CS451 – Fall 2006

Information Systems Security

Course Calendar

This calendar below describes the topics of each class meeting, reading assignments, and homework assignments. Readings will from the text, articles from the literature, newspapers, and sites on the Web. The calendar below indicates topics for only the some initial class meeting dates. This calendar will be updated as the course unfolds. Readings should be completed before you come to class.

I will post the slides for lectures just before or just after the lecture. For future lectures the slide pointers will not resolve until I post the slides.

For selected course dates, there is an associated assignment that is due in class on the associated date.

Date Topic Assignments Due

23 Aug Introduction to the Course; discuss group project topics

28 Aug Discussion: "Take down" of the Internet; fundamentals of security           In class assign # ("take down"); group discussion

30 Aug Worms & Viruses; Read Anatomy of Malice by Stephen Cass
Read Stallings (text), chapter 19

Assign #2 due: Describe one virus or worm in detail, based on what you can find on the Web

4 Sept Buffer overflow
Background reading: Stack Smashing

6 Sept Viruses and worms; Denial of service attacks
Background reading: Failure to Learn from Past (about the Morris worm)
Form a group; identify group members; give me a project plan for your (tentative) topic

11 Sept Electronic Voting - security issues; Read: Analysis of Electronic Voting System by A. Rubin; Check out www.VerifiedVoting.org
Read Stallings, chapter 1
Assign #3 due

13 Sept
Cryptography - classical styles
Read Stallings, chapter 2

18 Sept
Cryptography - Block Ciphers - DES

Read Stallings, chapter 3

20 Sept Block Ciphers after DES; Peruse Stallings, chapter 5 Outline of project document due (web site or research report)

25 Sept Current & Future Roles of U.S. Coast Guard Polar Icebreaking Operations

27 Sept Cryptography - Public/Private Key Systems; Peruse Stallings, chapter 8 (number theory); Read Stallings, chapter 9 Assignment 4 (problems from Stallings text): 2.1, 2.5, 3.2, 3.5, 3.6

2 Oct Cryptography - Protocols, Digital Signatures & Authentication

4 Oct Cryptography - Authentication - MAC - Hash; Read Stalling chapter 12 Assignment 5 (problems from Stallings text): 9.2 (a,b and c only), 9.3, 9.4, 9.5

9 Oct Reading Day

11 Oct Exam # 1 - Mid Term (closed book - covers material to date)

16 Oct Review answers to mid term exam - group project meetings

18 Oct Intrusion Detection -- misuse and anomaly -- Read Stallings, chapter 18. Review the 4 papers listed for 18/23 October
Read papers: "Experience with Tripwire" by Gene Kim and Gene Spafford
"GrIDS - A Graph-Based instruction Detection System for Large Networks" by S. Staniford-Chen, et.al.
Slides: Tripwire, GrIDS

23 Oct Intrusion Detection -- misuse and anomaly - read Stallings, chapter 9
Read papers: "USTAT: a Real-time Intrusion Detection System for UNIX" by Koral Ilgun
"Intrusion Detection Using Sequences of System Calls" by S.A. Hofmeyr, S. Forrest, et.al.
Slides: USTAT, Forrest-Intrusion Detection Using Sequences of System Calls

25 Oct Protection mechanisms in operating systems; Access lists and capabilities        Read about both topics in your favorite operating system text     Assignment 6: Write a 1-3 page paper describing one selected intrusion detection technique

30 Oct Computer forensics and standards

1 Nov Kerberos - authentication service - read Stallings, chapter 14 (p400-419)

6 Nov Kerberos - authentication service

8 Nov IPSec - - read Stallings, chapter 16

13 Nov Information flow - Information Flow

15 Nov Buffer class

18-26 Nov          Thanksgiving

27 Nov Student Group Presentations
     Hijack: Andres, Chi, Latimer

     Face Recognition: Gathuka, Outlaw, Barkers

     Hijack: Brady, Tylka, Din
     Watermarks: Pricope, Peek, Wu

29 Nov Student Group Presentations
     Digital Rights: Chin, Kapadia, Yang, Yokoyama

     Hijack: Banda, Gisiger

     Limited Logon: Hurst, Biddlecomb, Rodriguez
     Hijack: Brennan, Carter, Sluka, Talma

