications News, 42, 3.)
- Roberts, G. (January 01, 2006). Network Security Is Manageable. Computers in Libraries, 26, 1, 28-30.
Book
- Kizza, J. M. (2013). Guide to computer network security. London: Springer.
- Kizza, J. M. (2006). Computer network security and cyber ethics. Jefferson, N.C: McFarland.
- McClure, S., Scambray, J., & Kurtz, G. (2009). Hacking exposed 6: Network security secrets & solutions. New York: McGraw-Hill.
- Wang, Y. (2009). Statistical techniques for network security: Modern statistically-based intrusion detection and protection. Hershey: Information Science Reference.
- Bishop, M. (2003). Computer security: Art and science. Boston: Addison-Wesley.
Newspaper
- Investor's business daily. (2002). Los Angeles, Calif: Investor's Business Daily, Inc.
Resources
Secure Use |
|
General Security Policy: Cyber Ethics |
Cyber Ethics |
General Security Policy: Information Technology Security Evaluation Criteria (ITSEC) |
ITSEC Definition |
General Procedures: Inference |
Inference Definition |
General Procedures: Rainbow Series |
Rainbow Series |
General Procedures: NSTISSAM COMPUSEC/1-99 Insider Threat to Government Computer Systems |
NSTISS Glossary
|
General Countermeasures and Safeguards: Computer Law |
Computer Law |
General Countermeasures and Safeguards: Computer Media |
Computer Media
|
General Countermeasures and Safeguards: Evaluate Security Testing Tools |
Security Testing Tools |
Administrative Countermeasures/Safeguards: Control Management |
Change Control
|
Administrative Countermeasures/Safeguards: Privacy Act |
Privacy Act of 1974 |
Operations Policies/Procedures: Keystroke Monitoring |
Keystroke Monitoring |
Operations Policies/Procedures: Disaster Recovery Planning |
Disaster Recovery |
Incidents |
|
Policy and Procedures: Incident Response |
Incident Response |
Policy and Procedures: Witness Interrogation |
Witness Interrogation |
Operations Countermeasures/Safeguard: Computer Attacks |
Computer Attacks
|
Operations Countermeasures/Safeguard: Computer Emergency Readiness Teams |
CERT |
Configuration |
|
Administrative Policies/Procedures: Approval to Operate |
Approval to Operate |
Administrative Policies/Procedures: Configuration/Change Control |
Change Control |
Administrative Policies/Procedures: Copyright Protection |
Copyright Protection |
Administrative Policies/Procedures: Patch Management |
Patch Management |
Administrative Policies/Procedures: Records Management |
Records Management |
Administrative Policies/Procedures: Wireless Use Policies |
Wireless Use Policy |
Anomalies and Integrity |
|
General Risk Management: Computer System Risk Management |
Risk Management |
Access Control Safeguards: Computer System Access Control |
Access Control |
Access Control Safeguards: Protected Distribution Systems |
Protected Distribution System |
Access Control Safeguards: Information Systems Access Restrictions |
Access Restrictions |
Administration |
|
Access Control Mechanisms: KMI Applications |
Key Management |
Access Control Mechanisms: Single Sign-on |
Single Sign On |
IA Sites
- National Security Agency, Central Security Service—Information Assurance
- Information Assurance Support Environment
- Information Design Assurance Red Team (IDART)
- National Institute of Standards and Technology (NIST) Computer Security Division
- NIST Computer Security Resource Clearinghouse
- National Telecommunications and Information Administration (NTIA)
- ICAT Metabase
- ICAT is a searchable index of information on computer vulnerabilities. It provides search capability at a fine granularity and links users to vulnerability and patch information.
- National Vulnerability Database (NVD)
- STRATCOM
- ASD NII
- Defense Advanced Research Projects Agency (DARPA)
- Defense Information Systems Agency (DISA)
- Internet Traffic Report
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100 and is updated ever 15 minutes. Higher values indicate faster and more reliable connections. - Electronic Privacy Information Center Home Page
Public interest research center in Washington, D.C. - Information Security Portal
This site provides information concerning the topic of Information Warfare including security tools, the law and legal issues, espionage, terrorism, and information operations. - Internet Privacy Coalition
- International Computer Security Association (ICSA)
ICSA is known worldwide as an objective source for security assurance services. - Glossary of Information Warfare Terms
- Cyberwar - Information warfare and psychological operations
Provides information on the topics of propaganda analysis, online journals, index and metapages, general resources, intelligence agencies, and articles and documents. - Reliable Software Technologies (RST): Information Warfare
- Forum of Incident Response and Security Teams (FIRST)
- FIRST brings together a variety of computer security incident response teams from government, commercial, and academic organizations. FIRST aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large.
- International Association for Cryptologic Research (IACR)
The International Association for Cryptologic Research (IACR) is a non-profit scientific organization whose primary purpose is to further research in cryptology and related fields. - International Biometrics Industry Association (IBIA)
- Common Vulnerabilities and Exposures
- A list of standardized names for vulnerabilities and other information security exposures - CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.
- Institute for Applied Network Security (IANETSEC)
The Institute for Applied Network Security is the premier membership organization for practicing information security professionals. The Institute's mission is to provide key technical and business insights to help members solve their most pressing professional challenges. - Reliability Information Analysis Center (RIAC)
Reliability Information Analysis Center (RIAC) : A Government and Industry focal point for Reliability, Maintainability, Quality, Supportability, and Interoperability related Engineering, Data, Software, Information, Training and Technical Assistance.