Introduction to Computer Security


Course Description: 
The focus of the course is to provide a set of practices the students can deploy immediately to secure their computers and to maintain safe security practices.  The lectures cover the necessary security concepts and methods to prevent security breaches and what to do if such a breach is detected.  In addition to the lecture materials, students will be required to complete security lab exercises, performing hands-on experiments on safe security practices.  The hands-on experiences enable the students to deal with security threats and to apply appropriate counter measures.  The students will learn about securing popular computer platforms and applications running on these platforms. 

Text:
Required:
o   M. Ciampa, Security Awareness: Applying Practical Security in Your World, Course Technology; 3 edition (June 3, 2009), ISBN-13: 978-1435454149
Recommended:
o   C. Easttom, Computer Security Fundamentals, PearsonPrentice Hall, ISBN: 0-13-171129-6
Topic
Download PPT Lecture and read more Reading material
WEEK 1

Basic Security concepts
Easttom Ch.1
Recommended: A Chronology of Data Breaches—2009   ChronDataBreaches.htm#2009
Basic Security concepts
Easttom Ch.1
Interesting link:
Laptop Security, Part One: Preventing Laptop Theft
How to Stop Laptop Theft,  how_to_stop_laptop_theft.html
WEEK 2

Easttom Ch.1
Security Design
Easttom Ch. 3
Identification and Authentication


An Introduction to Computer Security: The NIST Handbook,  handbook.pdf  :

Chapter 16, IDENTIFICATION AND AUTHENTICATION, pages 180-192
WEEK3

Identification and Authentication

An Introduction to Computer Security: The NIST Handbook,  handbook.pdf  :

Chapter 16, IDENTIFICATION AND AUTHENTICATION, pages 180-192
Identification and Authentication

Homework 2, Due: 09/17
 Forgotten your Windows XP Home password? - Part 1: Introduction,  http://support.microsoft.com/kb/894900

WEEK 4

Access Control
An Introduction to Computer Security: The NIST Handbook,  handbook.pdf  :

Chapter 17, LOGICAL ACCESS CONTROL, pages 180-192
Access Control
Cont.
Role-Based Access Control (RBAC)
Access Control
Cont.
MS Access Control Support
WEEK 5
Physical Security and Backups
Ed Bott, Windows XP Backup Made Easy ,

Data Recovery and cryptography
Easttom Ch. 7 (no Virtual Private Networks)
D. Cross, Data Protection and Recovery in Windows XP,  bb457020.aspx
WEEK 6
Overview of access control and cryptography
Malicious code

Hardware attacks
Recovery
 Easttom Ch. 5 on virus, Ch 12 on Virus scanners and Anti-spyware
 M. Ciampa, Security Awareness, Chapter 2
 Malicious Codes in Depth, 2742
 WEEK 7
Desktop security
(Lecture from 9/29 cont.)
  
Homework 3: Due 10/11
Easttom Ch. 5 on virus, Ch 12 on Virus scanners and Anti-spyware
M. Ciampa, Security Awareness, Chapter 2
Malicious Codes in Depth, 2742
Network Security Basics
 M. Ciampa, Security Awareness, Chapter 3
WEEK 8
Network Security Basics
(Lecture from 10/05 cont.)

 M. Ciampa, Security Awareness, Chapter 3
Network Security
M. Ciampa, Security Awareness, Chapter 3
Easttom Ch 6, 12 –Firewall
Firewall, Wikipedia,
Understanding Windows Firewall, Introduction,
WEEK 9 
Test 1 Overview
Network Security
Windows Firewalls
Practice – Test 1
Solve Practice Test 1 with the TA
 WEEK 10
Firewalls – Windows XP
Homework 4: Due 11/3

WEEK 11

Intrusion Detection
Easttom Ch.12 – Intrusion Detection
Aurobindo Sundaram, An Introduction to Intrusion Detection,   http://www.acm.org/crossroads/xrds2-4/intrus.html
Intrusion Detection
Easttom Ch.12 – Intrusion Detection
Aurobindo Sundaram, An Introduction to Intrusion Detection,   http://www.acm.org/crossroads/xrds2-4/intrus.html

WEEK 12
Open Sources
Privacy
Electronic Privacy Information Center, http://www.epic.org/
G. Sandoval, Verizon sending antipiracy notices for Hollywood,  too, http://news.cnet.com/8301-31001_3-10397708-261.html?tag=mncol
E-commerce, online banking
E. Mills, Hackers create tools for disaster relief,  http://news.cnet.com/8301-27080_3-10398073-245.html?tag=mncol
M. Asay, The convenient fiction that Microsoft is evil, http://news.cnet.com/8301-13505_3-10398203-16.html?tag=mncol
Top 10 Web Application Security Vulnerabilities, SWAT_Top_Ten.php
WEEK 13
Social Network and Privacy

HW5: Due 11/29

Bonus HW: Due 12/01
(no late submission)
Dwyer, Hiltz, Passerini, Trust and privacy concern within social networking sites: A comparison of Facebook and MySpace, DwyerAMCIS2007.pdf
Leaving 'Friendprints': How Online Social Networks Are Redefining Privacy and Personal Security, 2262
Email security
Pretty Good Privacy (PGP) support page: pgpbasics.html
WEEK 14
Web Browser Security
WEEK 15 
Review for final exam
Current cyber security trends -- FUN applications
Melissa Dark, Rich Epstein, Linda Morales, Terry Countermine, Qing Yuan, Matt Rose and Nathan Harter: CERIAS Tech Report 2007-87, A Framework for Information Security Ethics Education,   2007-87.pdf
Penn State: Cyberplagiarism: Detection and Prevention,  http://tlt.its.psu.edu/suggestions/cyberplag/
Practice Final Exam
Sample Final Exam

No comments: