Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification 1. Module Title – Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader – Safwan M. 5. Teaching Semester – 7 and 8 6. Credit Rating for the module - 4 Credits 7. Prerequisites and co-requisites Information Security 8. Module Summary This course will cover many aspects of computer security including cryptography, network security, application security, and web security. Traditional topics such as buffer overflows, intrusion detection, packet analysis, and malware will be discussed. We will also delve into unorthodox topics including privacy, incident handling, forensics and anti-forensics, legal issues, and security in emerging technologies. This is largely a hands-on course where students will play both offense and defense. 9. Module Aims This course unit is aimed at introducing the technologies and practices that can be used to secure information, computer systems and networks. The course will cover security threats and vulnerabilities, principles of cryptography, and practical topics in network and Internet security. 10. Learning Outcomes By the end of this course, students will be able to: a. State the basic concepts in information security, including security policies, security models, and security mechanisms. b. Explain concepts related to applied cryptography, including plain-text, cipher-text, the four techniques for crypto-analysis, symmetric cryptography, asymmetric cryptography, digital signature, message authentication code, hash functions, and modes of encryption operations. c. Explain the concepts of malicious code, including virus, Trojan horse, and worms. d. Explain common vulnerabilities in computer programs, including buffer overflow vulnerabilities, time-of-check to time-of-use flaws, incomplete mediation. Outline the requirements and mechanisms for identification and authentication. e. Explain issues about password authentication, including dictionary attacks (password guessing attacks), password management policies, and one-time password mechanisms. f. Discuss network fundamentals and security, including: network topologies, protocols, address conservation, naming, network services, and network threats and countermeasures. Explain the requirements for trusted operating systems, and describe the independent evaluation, including evaluation criteria and evaluation process. g. Describe security requirements for database security, and describe techniques for ensuring database reliability and integrity, secrecy, inference control, and multi-level databases. h. Describe threats to networks, and explain techniques for ensuring network security, including encryption, authentication, firewalls, and intrusion detection. i. Explain the requirements and techniques for security management, including security policies, risk analysis, and physical threats and controls. 11. Syllabus Week 1- Introduction (1 lecture) Basic concepts: threats, vulnerabilities, controls; risk; confidentiality, integrity, availability; security policies, security mechanisms; assurance; prevention, detection, deterrence Week 2- Basic cryptography (1 lecture) Introduction to cryptography, Secret key cryptosystems, Basic cryptographic terms, historical background, symmetric crypto primitives, modes of operation, Week 3-4 Cryptography Techniques/Systems (2 lectures) Encryption systems, transposition systems, substitution systems Week 5 First Exam Week 6 -8 Cryptography Algorithms (3 lectures) Symmetric Encryption, Data Encryption Standards (DES), Advanced Encryption Standards (AES), Public Key Encryption, Hash Functions, Key exchange, Digital Signatures Week 9 Network Security (1 lecture) Network Security Definition, Network threats, Eavesdropping, Modification Week 10-11 Network Security II (2 lectures) Firewalls, Intrusion Detection, Secure e-mail Week12 Second Exam Week 13-14 Network Tool analyzer (2 lectures) Week 15 – Authentication (1 lecture) Identification and authentication, Passwords, Biometrics Week 16 - One-time passwords and challenge response schemes, Kerberos Week 17 Third Exam Week 18 - Kerberos, SSL, SSH (1 lecture) Week 19-20 Security in conventional operating systems (2 lectures) Memory, time, file, object protection requirements and techniques Protection in contemporary operating systems Week 21-22 Database management systems security (2 lectures) Database integrity, Database secrecy, Inference control, Multilevel databases Week 23 Forth Exam Week 24-25 Management of security (2 lectures) Security policies, Risk analysis, Physical threats and controls Week 26 Miscellaneous (1 lecture) Legal aspects of security, Privacy and ethics Week 27-28 Ethical Hacking (1 lecture) Ethical hacking process, Hacking Methodology , Scanning Systems Week 29 Fifth Exam Week 30 Web Applications security (1 lecture) Web applications Vulnerabilities , Choosing tools , Insecure Login Mechanisms , Input Filtering , URL filter Bypassing Week 31 Presentation of Project/Report Week 32 Review 12. Assessment Strategy For this course, the instructor will utilize a variety of evaluation tools to measure how well the students are achieving the learning objectives. The table below contains a summary of the components of the final grade. Each element is described in more detail. Item Quizzes Labs Report/Projects Exam Theory Final Exam Practical Theoretical Percentage 5 5 10 20 20 40 Quizzes/Labs Quizzes will be given throughout the semester, at a rate of approximately One per chapter. Quizzes will always cover the material covered since the last Quiz or Exam. The quizzes will be combinations of objective and short-answer questions. Report/Project An 8-10 page (2500-3000 words) paper covering a topic chosen by the student will be due on April 23rd. One paragraph describing the topic will be due to the instructors the week of March 5. The paper should examine a topic in a unique and analytic way, rather than provide a summary of the particular field of study. The paper will be graded on both the quality of writing and analysis. Exams: There will be five (5) non-cumulative examinations and a final exam. The content will come from the text and other material presented in lecture sessions as well as labs. Note that material presented in class and in lab will supplement the assigned reading. Therefore, class attendance and good note taking are essential tactics for success 13. Learning Session Structure Every week we have a 1 hour lecture followed by 30 minute tutorial, and 1 ½ hour practical workshop in a computer lab. 15. Learning and Teaching Methods 16. Text Books Required: “Applied Cryptography and Network Security”, By JaydipSen, InTech,2012 Optional: Hacking Exposed6:NetworkSecurity Secrets&Solutions, Styart Mc Clure,Joel Scambray, andGeorge Kurtz, McGraw-Hill,2009 Hacking: The Art of Exploitation, 2nd Edition, Jon Erickson, 2008 Introduction to Computer Security, By Matt Bishop, Prentice Hall PTR,2005 17. Validated and Verified by