Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Cyber Security: Research and Practice

advertisement 
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
Course Objectives
This course is designed to address the needs of graduate students to learning and understanding
the technical, theoretical, and practical aspects of cyber security. After taking this course, the
students will learn:









Security principles, cyber threats, and cyber-attack techniques
Authentication and access control
Basic cryptographic solutions for securing communications
Software security
National policy regarding cyber security
Basic vulnerability assessments
Government-mandated directives and compliance requirements
Enterprise policy requirements
Basic code security and testing
Prerequisites
The students are expected but not required to have basic knowledge of:




Software engineering life cycle
Operating systems (Unix, Linux, etc.)
Programming languages (C, C++, Java, etc.)
Computer networks
Instructors
The course will be co-lectured by:
 Dr. Akbar S. Namin (306F, akbar.namin@ttu.edu)
 Dr. Yuanlin Zhang (306I, y.zhang@ttu.edu)
Course Description
This course is designed for graduate students interested in understanding and learning recent
technological advancement in cyber security. The first half (11 days) of the course will be taught
1|Page
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
by Dr. Zhang, and Dr. Namin will continue teaching the second half (11 days). The tentative
topics to be discussed in the course are as followings:
Topic
Introduction (book: Cyber Security Essentials, by James Graham (Editor),
Ryan Olson (Editor), Rick Howard (Editor), ISBN-13: 978-1439851234)
- Brief history of cyber-security
- Fundamentals in cyber-security
Cyber-attack Techniques (book: Cyber Security Essentials, by James
Graham (Editor), Ryan Olson (Editor), Rick Howard (Editor), ISBN-13:
978-1439851234)
- Attacker techniques
- Exploitation
- Malicious code
- Defense and analysis
Authentication, Authorization, and Access Control (online materials)
- Authentication and authorization
- Access control
- Represent and reason with access control
Security Policy (Book: cyber security policy guidebook; and online
materials, by Bayuk, Healey, Rohmeyer, Sachs, Schmidt, Weiss, ISBN13: 978-1118027806)
- Cyberspace, security and policy
- Cyber security measurement
- Categories of cyber security policies
- Represent and reason with policies
Midterm test
Security and Standards (resource: online materials)
- An overview
- Examples of Security Standards
o ISMS family of standards
o NIST Security Standard
o Cyber Security standards
o CERT Security Code Standard (www.cert.org/securecoding)
o P1402 - Standard for Physical Security of Electric Power
Substations
o IEEE Security standards
o The IEEE P2600 family of standards for hardcopy device
Dr.
Dr.
Zhang Namin
(Day) (Day)
0.5
0.5
3
3
4
0.5
0.5
2|Page
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
and system security
o IEEE 802.16 Security
o IEEE 8.2.11i: Security Standards
o PC37.240 - Standard for Cyber Security Requirements for
Substation Automation, Protection and Control Systems
Privacy (resource: online resources)
- An overview of legislations
- Pretty Good Privacy (PGP)
Cryptography (online resources)
- One time pad and stream ciphers
- Block ciphers
- Message integrity
- Module prime mathematics
- Public key cryptography
- RSA algorithm
- One-way hash functions
Software Security (resource: Exploiting software: How to break code, a
book by Hoglund and McGraw)
- Secure Software Development
- Attack patterns
- Reverse engineering and program understanding
- Exploiting clients and servers software
Secure Programming and Coding (resources: 1) Writing Secure Code (A
book written by M. Howard and D. LeBlanc), 2) The SERT Oracle Secure
Coding Standard for Java
- Buffer overflow
- Secure programming techniques
- Secure programming in Java and C
Cyber-Security Vulnerability Assessment (resources: 1) The Art of
Software Security Testing, a book by C. Wysopal et al), 2) Testing code
security, a book by Linden)
- How vulnerabilities get into all software
- Risk-based security testing
- Performing the attacks
- Fault injections
SCADA Systems (resource: Cyber-security for industrial control systems
(A book by T. Macaulay and B. Singer), IEEE PC37.1™/D1.9
Draft Standard for SCADA and Automation
Systems)
- IEEE PC37.1/D1.9
- Threats to Industrial Control Systems
- Industrial Control systems Vulnerabilities
- Risk Assessment
1
2
1.5
1.5
3
1
1
3|Page
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
-
DAQ in MATLAB
http://home.hit.no/~hansha/documents/matlab/training/Data%20Ac
quisition%20in%20MATLAB/Data%20Acquisition%20in%20MA
TLAB.pdf
Total #Days
11
11
Textbooks and Lecture Notes
A wide spectrum of cyber security is covered in the content of the course. The instructors will
use several book chapters and online resource and materials to cover the contents (refer to the
above table for the resources).
Course Website
The course materials will be uploaded to the Blackboard system.
Assignments
There will be two assignments for this course. The first assignment will be determined by Dr.
Zhang. The assignment will be based on the content taught by Dr. Zhang. Similarly, the second
assignment will be determined by Dr. Namin and accordingly the assignment will be based on
the content taught by Dr. Namin.
Project
Students will be asked to work on a project. The theme of the project is security policy and
related topics including security specification and requirements, policy specification languages,
verification of policy requirements, policy conflict detection, policy compliance checking, and
policy enforcement techniques. The project will be defined by both Drs. Zhang and Namin
jointly. Students are allowed to work as a team of up to three students.
Student Evaluation
Students will be graded based on assignments, exams, and XXX:




