Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • CS283 W1L1 Syllabus

    Enviado por

    Rahul Lokare
    146 visualizações14 páginas
    Computer security: art and science by Matt Bishop Theoretical component of the course Counter Hack Reloaded by Ed Skoudis Practical component of course Grading Take-home midterm exam (assigned October 6th and due October 13th) You are expected to cite all your sources in any written work that is not closed book: papers, books, web sites, etc. Any violations will be treated as violations of the Code of Academic Integrity.

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Computer security: art and science by Matt Bishop Theoretical component of the course Counter Hack Reloaded by Ed Skoudis Practical component of course Grading Take-home midterm exam (assigned October 6th and due October 13th) You are expected to cite all your sources in any written work that is not closed book: papers, books, web sites, etc. Any violations will be treated as violations of the Code of Academic Integrity.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    146 visualizações14 páginas

    CS283 W1L1 Syllabus

    Enviado por

    Rahul Lokare
    Computer security: art and science by Matt Bishop Theoretical component of the course Counter Hack Reloaded by Ed Skoudis Practical component of course Grading Take-home midterm exam (assigned October 6th and due October 13th) You are expected to cite all your sources in any written work that is not closed book: papers, books, web sites, etc. Any violations will be treated as violations of the Code of Academic Integrity.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 14

    CSCI 283 –

    Computer Security
    Fall 2010 – GWU
    Class Overview
     Instructor: Dr. Tamer Refaei
     Contact: mtamer@gwu.edu
     Phone: 202 494 0958
     Fall 2010 schedule
     Wednesday, 6:10 - 8:40 pm
     3 Credits
     Office Hours: by appointment
     Course Website: Blackboard
    (blackboard.gwu.edu)
    Prerequisite
     Undergrad level discrete math, programming,
    computer organization
     Main Text:
     Computer Security: Art and Science by Matt
    Bishop
     Theoretical component of the course
     Counter Hack Reloaded by Ed Skoudis
     Practical component of the course
    Grading
    Take-home midterm exam 30%
    (assigned October 6th and due October 13th)

    Take-home final exam 30%


    (assigned December 8th and due December
    15th)

    Class Projects / Assignments 40%


    Policy on collaboration
     All examinations, papers, and other graded work products and
    assignments are to be completed in conformance with The
    George Washington University Code of Academic Integrity. You
    are expected to cite all your sources in any written work that is
    not closed book: papers, books, web sites, etc. Any violations
    will be treated as violations of the Code of Academic Integrity.
     Any student who feels s/he may need an accommodation based
    on the impact of a disability should contact me privately to
    discuss specific needs. Please contact the Disability Support
    Services office at 202.994.8250 in the Marvin Center, Suite 242,
    to establish eligibility and to coordinate reasonable
    accommodations. For additional information please refer to:
    http://gwired.gwu.edu/dss/.
    The goal of this course

    Computer Security

    Theoretical Practical
    Aspects Aspects

    Projects / Ed Skoudis’ book: Projects /


    Matt Bishop’s book
    Assignments phases of attacks Assignments
    The goal of this course
     To provide a broad overview of computer
    security at the introductory graduate level
     Topics include:
     Introduction to the basic components of computer
    security
     Security policies and mechanism
     Cryptology and cryptographic systems
     Malicious logic
     The 5 phases of attacks
    Detailed Syllabus
    Lect I (Sept 1st)  Introduction  MB. 1 & 13
     Design Principles

    Lect II (Sept 8th)  Access Control Matrix  MB. 2 & 15


     Access Control Lists and Capabilities
    Lect III (Sept 15th)  Security Policies  MB. 4 & 5
     Confidentiality Policy
    Lect IV (Sept 22nd)  Integrity and Hybrid policies  MB. 6 & 7

    Lect V (Sept 29th)  Basic Cryptography and Ciphers  MB. 9 & 11


    Techniques
    Lect VI (Oct 6th)  Simplified DES
     Midterm exam assigned
    Detailed Syllabus
    Lect VII (Oct 13th)  Project updates (5% of project grade)  MB. 9 &
     Block and Stream Ciphers, PKI 11
    Cryptosystems, and Cryptographic
    Checksums
     Midterm exam due
    Lect VIII (Oct 20th)  Attacks: Phase I Reconnaissance  ES. 5
     Attacks: Phase II Scanning  ES. 6
     Programming project assigned
    Lect IX (Oct 27th)  Key management and authentication  MB. 10
    & 12

    Lect X (Nov 3rd)  Malicious Logic  MB. 22


     Programming project due
    Detailed Syllabus
    Lect XI (Nov 10th)  Project updates (5% of project  MB. 23
    grade)
     Vulnerability Analysis
    Lect XII (Nov 17th)  Auditing and Intrusion Detection  MB. 24 & 25
     Network, System, User, and  MB. 26, 27,
    Program Security 28, 29
    Lect XIII (Dec 1st)  Attacks: Phase III Gaining Access  ES. 7, 8, 9 &
     Attacks: Phase IV Maintaining 10
    Access
    Lect XIV (Dec 8th)  Final Exam Assigned
     Project written report due
     Project presentations
    Lect XIV (Dec 15th)  Final Exam Due
    Class Project
     In groups of 2 students
     You need to decide your topic
     Class project is written and presented.
     2 updates (October 13th and November 10th)
     Written project is submitted the week before the final exam.
     There will be a final presentation in the last week of classes
     30 minute presentation

     A good class project has a security-related


    experiment along with the written report.
    Sample class project I
     Illustrating the potential of side-channel attacks on
    cryptographic systems
     Motivation.
     Background: cryptography and characteristics of a
    cryptographic system.
     What is a side-channel attack? How is it different from
    brute-force attacks?
     Classification of side-channel attacks and their potential
    impact.
     Realizing a side-channel attack: an experiment.
     Conclusions and lessons learnt.
    Sample class project II
     Stack overflow: a practical experiment
     Motivation.
     Introducing stack overflow: the methodology,
    implications, and countermeasures.
     Experiment setup.
     Experiment results.
     Conclusions and lessons learnt.
    Sample class project III
     Security considerations in social networking
     E.g., Facebook, twitter

    Você também pode gostar