IS&T 4600: Information Security I Fall 2013

brickborderSecurity

Nov 3, 2013 (3 years and 9 months ago)

77 views

IS&T
4600
:
Information Security I


Fall

20
1
3


Instructor:

Dr. Seokwoo Song



Office:

WB 258 (daytime) &
D
2
-
137D

(evening)



Office Hours:

2
:
0
0


4
:
0
0 PM, Monday

(WB 258)

&

4
:
0
0


5
:
30 PM, Thursday

(D2
-
137D)





Also available by appointment


Phone:


395
-
3455



Email:


seokwoosong@weber.edu



Web Site:


http://faculty.weber.edu/ssong


Meeting Schedule:


5
:
30

PM


8
:
1
0 PM,
Thr
.
,

D2
-
225


Textbook:

Guide to Network
Defense and Countermeasures, 3rd Edition
, by
Randy Weaver
,
Dawn
Weaver
,
Dean Farwood
,
ISBN
-
10: 1133727948
, Cengage Learning



The Art of Deception: Controlling the Human Element of Security
, by
Kevin D. Mitnick,
William L. Si
mon, Steve Wozniak,
ISBN: 978
-
0
-
7645
-
4280
-
0


Course Objectives:



The course

provides the student with a solid foundation in network security fundamentals, but
assumes familiarity with the Internet and basic networking concepts.
T
he course also covers
such essential practices as

intrusi
on detection,

developing a security policy
,

setting up
packet filterin
g, and installing proxy servers and

firewalls.
Upon successful completion of this
course,
students should be able to

understand
:



Network Security Fundamentals



Network Traffic Signatures



Cryptography



Understanding Wireless Networking Security



Intrusion Detection and Prevention System Concepts



Firewall Design and Management



Internet and Web Security


Prerequisites: IS&T Core. Co
-
requisite: IS&T 3620


Evaluation:

Lab projects






5
0 Point
s



Class Presentation (group)




4
0 Points

Individual
Project





5
0

Points

Two Quizzes (20 pts each)
Mitnick


40 Points



Four

Quizzes (
30

pts each)

Weaver

1
2
0 Points



Total:





30
0 Points




Final Grades:

93% <= Score <= 100%:


A





90% <= Score

< 93%:


A
-





85% <= Score < 90%:


B+





80% <= Score < 85%:


B





75% <= Score < 80%:



B
-





70% <= Score < 75%:


C+





65% <= Score < 70%:


C





60% <= Score < 65%:


C
-





55% <= Score < 60%:


D+





50% <= Score < 55%:


D





45% <= Score <
50%:


D
-





< 45%:




F


Quizzes
:

The covering chapters

(
Weaver
)

are
1,
2, 3
,
4
,
5
, 6, 7, 8, 9, 1
0
, 1
2
,

and
13

during the
semester.

Quizzes

are to be taken
in the classroom

at the beginning of the n
ext lecture
after completing THREE

chapters
.





Two qu
izzes

are planning to give, based upon the contents from
Mitnick
.




Exceptions will be made only in extreme situations over which the student has no control.
Should that be the case, a request would need to be made and approved in order to take
the exam
at a different time. No make
-
up
quiz will be allowed for a quiz

missed without the
instruc
tor's approval prior to the quiz
.


Individual Project
:



Each project will have to be demonstrated to

the instructor and you will have
to submit a
four
-
page report d
escribing what you did

(i.e., what products you used, why you used
those products, what problems you

encountered, what security problem was solved by this
project, and what security

problem(s) that particular product solves).


Each student will create a se
cured machine by doing the following:

1.

The first phase of this project is to set up a firewall and demonstrate how the firewall works by
using a port scanner from another machine. Be able to explain how firewalls and port
scanners work. A useful site to loo
k at is: http://www.firewallguide.com/software.htm. This site
is also useful:
http://www.techsupportalert.com/
.

2.

The second phase of this project is to demonstrate a packet sniffer to me, showing me the
netwo
rk traffic between the two machines, and explaining how the sniffer works and what the
contents of the sniffer log mean.

3.

The third phase of this project is to set up anti
-
virus software on your PC and try to infect the
PC with a virus or other malware.

4.

T
he fourth phase of this project is to infect your machine with a trojan horse malware product.
Demonstrate the remote control features of the trojan horse. Examples include Sub7 and
BackOrifice and other examples can be found at
http://www.OffensiveComputing.net/
.


Class Presentation
:


The project is to be completed by groups of 2 to 3 students. Groups are to be formed by
students themselves.
Each student will make a presentation in class. The presentatio
n will
be accompanied

with a one
-
page class handout

to

everyone in class. This

presentation
should be
specific rather than general
, such as on a particular trojan horse

rather than the
concept of trojan horses. Each presentation should take about ten to

fi
fteen minutes. You
may not make a presentation on a topic already covered by

another student.


Examples of
presentation

topics are
: instant messaging security, hacking

gaming systems,
encryption algorithms, IP spoofing,

hacking an iPhone, how a new example

of malware

wo
rks in detail, new war driving techniques, wireless

security,
an
d so on.

.


Cell Phones,

Texting
, and Laptops
:




Put your cell phones on vibrate. Try to avoid leaving class to take a call, but an occasional
emergency is understandable. Ther
e will be no texting in this class.

Laptops or other
personal digital tools may be used to take notes, look up material relevant to class projects.
No other uses of laptops will be tolerated.


Attention
:

Cheating and plagiarism are strictly prohibited. Vi
olations may result in a failing grade for the
course and additional disciplinary actions by the university.


Any student requiring accommodations or services due to a disability should contact
Services for Students with Disabilities (SSD) in room 181 of t
he Student Service Center.
SSD can also arrange to provide course materials (including this syllabus) in alternative
formats if necessary.



Special Note on
Emergency
:



In the event of an extended campus closure due to natural disaster, epidemic, or othe
r
event, I will continue to provide instruction via the Canvas learning system. I will provide text
-
based lectures

which correspond to the material covered each class period and will expect
you to login to the system to keep up with course work and to rece
ive instruction.
Assignments
and Lab exercises
will continue to be turned in through Canvas according to
due dates listed on the syllabus and schedule. I will check email on a regular basis.





Lecture,
Practice, Project,
& Exam Schedule
:



Thursday

Wee
k 1

August
29


Class Orientation, Chapter
1

Week 2

September

5



Chapter 2 & 3



Week 3

September
12


Chapter 3 & 4

Week 4

September
19


Chapter 4 & 5

Week 5

September
2
6

Chapter 5 & 6

Class Presentation Start



W
eek 6

October 3

Chapter 6

& 7

Week 7

October
10


Chapter 7

& 8

Week 8

October
1
7


Chapter

8

& 9


Week 9

October
2
4



Online

Class

Week 10

October
31


Chapter
9 & 10

Week 11

November

7


Chapter 1
0 & 12


Week 12

November
1
4


Chapter 1
2 & 13, Mitnick 1


4

Week 13

November
21


Mitnick 5

-

9

Week 14

November
2
8


No Class: Thanksgiving Holiday

Week 15

December

5