CSE 4482

Computer Security Management:
Assessment and Forensics

Fall, 2010

MSWordClipart


Security News / Links

  Lecture Schedule:      Tuesday  19:00 - 22:00,  ACW 003

  Instructor:                 Natalija Vlajic (vlajic@cs.yorku.ca)

  Office Hours:              Wednesday  11:00 - 12:00 (CSEB 2047)
                                     and by appointment
                                                
  TA:                             TBA




   Course Information:

   Course Material:

   Course Policies:


  
   Course News:
  • Jan.    02:   Final exam, Assignment 3, as well as preliminary(!) final grades are now available through ePost.
  • Jan.    02:   Final exam. Final exam solutions.
  • Dec.   13:   The final examination will take place on Sunday, Dec 19, CLH K (2:00 - 5:00 pm). The exam is closed book and closed notes. Basic calculators allowed! 40% of questions will be related to the material covered before and 60% to the material covered after the midterm examination.
  • Dec.   09:   Assignment 2 and Term-Project grades are now available through ePost (for CSE students only). Assignment 2 sample solutions can be obtained from here and here.
  • Dec.   07:   Assignment 3 is now available. Due date: December 19. A hard-copy of Assignment 3 must be placed in the class drop-box.
  • Dec.   06:   Student presentations will take place on Dec 7. The presentations (Power Point format) should be brought to the class on a USB key!
  • Nov.   18:   Assignment 2 is now available. Due date: November 30. A hard-copy of Assignment 2 must be placed in the class drop-box.
  • Nov.   08:   Guest Lecture by E. Ng (Associate Vice President, IT Infrastructure Audit, TD Bank), is scheduled for November 23.
  • Nov.   08:   Midterm solutions can be found here.
  • Nov.   08:   Midterm and Lab 1 grades are now available through ePost (for CSE students only).
  • Nov.   02:   Course evaluation is scheduled for Tuesday, Nov 16.
  • Oct.   27:   The midterm examination will take place on Tuesday, Nov 2, in class (first 75 min). The exam is closed book and closed notes, and it will cover all the material discussed in class prior to and including the lecture of October 26 (up to page/slide 66).
  • Oct.   25:   Assignment 1 grades are now available through ePost (for CSE students only).
  • Oct.   14:   Lab 1 and Lab 2 are now available Lab 1 due date: Nov 2, in class Lab 2 due date: Nov 16, in class. OPNET IT Guru can be downloaded free of charge (after going through a quick registration procedure) from: http://www.opnet.com/university_program/itguru_academic_edition/. The software is also available at the Networking and Security Lab - CSEB 2007.
  • Oct.   06:   A hard-copy of Assignment 1 must be placed in the class drop-box. The box is located on the East side of the CSE's Main / Admission Office.
  • Sept. 22:   Assignment 1 is now available. Due date: October 8.
  • Sept. 14:   Classes begin.  Location: ACW 003.




   Course Schedule & Notes:

Week
Date
Topic
Required Reading
Important Dates
1
T, Sept. 14
Introduction: Information Security, Threats, Attacks


2
T, Sept. 21
Management of Information Security,
Security Organization,
Security Policy
MIS: Chapters 1, 4, 5
Assignment 1
Due Date:  Oct 8
3
T, Sept. 28
Risk Assessment and Risk Management (part 1)
MIS: Chapters 8 and 9

4
T, Oct. 5
Risk Assessment and Risk Management (part 2)
Protection Mechanisms: Access Control

MIS: Chapter 10
Reading Week  (Oct 9 - 15, 2010)
5
T, Oct. 19
Protection Mechanisms: Firewalls MIS: Chapter 10 Opnet IT Guru Lab 1
Due date:  Nov 2
6
T, Oct. 26
Protection Mechanisms: IDPS MIS: Chapter 10
7
T, Nov. 2
Midterm
Protection Mechanisms: Security Audits

Opnet IT Guru Lab 2
Due date:  Nov 16
8
T, Nov. 9
Protection Mechanisms: Scanning and Analysis Tools
MIS: Chapter 10
9
T, Nov. 16
Personnel and Security
Law and Ethics
MIS: Chapter 11 and 12 Assignment 2
Due date:  Nov 30
10
T, Nov. 23
Guest Lecture by Edward Ng
IT Infrastructure Audit, TD Bank



11
T, Nov. 30
Introduction to Computer Forensics
Forensics in Windows
GCFI: Chapter 6
12
T, Dec. 7
Student Presentations:
                  *  VPNs, D. Drinfeld
                  *  Botnets, P. Ndebele & Y. Sakiyev
                  *  DNS Spoofing, B. Klein & P. Thangeswaran
                  *  Session Hijacking, R. Santhanam
                  *  SQL Injection, T. Tutecky
                  *  Steganography, P. Gul & S. Das

Assignment 3
Due date:  Dec 19
Final Examination:   December 19,  2:00pm - 5:00pm
Room:  CLH  K





  Textbooks:

  Recommended Reading Material:


   Grading Scheme:


   Software Tools:


Basic Tools:
Ping, Traceroute, Whois, Netstat, Nmap
Packet Sniffers:
Wireshark
Vulnerability Scanners:
Nessus
Intrusion Detection Tools:
Snort
Password Cracker:
Cain and Abel, LCP
Forensic Tools:
ProDiscover
Wireless Sniffers:
NetStumbler




     Term Project:

As a part of this course, students will be required do a term project, and thus execute some limited independent research in the area of computer security. Term projects will complement and extend the lecture material. The list of possible project topics, together with up 2-3 starting references, can be accessed from: List of project topics, F 2010.

Each project team will consist of 2 students. Students themselves are responsible for finding their project partner, selecting a project topic, and then registering both (group and topic) with the course instructor before September 24 (through e-mail). The final allocation of project topics will be done on the 'first-come-first-served' basis.

The project work will be assessed through
:
1)  10-page long written report submitted no later than December 3 (single spacing, 11 point font size),
2)  15-min oral presentation on December 7.

The project assessment will be based on the following criteria:
- written report (content, structure, syntax, proper citations, reference section, etc.)  - 5%
- oral presentation (clarity and general understanding) - 5%



   Course Description:
  
This course introduces the student to the fundamental concepts of information security: confidentiality, integrity, availability, authentication, auditing, information privacy, legal aspects. Other more advanced topics covered in the course include: development of security policies, access control, risk management, incident response, inappropriate insider activity, ethics.



   Prerequisite:

Any 12 credits at the 3000-level.



   Late Assignments and Missed Midterm:

Late assignments will not be accepted, unless a prior arrangement is made with the instructor.
Makeups of missed midterm exams are only possible in extremely exceptional situations (such as verifiable medical emergencies) or by arrangement well prior to the exam, provided there is an extremely compelling reason.



   Academic Honesty:

"The Department takes the matter of academic honesty very seriously. Academic honesty is essentially giving credit where credit is due. And not misrepresenting what you have done and what work you have produced. When a piece of work is submitted by a student it is expected that all unquoted and uncited ideas and text are original to the student. Uncited and unquoted text, diagrams, etc., which are not original to the student, and which the student presents as their own work is considered academically dishonest." For more see:  Department of Computer Science Academic Honesty Guidelines.