4 Dec Student Group Presentations
     Active Defense: Greenfield, Weatherwax, Cook, Bakar

     Steganography: Foroobar, Stammeti

     Hijack: Hankins, Hockensmith, Krainak

8 Dec Final examination - Friday

Date	Topic	Assignments Due
23 Aug	Introduction to the Course; discuss group project topics
28 Aug	Discussion: "Take down" of the Internet; fundamentals of security	In class assign # ("take down"); group discussion
30 Aug	Worms & Viruses; Read Anatomy of Malice by Stephen Cass Read Stallings (text), chapter 19	Assign #2 due: Describe one virus or worm in detail, based on what you can find on the Web
4 Sept	Buffer overflow Background reading: Stack Smashing
6 Sept	Viruses and worms; Denial of service attacks Background reading: Failure to Learn from Past (about the Morris worm)	Form a group; identify group members; give me a project plan for your (tentative) topic
11 Sept	Electronic Voting - security issues; Read: Analysis of Electronic Voting System by A. Rubin; Check out www.VerifiedVoting.org Read Stallings, chapter 1	Assign #3 due
13 Sept	Cryptography - classical styles Read Stallings, chapter 2
18 Sept	Cryptography - Block Ciphers - DES Read Stallings, chapter 3
20 Sept	Block Ciphers after DES; Peruse Stallings, chapter 5	Outline of project document due (web site or research report)
25 Sept	Current & Future Roles of U.S. Coast Guard Polar Icebreaking Operations
27 Sept	Cryptography - Public/Private Key Systems; Peruse Stallings, chapter 8 (number theory); Read Stallings, chapter 9	Assignment 4 (problems from Stallings text): 2.1, 2.5, 3.2, 3.5, 3.6
2 Oct	Cryptography - Protocols, Digital Signatures & Authentication
4 Oct	Cryptography - Authentication - MAC - Hash; Read Stalling chapter 12	Assignment 5 (problems from Stallings text): 9.2 (a,b and c only), 9.3, 9.4, 9.5
9 Oct	Reading Day
11 Oct	Exam # 1 - Mid Term (closed book - covers material to date)
16 Oct	Review answers to mid term exam - group project meetings
18 Oct	Intrusion Detection -- misuse and anomaly -- Read Stallings, chapter 18. Review the 4 papers listed for 18/23 October Read papers: "Experience with Tripwire" by Gene Kim and Gene Spafford "GrIDS - A Graph-Based instruction Detection System for Large Networks" by S. Staniford-Chen, et.al. Slides: Tripwire, GrIDS
23 Oct	Intrusion Detection -- misuse and anomaly - read Stallings, chapter 9 Read papers: "USTAT: a Real-time Intrusion Detection System for UNIX" by Koral Ilgun "Intrusion Detection Using Sequences of System Calls" by S.A. Hofmeyr, S. Forrest, et.al. Slides: USTAT, Forrest-Intrusion Detection Using Sequences of System Calls
25 Oct	Protection mechanisms in operating systems; Access lists and capabilities Read about both topics in your favorite operating system text	Assignment 6: Write a 1-3 page paper describing one selected intrusion detection technique
30 Oct	Computer forensics and standards
1 Nov	Kerberos - authentication service - read Stallings, chapter 14 (p400-419)
6 Nov	Kerberos - authentication service
8 Nov	IPSec - - read Stallings, chapter 16
13 Nov	Information flow - Information Flow
15 Nov	Buffer class
18-26 Nov	Thanksgiving
27 Nov	Student Group Presentations Hijack: Andres, Chi, Latimer Face Recognition: Gathuka, Outlaw, Barkers Hijack: Brady, Tylka, Din Watermarks: Pricope, Peek, Wu
29 Nov	Student Group Presentations Digital Rights: Chin, Kapadia, Yang, Yokoyama Hijack: Banda, Gisiger Limited Logon: Hurst, Biddlecomb, Rodriguez Hijack: Brennan, Carter, Sluka, Talma
4 Dec	Student Group Presentations Active Defense: Greenfield, Weatherwax, Cook, Bakar Steganography: Foroobar, Stammeti Hijack: Hankins, Hockensmith, Krainak
8 Dec	Final examination - Friday