EECS 3482, Fall 2020

EECS 3482, Fall 2020

Introduction to Computer Security

     Lecture Schedule:   M, W 13:00 - 14:30
                                           Location: Zoom through eClass for EECS 3482
     ***
     Instructor:                Natalija Vlajic, *vlajic @ cse.yorku.ca
     ***
     Office Hours:              R, 12:00 - 14:00,
                                            Location: Zoom through eClass for EECS 3482

Sep 09: Classes start. All course related material is accessible through eClass site for EECS 3482.

Course Information:
Prerequisite
Course Description
Grading Scheme
Textbook and Recommended Reading Material
Course Schedule (Week-by-week Topics Covered, Notes, Required Reading, Assignments)

Course Policies:
Missed Quizzes and Late Assignments
Academic Honesty

Course Schedule

Week	Date	Topic / Notes	Required Reading	Labs / Important Dates
1	W, Sep 9	Introduction: Data Breaches vs. Hacks
	M, Sep 14	Vulnerability Disclosure - Additional Slides Computer Security Basics - Part 1	Stallings, Ch. 1 and 6
2	W, Sep 16	Computer Security Basics - Part 2 (CIA principles)	-\|\|-
	M, Sep 21	Computer Security Basics - Part 3 (McCumber Cube)	-\|\|-	Quiz 1 (on-line, 'in class')
3	W, Sep 23	Computer Security Basics - Part 4 (Threat Events)	-\|\|-
	M, Sep 28	Computer Security Basics - Part 5 (Software Attacks - part 1)	-\|\|-	Quiz 2 (on-line, 'in class')
4	W, Sep 30	Computer Security Basics - Part 6 (Software Attacks - part 2)	-\|\|-
	M, Oct 5	Computer Security Basics - Part 7 (Software Attacks - part 3)	-\|\|-	Quiz 3 (on-line, 'in class') Lab-Assignment 1 posted
5	W, Oct 7	Computer Security Basics - Part 8 (Software Attacks - part 4)	-\|\|-
		Reading Week (Oct 10 - Oct 16)	-\|\|-
	M, Oct 19	Steganography - Part 1	Stallings, Ch. 2	Quiz 4 (on-line, 'in class')
6	W, Oct 21	Steganography - Part 2	-\|\|-
	M, Oct 26	Steganography - Part 3	-\|\|-	Quiz 5 (on-line, 'in class') Lab-Assignment 2 posted
7	W, Oct 28	Steganography - Part 4 Cryptography - Part 1	Stallings, Ch. 2	Research Project Due
	M, Nov 2	Cryptography - Part 2	-\|\|-	Quiz 6 (on-line, 'in class')
8	W, Nov 4	Cryptography - Part 3	-\|\|-
	M, Nov 9	Cryptography - Part 4	-\|\|-	Quiz 7 (on-line, 'in class') Lab-Assignment 3 posted
9	W, Nov 11	Cryptography - Part 5	-\|\|-
	M, Nov 16	Cryptography - Part 6	-\|\|-	Quiz 8 (on-line, 'in class') Nov 6 - last day to drop courses
10	W, Nov 18	Access Control - Part 1	Stallings, Ch. 3
	M, Nov 23	Guest Lecture: Ed Ng (AVP Global IT Audit, TD Bank) Adrian Ng (Manager, IT Audit at Sun Life Financial)		Quiz 9 (on-line, 'in class')
11	W, Nov 25	Access Control - Part 2 Access Control - Part 3 (Nov 26) Password Cracking - Part 1 (Nov 26)	-\|\|-
	M, Nov 30	Password Cracking - Part 2 Security Risk Management - Part 1	Stallings, Ch. 14	Quiz 10 (on-line, 'in class') Lab-Assignment 4 posted
12	W, Dec 2	Security Risk Management - Part 2	-\|\|-
	M, Dec 7	Security Risk Management - Part 3	-\|\|-	Lab-Assignment 5 posted
Final Exam: Monday, December 14, 9:00

Textbook
"Computer Security: Principles and Practice", W. Stallings, L. Brown, Pearson Education, 2018, 4th Edition.

StallingsTextbook

Recommended Reading Material

"Management of Information Security", M. E. Whitman, H. J. Mattord, Nelson Education / CENGAGE Learning, 2019, 6th Edition.
"Elementary Information Security", R. E. Smith, Jones & Bartlett Learning, 2021, 3rd Edition.
"Cryptography and Network Security", B. A. Forouzan, McGraw Hill, 2008.
"Information Security: The Complete Reference", M. Rhodes-Ousley, Mc Graw Hill, 2013, 2nd Edition.
"Principles of Information Security", M. E. Whitman, H. J. Mattord, Nelson Education / CENGAGE Learning, 2018, 6th Edition.
"Hacker Techniques, Tools, and Incident Handling", S. P. Oriyano, Jones & Bartlett Learning, 2018, 3rd Edition.
"Security Risk Management", E. Wheeler, Elsevier, 2011.
"Security Risk Management: Body of Knowledge", J. Talbot, M. Jakeman, Wiley, 2009.
"Guide to Network Defense and Countermeasures", R. Weaver, Nelson Education / CENGAGE Learning, 2014, 3rd Edition.
"Security+ Guide to Network Security Fundamentals", M. Ciampa, Nelson Education / CENGAGE Learning, 2017, 6th Edition.
"CISSP: Certified Information Systems Security Professional: Study Guide", J. M. Stewart, M. Chapple, C. Gibson, Wiley, 2018, 8th Edition.
"Corporate Computer Security", R. J. Boyle, R. R. Panko, Prantice Hall, 2015, 4th Edition.
"Applied Information Security: A Hands-On Guide to Information Security Software", R. Boyle, Prentice Hall, 2014, 2nd Edition.
"Laboratory Manual to Accompany Hacker Techniques, Tools and Incident Handling", Jones & Bartlett Learning, 2013.

Prerequisite

Prerequisites: Any 12 university credits at the 2000-level in any discipline.

Course Description

This course introduces students to the basic concepts, goals and terminology of computer security. It provides a general overview of the computer security body of knowledge with an emphasis on the risk-based mindset that a computer security professional needs to have. Students will be exposed to both the theoretical and the practical aspects of computer security. The lab sessions will include security case studies as well as exercises using modern security tools.

Grading Scheme

10 Weekly Quizzes x 4% [ 40% ]
5 Assignments x 4% [ 20% ]
Research Project [ 5% ]
Final Exam [ 35%]

Missed Quizzes and Late Assignments

The weight of any missed component will be transferred to the final exam.
Late assignments will not be accepted, unless a prior arrangement is made with the instructor.

Academic Honesty

Please refer to: Department of Computer Science Academic Honesty Guidelines