CS 439/539

From CS Wiki
Jump to: navigation, search

Applied Security Concepts

Catalog Description: Hands-on approach to computer security with emphasis on developing practical knowledge of how cyber attacks work and how to defend against them. Detailed exploration of attacks such as buffer overruns, string attacks, worms, trojan horses, and denial-of-service attacks, and development of defenses against them. Additional work reqd for grad cr. Recommended preparation: Good knowledge of C, operating system concepts and Unix.

Total Credits: 3

Course Coordinator: Daniel Conte de Leon

URL: None available.

Prereq: CS 336 or permission

Textbook: None

Prerequisites by Topic:

  • Fundamental concepts of operating systems
  • Hands on knowledge of Unix

Course Goals: The goal of this course is to give the students hands-on, applied knowledge of cyber-attacks, specifically, how they function and how they can be prevented. The course begins with an introduction to the class, followed by labs in which the students present varying malware threats (including viruses, worms, Denial of Service (DoS), man-in-the-middle, and buffer overruns and format string attacks and defenses). For each topic we discuss and demonstrate the defenses against those exploits. Each attack-defend scenario is covered in roughly 2 weeks duration, including student presentations.

Major Topics Covered

  • Ethics (6 hours)
  • Basic networking concepts (3 hours)
  • Buffer Overrun attacks (3 hours)
  • Format String attacks (6 hours)
  • Introduction to DoS and DDoS attacks (6 hours)
  • Case studies (16 hours)
  • Viruses and worms (3 hours)

Course Outcomes

  • Understand different kinds of cyber-attacks
  • Recognize system vulnerabilities to cyber-attack
  • Design a system to be resistant to cyber-attack
  • Implement cyber attacks in an isolated laboratory environment
  • Implement specific defenses and demonstrate ability to resist attack