MPCS56515 – Computer and Network Security

Autumn Quarter 2015

Preliminary Syllabus

 

Course Objective

The objective of this course is to provide a basic understanding of Information Technology security – and to build an understanding of the elements that should be in place for an IT environment to achieve an adequate security level.  We will begin with a general overview of IT security and introduce a framework for addressing security needs across an enterprise.  Major security objectives and mechanisms for attaining these objectives will be discussed, including cryptography, authentication systems, Public Key Infrastructure, and platform and network security mechanisms.  This course will give an overview of the technical details involved in the platform and network levels of security.  We will look at common TCP/IP applications and discuss their security vulnerabilities.  The course material will be presented in a framework of understanding business risks and how to address them.

 

Students in this course will use the Unix operating system as a basis of learning host security mechanisms and should have a basic familiarity with Unix as a prerequisite.  Students should also be familiar with TCP/IP networks.  Students will be installing, configuring and running security tools obtained from the Internet as a part of their classwork.

 

There will be a great deal of reading in this course.  Students should have the ability to read and write in clear prose.  Students in this course will be writing an in-depth paper or a project and should have the ability to write a substantial paper.

 

Required Text:        Computer Security: Principles and Practice, 3rd Edition, William Stallings, Lawrence Brown ISBN-10: 0133773922, ISBN-13:  978-0133773927, Publisher:  Prentice Hall, Copyright:  2014

                                 

 

 

Some of the course reading material will be assigned from selected web sites.

 

 

Stallings 3E

Other

Week 1

Instructor(s) Introduction

Course Objectives

 

Information Security Overview

  • Objectives of Information Security – confidentiality, integrity, availability

Information Security Framework

  • Control elements and layers
  • Describe above elements in terms of the ISF
  • Describe as "road map" to understanding security and this course

Risk – definition, Control - definition

Security Goals and Mechanisms

-          Authentication – Authorization

-          User IDs, passwords, groups, privileges, access rules

 

Chapter 1

Verizon – 2015 Data Breach Investigations Report

http://www.verizonenterprise.com/DBIR/2015/

 

 

Mandiant M-Trends 2015:  A View from the Front Lines

https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf

 

Cisco 2015 Annual Security Report

http://www.cisco.com/web/offers/pdfs/cisco-asr-2015.pdf

 

Merritt paper on Risk Management

http://csrc.nist.gov/nissc/1998/proceedings/paperE5.pdf

 

Security Breaches

http://privacyrights.org/data-breach

 

Pfleeger book – Security in Computing – Chapter 1 – Is There a Security Problem in Computing?

http://www.informit.com/articles/article.aspx?p=680830

 

 

"A "KiA “Kill Chain" Analysis of the 2013 Target Data Breach. http://www.commerce.senate.gov/public/?a=Files.Serve&File_id=24d3c229-4f2f-405d-b8db-a3a67f183883

 

 

Week  2

Encryption

*         Symmetric, Asymmetric

*         DES, 3-DES, RSA, AES

Uses of encryption – PGP

 

 

 

 

Chapters 2 (skip 2.5), 20, 21

Anderson – Security Engineering

http://www.cl.cam.ac.uk/~rja14/Papers/SE-05.pdf

 

Schneier – Security Pitfalls in  Crypto

http://www.schneier.com/essay-028.html

 

Anderson – Why Cryptosystems Fail

http://www.cl.cam.ac.uk/~rja14/Papers/wcf.html

 

Ron was wrong, Whit is right

http://eprint.iacr.org/2012/064.pdf

 

 

 

 Week 3

 

Authentication Mechanisms

*         NIS, NIS+,

*         Kerberos

Single Sign-on products

 

PKI

 

Access Control

 

Chapters 3, 4, 23

Windows Authentication = wce –

http://www.ampliasecurity.com/research/wce12_uba_ampliasecurity_eng.pdf

 

Protecting Privileged Domain Accounts

http://computer-forensics.sans.org/blog/2012/02/21/protecting-privileged-domain-account-safeguarding-password-hashes

 

Security Engineering – Ross Anderson -  v2 Chapter 3 – Protocols

https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c03.pdf

 

 

 

Week  4

Review – security mechanisms

 

Host Security – Linux

Authentication - /etc/passwd

Authorization - file permissions rwx

Umode

Groups - /etc/groups

Shadow passwords

File permissions - s, S, t

suid risks

Path variable risks

Critical files - /etc/hosts, /.rhosts, etc.

Change control – Tripwire

Logging

 

 

Chapters 12, 25

Stack overflows explained

http://insecure.org/stf/smashstack.html

 

Analysis of Buffer Overflow Attacks

http://www.windowsecurity.com/articles/Analysis_of_Buffer_Overflow_Attacks.html

 

Improving the Security of Your Unix System

http://simson.net/ref/1990/curry90improving.pdf

 

 

 

 

Week 5

Security Program Development

            security policies

            security awareness programs

 

 

 

Chapaters 14, 15, 17

Information Security Essential Body of Knowledge – on Chalk or

http://csrc.nist.gov/groups/SMA/ispab/documents/minutes/2007-12/ISPAB_Dec7-BOldfield.pdf

 

http://csrc.nist.gov/publications/nistpubs/800-14/800-14.pdf

NIST - Generally Accepted Principles and  Practices for Securing Information Technology Systems - review for areas of content, overview of security program development.  Do not read each area in-depth – understand headings.

 

Security and Privacy Controls for Federal Information Systems and Organizations

http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

 

 

http://www.vtcif.telstra.com.au/pub/docs/security/sert-doc/Site.Security.Policy.Development.txt

Site Security Policy Development

 

http://www.ietf.org/rfc/rfc2196.txt?number=2196

Site Security Handbook - review for areas of content

 

www.usenix.org/publications/library/proceedings/security95/full_papers/winkler.ps

Social engineering

Week 6

PKI

Network Security introduction – attacks, security services and mechanisms

Viruses and other Malware

Denial of Service Attacks,

Network assessment tools

 

 

Chapters 6, 7, 8

 

Firewalls and Internet Security 1st Edition – Chapter 9 Classes of Attacks

http://www.wilyhacker.com/1e/chap09.pdf

 

Week 7 – Application Security

IP Security

Risks – sniffing, spoofing,

Security over Internet protocols

            /etc/services, /etc/inetd.conf, /etc/rc.d

*         telnet – rlogin – ssh - nfs

*         ftp – tftp

*         web

*         ssl

Chapters 10, 11, 22

 

Week 8  -

 

Wrappers and Proxies

Firewalls

Secure Communication over Insecure Networks – VPNs

Wireless

IDS

 

 

 

Chapter 9

Firewalls and Internet Security 1st Edition – Chapter 3 – Firewall Gateways

http://www.wilyhacker.com/1e/chap03.pdf

 

Week 9

 

Audit and Compliance

Regulatory Environment

 

 

 

Chapters, 18, 19

 

Week 10

 

 

Week 11 - Final

 

 

 

 

Grading Policy

Homeworks                            30%

Final                                        25%

Final Project                           25%

Quizzes/Discussion               20%

 

Homework

Homework will mainly consist of configuring, running and reporting on security tools, solving security implementation problems in writing plus one final project.  There will not be in-depth programming assignments – unless the student chooses a final project involving programming.