CIS Logo SVC Logo

   Computing & Information Systems
   Department

 

Schoology Facebook        Search CIS Site      Tutorials

CS 325 Syllabus



Advanced Topics in Security



Spring 2011



CIS Department



Saint Vincent College



General Information

  • 3 credits
  • Prerequisites: CS 111 and CS 225 (though with instructor permission, CS 225 can be omitted)
  • Instructor: Brother David Carlson
  • Office: Physics 201
  • Office hours:
    • Mon, Wed, Fri 9:30 - 11:15 am
    • Tue, Thurs 12:30 - 2:15 pm
    • and by appointment
  • Phone: 724-805-2416 or extension 2416 on campus
  • Email: david.carlson@email.stvincent.edu
  • The CIS lab on the ground floor of the Physics building will be available according to a schedule that will be posted outside of the lab and under the CIS Department Web Page. However, many of the hands-on activities in this course need to be carried out on the isolated security lab in Br. David's office.
  • Text: Principles of Computer Security: CompTIA Security+ and Beyond, 2nd. ed., by Wm. Arthur Conklin and Greg White, McGraw-Hill (2010), ISBN 978-0-07-163375-8. Beware of getting a different edition or an international edition as these are likely to vary.
  • Reference books.
    • One copy of each is available in Br. David's office. You do not have to buy you own copies of these, but you can do so if you wish.
    • Malware Analyst's Cookbook and DVD, by Michael Hale Ligh, Steven Adair, Blake Hartstein, and Matthew Richard, Wiley (2011), 978-0-470-61303-0.
    • Real Digital Forensics, by Keith J. Jones, Richard Bejtlich, and Curtis W. Rose, Pearson Education (2006), 978-0-321-24069-9.

Description


This course concentrates on the following advanced topics in computer and network security: secure coding, computer forensics, malware analysis, and penetration testing. Several other general topics in computer security will be covered in the text and discussed so as to round out the coverage. Students will be asked to be more independent in this class than in CS 225, and will have to figure out on their own how to make certain software, exploits, etc. to work. There will be more class presentations and other occasions to actively participate. There will be less lecturing. Some of the projects will be of your own design. Students will also have the opportunity to determine, in part, what activities they will do to fulfill the course requirements.

Why Take This Course?


This course is an elective for most CIS majors (but required for those in the computer security concentration) and a possible course for CIS minors and others interested in this topic. At a time when attacks are increasing in sophistication, the study of computer security is of considerable importance. Computer security professionals are also in demand, both by the government and industry, as there are too few such professionals to go around. This course is also more open-ended than most CIS courses and allows students (within reason) to investigate particular aspects of the topics at hand that are of interest to them.

The Prerequisites


CS 111 is listed as a prerequisite since some programming background is needed to understand secure coding techniques. CS 225 is not an essential prerequisite, but it would make this course easier to have had CS 225 first.

The Text


The text was chosen mostly to provide a broad background in computer security. This is useful for everyone, but especially for those who have not had CS 225. (The sections on basic networking, for example, are a good resource for those who don't yet know this area.) The text does provide some material on this course's areas of concentration. In particular, there are chapters on secure software development and computer forensics. The book will be supplemented with the more specialized reference books listed at the top of this syllabus, as well as by the use of other materials supplied by both the instructor and the students.

Core Goals


This course contributes especially toward the following core curriculum goals, listed in order of emphasis:
  1. To form habits of ordered inquiry, logical thinking, and critical analysis
  2. To develop effective communication skills
  3. To develop mathematical skills and quantitative literacy

CIS Department Goals


This course contributes to the following departmental goals, listed in order of emphasis.
  1. The CIS graduate should demonstrate the ability to manage the complexity of a technical problem through the use of good problem solving skills and software engineering skills, as well as ethical and decision-making skills.
  2. The CIS graduate should have a broad knowledge of the field of computing.

Course Goals and Means of Assessment

  1. By the end of the course, the student should understand and be able to explain the basics of the main topics in computer and network security.
  2. By the end of the course, the student know the primary mistakes that lead to insecure code as well as the techniques used to fix these flaws (or to avoid them in the first place).
  3. By the end of the course, the student should be able to carry out in a logical manner a straightfoward analysis of a malware sample.
  4. By the end of the course, the student should be able to piece together system and network data to do a basic computer forensics analysis.
  5. By the end of the course, the student should be able to conduct basic penetration testing, especially of web applications.
  6. By the end of the course, the student should be able to do computer security work independently and to present it to others in an understandable way.
These goals will be assessed through exams, hands-on activities, and presentations. The hands-on activities are especially used to assess the second through the fifth goals, as the course has students perform the activities in these goals. The class presentations most clearly assess the final goal, but also help with the others. Informal student comments are also considered.

Ethics


In taking this course, the student agrees to use the tools appropriately. In particular, the student promises to only use attack tools against the systems explicitly labeled as targets in the course labs. No attacks of any type are to be launched against other systems or networks, unless clear permission has been obtained from the administrators of those systems and networks. Many of these tools can be dangerous or cause alarm if used inappropriately. In this course, all activity that is worrisome will be conducted on a test LAN that is isolated from all other networks. Students who want to test their own computers for security flaws should exercise similar caution.

Students who fail to follow this promise risk disciplinary action by the college, law enforcement, etc. Any apparent breaches of this ethics promise will be reported to the administration for appropriate action. See the CIS Department Policies page for general guidelines on computer ethics.

