CS 6324: Information Security Tuesday, Thursday 04:00-05:15PM at ECSS 2.201 $Id: fall2012.t2t, v1.0, last updated %%mtime(%c) Exp $ %! Target: %! Options: --toc --css-sugar --encoding=iso-8859-1 %! Style: tech.css %! PreProc: %! PostProc: --------------------------------------------------------------------------- === Course Overview === ==== Course Description ==== Information Security (3 semester hours) is a comprehensive study of the principles and practices of computer system security including operating system security, network security, software security and web security. Topics include common attacking techniques such as virus, trojan, worms and memory exploits; the formalisms of information security such as the access control and information flow theory; the common security policies such as BLP and Biba model; the basic cryptography, RSA, cryptographic hash function, and password system; the real system implementations, with case study of UNIX, SE-Linux, and Windows; network intrusion detection; software security theory; web security; legal and ethical issues in computer security. ====Student Learning Outcomes ==== The learning outcome is students shall be able to understand what are the common threats faced today, what are the foundational theory behind information security, what are the basic principles and techniques when designing a secure system, how to think adversarially, how today's attacks and defenses work in practice, how to assess threats for their significance, and how to gauge the protections and limitations provided by today's technology --------------------------------------------------------------------------- === Course Syllabus === ==== Introduction ==== - Course introduction (syllabus, policies, projects, and recent cyber threats overview) - An overview of information security: confidentiality, integrity, and availability ==== Understanding the Threats ==== - Malicious software (Viruses, trojans, rootkits, worms, botnets) - Memory exploits (buffer overflow, heap overflow, integer overflow, format string) ==== Formalisms ==== - Access control theory, access control matrix - Information flow ==== Policy ==== - Security policies - Confidentiality policies (BLP model) - Integrity policies (Biba, and Clark-Wilson model, Chinese Wall model,) - Hybrid policies (Role-based access control) ==== IMPLEMENTATION I: Cryptography ==== - Block and stream ciphers - Cryptographic hash functions, Message Authentication Codes (MAC) - Public and private key systems - Message digests. Approximate strength of ciphers - Authentication - Password system ==== IMPLEMENTATION II: Systems ==== - Secure design principles (Least-privilege, fail-safe defaults, complete mediation, separation of privilege) - TCB and security kernel construction - System defense against memory exploits - UNIX security and Security-Enhanced Linux (SELinux) - Windows security ==== Network Security ==== - TCP/IP security issues - DNS security issues and defenses - TLS/SSL - Network Intrusion detection and prevention systems - Firewalls ==== Software Security ==== - Vulnerability auditing, penetration testing - Sandboxing - Control flow integrity ==== Web Security ==== - User authentication, authentication-via-secret and session management - Cross Site Scripting, Cross Site Request Forgery, SQL Injection ==== Legal and Ethical Issues ==== - Cybercrime and computer crime - Intellectual property, copyright, patent, trade secret - Hacking and intrusion - Privacy, identity theft. **NOTE**: please access all the lecture notes posted in [e-learning https://elearning.utdallas.edu/webct/logon/1815329274031]. --------------------------------------------------------------------------- === Text Books === - [Computer Security: Art and Science (2nd version) http://nob.cs.ucdavis.edu/book/book-aands/], Addison-Wesley --------------------------------------------------------------------------- === Office Hours === Tuesday, Thursday 5:20PM - 6:20PM --------------------------------------------------------------------------- === Prerequisites === - CS 3340 Computer Architecture - CS 3376 C/C++ Programming in a UNIX Environment - CS 4348 Operating Systems Concepts - CS 4393 Computer and Network Security - CS 4394 Implementation of Modern Operating Systems - CS 4389 Introduction to Data and Applications Security --------------------------------------------------------------------------- === Course Projects === - Developing memory exploits with 5 vulnerable programs - Exploiting security features in SE-Linux for the access control - Password system analysis - Web-security vulnerability analysis - Alternative projects require instructor's approval === Homeworks === - There will be four homeworks. Details for each homework is TBA --------------------------------------------------------------------------- === Course Policy === ==== Grading Policy ==== - 5% Class participation - 30% Class Project - 20% Homework - 10% Midterm - 30% Final - 5% iCTF ==== Late Policy ==== No late submission. Otherwise, it will be penalized or may not be graded. ==== Collaboration Policy ==== Students are encouraged to collaborate, particularly on the course project. But we will limit the team member to at most two students. ==== Cheating Policy ==== We will strictly follow the university policy on cheating and plagiarism which is available [here http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-policies.html]. Please [avoid http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-AvoidDishonesty.html]. There are also several examples of [Scholastic Dishonesty http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-Basicexamples.html] If you have any questions regarding this issue, please contact the instructor. --------------------------------------------------------------------------- === Similar Courses === - [Information Security by Prof. Chris Clifton http://www.cs.purdue.edu/homes/clifton/cs526/] - [Information Security by Prof. Ninghui Li http://www.cs.purdue.edu/homes/ninghui/courses/526_Fall12/syllabus.html] %!include: ''f12.js'' --------------------------------------------------------------------------- [HOME index.html] [SOURCE %%infile]