Assignments (10%): 2 assignments (total 20%)
Project (30%)
Mid Term Exam (25%) (Dr. Zhang’s part)
Final Exam (25%) (Dr. Namin’s part)
4|Page
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
Student with Disabilities
Any student who because of a disability may require special arrangements in order to meet
course requirements should contact the instructor as soon as possible to make any necessary
accommodations. Student should present appropriate verification from Student Disability
Services during the instructor’s office hours. Please note: instructors are not allowed to provide
classroom accommodations to a student until appropriate verification for Student Disability
Services has been provided. For additional information, please contact Student Disability
Services in West hall or call 806-742-2405.
Ethical Conduct
Although discussion about ideas and problems is one of the major learning methods, students
must write their own assignments and essays. When taking ideas or sentences from another
author, students must acknowledge their debt by citation. Plagiarism is the most serious
academic offence and there will be zero-tolerance for academic dishonesty. Scholastic
dishonesty includes, but is not limited to, cheating, plagiarism, collusion, and falsifying
academic record. For a detailed list of offenses, refer to Texas Tech University online resource
for students, found in Part IX, pp. 21-30, available on line at:
http://www.depts.ttu.edu/studentaffairs/publications/2008\_2009\_Handbook\_and\_Code.pdf
All assignments are individual works. You may discuss approaches to problems among
yourselves; however, the actual details of the work (assignment coding, answers to concept
questions, etc.) must be an individual effort. The standard departmental penalty for assignments
that are judged to be the result of academic dishonesty is, for the student's first offence, a mark of
zero for the assignment, and possible consequences, possibly suspension from the university.
Learning Outcomes
The following are the expected learning outcomes of the course:
 Masters of Science Degree:
1. Communicate effectively orally and in writing (LO 1)
2. Engage in life-long learning and self-critique (LO 2)
3. Function independently on self-directed projects or research where appropriate (LO 4)

Doctor of Philosophy Degree:
1. Graduates are expected to communicate effectively orally and in writing (LO 1)
2. Engage in life-long learning and self-critique (LO 2)
5|Page
Texas Tech University
Department of Computer Science
CS 5332 – Cyber Security Research and Practice
Summer 2013
3. Function in a multi-disciplinary, and culturally diverse environment with cross-functional
teams (LO 3)
6|Page
Related documents
apdf nov 4 - 0910 sakada
apdf nov 4 - 0910 sakada
solving national security challenges with information technology by
solving national security challenges with information technology by
Need for New Approaches to Security PowerPoint
Need for New Approaches to Security PowerPoint
Internet SafetyK5
Internet SafetyK5
Cyber-Security Awareness PowerPoint
Cyber-Security Awareness PowerPoint
“Current Cyber Security Landscape” Dr. Josh Pauli Presentation
“Current Cyber Security Landscape” Dr. Josh Pauli Presentation
RADM Day (USCG Cyber) - Feb 2013
RADM Day (USCG Cyber) - Feb 2013
tamil tiger credit card scam spreads to chennai, india
tamil tiger credit card scam spreads to chennai, india
8_Bay - CSIAC Cyber metrics
8_Bay - CSIAC Cyber metrics
Download
advertisement