Instructor: Damon McCoy (mccoy(at)cs.gmu.edu) Time: Tuesday 4:30 pm - 7:10 pm Room: Nguyen Engineering Building 5358 Office Hours: Tuesday 2:00 pm - 4:00 pm also by appointment Office: 5328 Engineering Building
Teaching Assistant: Rahul Murmuria (rmurmuri(at)gmu.edu) Office Hours: Tuesday 7:00 pm - 9:00 pm Office: 4456 Engineering Building
Course Website: http://www.cs.gmu.edu/~mccoy/ISA656_S13.html Course Forum: piazza We will be using piazza for discussions on current security topics, and if you have a question this is the best place to ask it. We will check the page regularly and other students will be able to help as well.
This course will present current attacks and and defenses against networked computers. As a growing number of everyday things not typically thought as computer gain computational ability and in turn are connected to networks traditional security methods, such as locks and physical security mechanisms are no longer sufficient to protect them. This course will delve into the concepts and tools defenders have at their disposal and which threats they can mitigate.
ISA 562 and CS 555; or permission of instructor. There will be substantial programming involved in the assignments, and students should be familiar with programming in C, Java or another language.
|week and date||Book||Topic and Required Reading|
|week 1, Jan 22nd||Course Overview and Introduction to Network Security [slides and HW 1 on blackboard]|
|week 2, Jan 29th||Chapter 23||Firewalls
Chapman, "Network (In)Security Through IP Packet Filtering"
|week 3, Feb 5th||Intrusion Detection Systems
Lab: IDS/Network Sniffers [instructions on blackboard under assignments]
HW 1 Due before class
|week 4, Feb 12th||Chapters 4,5,6||Cryptography Review|
|week 5, Feb 19th||Chapters 9.1-2, 10, 11.1-2, 12.2,13,14||Authentication Methods
|week 6, Feb 26th||Chapters 15,19||SSL, TLS, SSH
|week 7, Mar 5th||Chapters 17,18||Virtual Private Networks (IPsec/IKE)
HW 2 Due March 8th
|week 8, Mar 12th||Spring Break|
|week 9, Mar 19th||Routing Protocol Security (BGP)
DDoS Attacks and Mitigation
|week 10, Mar 26th||Chapters 20,25||Email SecurityMidterm Review|
|week 11, Apr 2nd||Midterm|
|week 12, Apr 9th||Malware
The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond, DHS, SRI, APWG Report, October 2006
THE PARTNERKA . WHAT IS IT, AND WHY SHOULD YOU CARE?, Dmitry Samosseiko, SophosLabs tech report 2009
The Underground Economy of Spam: A Botmaster.s Perspective of Coordinating Large-Scale Spam Campaigns, Brett Stone-Gross, Thorsten Holzz, Gianluca Stringhinix, and Giovanni Vigna, LEET 2011
Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Usenix Security 2011
|week 13, Apr 16th||Wireless SecurityStuxnetHW 3 Due before class|
|week 14, Apr 23rd||Privacy/AnonymityLab:Firewalls/Network Scanners|
|week 15, Apr 30th||LDAP/OAuthWeb Security|
|Final May 14th 4:30-7:15||Final Project Presentations|