CS 4393: Computer and Network Security Monday, Wednesday 10:00AM-11:15AM at JSOM 11.202 $Id: spring2015.t2t, v1.0, last updated %%mtime(%c) Exp $ %! Target: %! Options: --toc --css-sugar --encoding=iso-8859-1 %! Style: tech.css %! PreProc: %! PostProc: --------------------------------------------------------------------------- === Course Overview === Computer and Network Security (3 semester hours) is a comprehensive study of the security principles and practices of computer and network systems. Topics include fundamental concepts and principles of computer security, operating system and network security, firewalls and intrusion detection systems, secret key and public key cryptographic algorithms, hash functions, authentication, SSL and Web security. The learning outcome is students shall be able to understand the basic principles and practices in computer and network security. In particular, understand what the foundational theory is behind computer security, what the common threats are (e.g., malware, exploit, vulnerability), and how to build the defense mechanism in a combination from OS, network and applied crypto. In support of this, the course will prepare students to do basic system, network, and application-level programming/labs related to security purposes. --------------------------------------------------------------------------- === Course Syllabus === ==== PART ONE: Starting from threat ==== - Software vulnerability and memory exploits - Malicious and unwanted software - Network attacks, protocol vulnerabilities, Denial-of-service ==== PART TWO: Operating System and Software Security ==== - User Authentication - Access Control - Security policy - Trusted Computing and Multilevel Security - Host based Intrusion Detection, Prevention - Control flow integrity - Sandboxing, software fault isolation ==== PART THREE: Basic Cryptography ==== - Secret key cryptography - Public key cryptography - Hashes and message digests - Cryptographic Tools ==== PART FOUR: Network Security ==== - Internet Protocol and Standards - Protocol Vulnerability Analysis - Firewall, network based intrusion detection, prevention - SSL/TLS - Authentication - Web Security **NOTE**: please access all the lecture notes posted in [e-learning https://elearning.utdallas.edu/]. --------------------------------------------------------------------------- === Text Books === ====Required textbooks==== - [Bishop] Matt Bishop, Introduction to Computer Security, Addison-Wesley, 2004. ISBN 0-321-24744-2. - [KPS] Charlie Kaufman, Radia Perlman, and Mike Speciner. Network Security---Private Communication in a Public World, 2nd Edition. Prentice ll, 2002. ISBN 978-0-13-046019-6. ====Reference textbooks==== - Charles P. Pfleeger and Shari Lawrence Pfleeger. Security in Computing, Fourth Edition. Prentice Hall, 2007. ISBN 0-13-239077-9. - Michael Goodrich and Roberto Tamassia. Introduction to Computer Security, Addison-Wesley, 2010. ISBN 0321557867 --------------------------------------------------------------------------- === Office Hours === Monday, Wednesday 11:30AM - 12:30PM --------------------------------------------------------------------------- === Prerequisites === - CS 3340 Computer Architecture - CS 3376 C/C++ Programming in a UNIX Environment - CS 4348 Operating Systems Concepts --------------------------------------------------------------------------- === Course Projects === - There will be six projects plus one bonus. Detail for each project will be anounced in elearing. A special thank goes to Prof. Wenliang Du for his contributions on the SEED security labs that will be adopted in our course projects. --------------------------------------------------------------------------- === Course Policy === ==== Grading Policy ==== - 60% Class Project - 15% Midterm - 25% Final ==== Late Policy ==== All late submissions will automatically lose 1 point per delayed day. ==== Collaboration Policy ==== Students are encouraged to collaborate, particularly on the discussion on the course project. Students can form a team with at most 2 students per team. ==== Cheating Policy ==== We will strictly follow the university policy on cheating and plagiarism which is available [here http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-policies.html]. Please [avoid http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-AvoidDishonesty.html]. There are also several examples of [Scholastic Dishonesty http://www.utdallas.edu/judicialaffairs/UTDJudicialAffairs-Basicexamples.html] If you have any questions regarding this issue, please contact the instructor. --------------------------------------------------------------------------- === Acknowledgements === The course materials have incorporated those developed by Dr. Matt Bishop (UC Davis), Dr. David Brumley (CMU), Dr. Wenliang Du (Syracuse), Dr. Nick Feamster (Georgia Tech), Dr. Guofei Gu (TAMU), Dr. Wenke Lee (Georgia Tech), Dr. Ninghui Li (Purdue), Dr. Peng Ning (NCSU), and Dr. Vitaly Shmatikov (UT Austin). The copyright of these materials belongs to them. %!include: ''sp12.js'' --------------------------------------------------------------------------- [HOME index.html] [SOURCE %%infile]