 CS 439 Applied Security ConceptsTotal Credits: 3 cr Course Coordinator: Paul Oman URL: http://www2.cs.uidaho.edu/~oman/CS439_Syllabus.pdf Current Catalog Description: Hands-on approach to computer security with emphasis on developing practical knowledge of how cyber attacks work and how to defend against them. Detailed exploration of attacks such as buffer overruns, string attacks, worms, trojan horses, and denial-of-service attacks, and development of defenses against them. Additional work reqd for grad cr. Recommended preparation: Good knowledge of C, operating system concepts and Unix. Prereq: CS 336 or Permission. Textbook: None. References: Papers and presentations provided by the instructor. Course Goals: The goal of this course is to give the students hands-on, applied knowledge of cyber-attacks, specifically, how they function and how they can be prevented. The course begins with an introduction to the class, then move to buffer overruns and format string attacks and defenses, followed by labs in which the students present varying malware threats (including viruses, worms, Denial of Service (DoS), and man-in-the-middle attacks) as well as discuss and demonstrate the defenses against those exploits. Each attack-defend scenario is covered in roughly 2 weeks duration, including student presentations. Prerequisites by Topic: List topics
Major Topics Covered in the Course:
Laboratory projects (specify number of weeks on each): This is an applied laboratory class, so there are typically 5 to 8 laboratory assignments, and corresponding presentations, done in teams of three or four students. The presentation is a detailed discussion of a specific laboratory exercise, which takes an entire week of in-class and out-of-class activity. Estimated Curriculum Category Content:
Oral and Written Communications: Every student is required to submit written reports and presentation materials covering the laboratory exercises, and to make team oral presentations of typically 60 minutes in duration. Social and Ethical Issues: The class spends a great deal of time discussing social and ethical issues. Open-ended class discussions occur on every laboratory exercise, so roughly 5 to 8 discussions occur. Topics include:
Theoretical Content: The concept of how buffer overrun and format string attacks work is covered in great detail, and students are expected to complete a homework assignment based on this knowledge. Further, network protocols are discussed, the basis of DoS attacks are covered. Students are expected to be able to explain how specific attacks (e.g., slammer or hunt) work. This accounts for about 33% of the course content. Problem Analysis: Problem analysis takes the form of understanding and implementing an attack, as well as the ability to explain and answer questions regarding it in class. Examinations of the attack and the vulnerable functionality it exploits are also expected, where appropriate. A discussion of the network protocols used is also expected, where appropriate. This accounts for about 25% of the course content. Solution Design: The students are required, after observing a presentation on an attack, to craft a defense and detection mechanism for this attack. This requires knowledge of how an IDS system works, as well as other techniques by which the attack could be detected, and, where applicable, avoided altogether. This accounts for about 25% of the course material. Course Outcomes: The following list documents the course outcomes and crossreferences them to the BSCS program outcomes. The letter at the beginning of each reference identifies the program outcome supported. The numbers sequentially identify the course outcome for this course. After completing CS 439 a student should be able to: |