Description
Attacks on networked computer systems are an increasingly important problem. This course covers the types of vulnerabilities that are present in modern computer systems and the types of malicious software that exploit these vulnerabilities. It also covers best practices for preventing, detecting and responding to such attacks including anti-virus software, defensive programming techniques, intrusion detection systems, honeypots and firewalls. Given when needed (typically every other spring).Prerequisites
A general course in computer networking such as CS 455/555 or EE 407/507. Programming experience to the level of CS 142 or EE 361CS 344Materials
This semester we will be reading and discussing This Is How They Tell Me the World Ends by Nicole Perlroth. You will need a copy of this book.There is no required textbook, but if you learn well by reading and would like to supplement what we do in class, I highly recommend Security Engineering by Ross Anderson.
Objectives
- Expose student to major classifications of malware.
- Investigate and understand the weaknesses in our software and network protocols that allow attacks.
- Provide students with tools and strategies for diagnosing infected machines.
- Enable students to proactively secure computer systems.
- Expose students to how anti-virus materials are produced.
- Encourage students to propose and investigate innovations that can reduce risk of infection or damage from infection.
Outcomes
- Students will be able to place computer security activities into an iterative security lifecycle process including phases such as prevention, detection, recovery and response.
- Students will be able to characterize and distinguish between major types of malicious software or malware including for example viruses, Trojan Horses, worms and spyware.
- Students will be able to diagnose systems that have been compromised by malware using tools such as intrusion detection systems and network protocol analyzers.
- Students will use databases of credible information on specific attacks such as Symantec Security Response and Computer Emergency Response Team (CERT).
- Students will be familiar with best practices for preventing and recovering from attacks including closing unused network ports, keeping software up-to-date and regular system back-ups.
- Students will understand how defenses against new attacks are developed and distributed.
- Students will think critically about the state of art in computer and network security including weaknesses in our response to new attack codes and weaknesses in systems that automatically update software.
Grading
Tentative grade breakdown:- 50% Assignments, Quizzes, Readings, Responses
- 20% Security Project
- 5% Attendance and Class Participation
- 25% Final Exam
Attendance Policy/Late Policy
I expect students to attend each class. We will doing hands-on exercises and labs throughout the semester. If you must miss a class, please make arrangements ahead of time or if the absence is unexpected then make an appointment to discuss it with me as soon as possible. Attendance can be used as mitigating factor in computing grades.I do not plan on accepting late work for credit. If you complete an assignment late, you may submit it with a written note explaining the circumstances. If I have not completed the grading, I will grade your work, but the score will be recorded as a zero.
I will however keep a special folder with the explanatory notes you have written and possibly the score that would have been assigned if the work was submitted on time. At the end of the semester, before assigning final grades, I will read through all the notes in the folder one more time and consider reinstating or dropping the score for that assignment if it would indeed have changed the final grade.
Academic Integrity
All work you submit must be your own individual work unless explicitly indicated. In particular, work taken from books, the Internet, other students or any other source may not be submitted as your own. You are always better to err on the side of acknowledging sources and collaborations!!!It is also an academic integrity violation for you to give your work to others. This includes sharing materials privately as well as making assignments available in Github or other public repositories.
Additional information about rights, obligations and procedures related to academic integrity can be found in Section IV of Clarkson's official regulations.