Grading and Course Policies

  • 25% Exam 1
  • 25% Exam 2
  • 5% Quizzes
  • 45% Projects, Labs, Presentations
  • There is no final exam. The final exam period (Thurs, May 5, 11 am - 1 pm) will be used to wrap up the last presentations. Attendance is expected and does count toward the course grade.
The projects category includes projects, labs, presentations, etc. Here are the details:
  • You must attain at least 100 points in the projects category to have the best possible grade.
  • You must do at least one malware analysis lab, 25 points.
  • You must do at least one computer forensics lab, 25 points.
  • You must do at least one penetration testing lab, 25 points.
  • If you design a malware analysis lab suitable for others to use, that counts as 35 points (and removes the need to do a malware analysis lab).
  • If you design a computer forensics lab suitable for others to use, that counts as 35 points (and removes the need to do a computer forensics lab).
  • If you design a penetration testing lab suitable for others to use, that counts as 35 points (and removes the need to do a penetration testing lab).
  • If you do a half-hour class presentation, lecture, or demonstration of a reasonable chapter from the text or our 2 reference books (or other topic mutually agreed to by you and the instructor), this counts as 35 points. Presentations on a malware analysis technique or a computer forensics investigation are of particular interest.
  • If you do a 10-minute class presentation, short lecture, or demonstration (as in the previous item), this counts as 15 points.
  • Each student has to do at least one presentation (either the 10 or 30 minute variety).
  • If you set up software that others can use in the security lab that counts as 15 points (more if it is complicated).
  • You can suggest other items for inclusion in your projects category, with point values to be decided.
  • The above activities can be done individually or in pairs. Three or more people tends to be harder to manage, but you can request permission to use such a group if there is a good reason to do so.
  • In presentations done by a group, each group member must do part of the presentation.
Your grade in the projects category will be min(100, grade1 * points1 + ... + gradek * pointsk), where grade1 is the percentage grade you got on project1 that counted as points1 points, etc. For example, if you simply did the 3 required labs (for a total of only 60 points, which is not recommended as it gives a max project grade of 60%) and got 80% on the first lab, 100% on the second, and 90% on the third, then your project grade would be .60 * 20 + 1.00 * 20 + .90 * 20 = 50, meaning a 50% grade in the projects category. However, suppose you added these items: An 85% grade on a 30 point class presentation and an 80% grade on a 30 point lab that you created. Then your project grade would be .60 * 20 + 1.00 * 20 + .90 * 20 + .85 * 30 + .80 * 30 = 99.5. Note that the maximum possible project grade is 100, due to the min in the above formula. You can do as many projects as you like in order to improve your grade.

Each lab will require you to turn in a lab report of some type. Most or all of the labs will use the small test LAN in Br. David's office. Students will have to sign up for times to use this test LAN. Presentations (10 minute or 30 minute) must be accompanied by a well-written outline to be handed out to the class. Quiz and test answers are expected to be written using good English. These items will be graded not just on the correctness of the answers, but also on the clarity of the presentation. This is intended to help the student to develop good written communications skills.

Letter grades will be assigned according to the scheme found in the current College Bulletin. Exams will be announced in advance and will be closed-book in nature. Quizzes could be given at any time. Calculators may be used on the exams and quizzes. Cell phones and pagers should be turned off and put away during exams. On a test, students may only use the test itself, calculators, pens, pencils, and erasers. Calculators may not be passed between students. No laptops or other computers may be used on an exam or quiz.

Tests and quizzes will ask critical thinking questions that often require a paragraph of analysis, explanation, and conclusions. A few multiple choice, true/false, and other short answer questions may also be included. Labs involve a lot of hands-on activity to try out a certain security situation, investigate what occurs, gather data, etc. Besides reporting the raw data, students will usually be required to write several paragraphs of explanation and conclusions based on that data.

Both the instructor and students are expected to do their best to produce a good class and to treat each other with respect. This includes many factors, such as listening when someone else is speaking, trying to understand what others are saying, being of assistance to others, etc. It definitely does NOT include making fun of others. On a practical level, do your best to improve your grade: read the text, attend class, do the labs and projects, ask questions, and try to answer questions. CS courses requires active participation and repeated practice. If you begin to feel lost, see the instructor or work through the difficulties with the help of another student in the course. Do not let yourself get behind. Note in particular that attendance is expected. Student performance is bound to deteriorate when classes are missed. In order to emphasize the importance of attendance, the policies outlined right after this paragraph will be used.
  • If the student does not attain a passing average in the test category, a failing grade will be received for the course.
  • Each unexcused class absence after the first 3 results in 1.5 percentage points being deducted from the final course grade.
  • Arriving late for class or leaving early (without a proper excuse) is counted as 1/2 of an absence.
  • Missing a scheduled lab (without an acceptable excuse) is counted as 1/2 of an absence.
  • An unexcused absence from an exam results in the failure of the course.
  • Unexcused absence from more than one-third of the semester's classes results in the failure of the course.
  • Attendance is used to decide borderline grades at the end of the semester.
  • Unexcused absence from class results in a grade of zero for any quiz done in that class.
  • Late work is not accepted unless resulting from an excused absence.
  • Written documentation (such as a note from a doctor's office or coach of one's sports team) is normally required for an absence to be excused. Always bring a copy of such a note to give to your instructor when class must be missed. In special circumstances, check with your instructor.
Make-up quizzes will not normally be given. For an excused absence, the student will simply be excused from the quiz. Make-up exams are strongly discouraged. If possible, take the regularly scheduled exam. For an excused absence for a significant reason, the instructor may agree to give a make-up exam. Whenever possible, see your instructor ahead of time if you know you must miss an exam (e.g. due to sports). Normally some type of written documentation is required (such as a note from the coach, doctor, etc.). If the documentation or reason for missing an exam is poor, the student can count on receiving a significantly more difficult exam, if one is given at all! Do ask about a makeup exam if you have a good reason to miss an exam, as it is understood that illnesses and other complications do happen.

Intellectual honesty is important at Saint Vincent College. Attempts to pass off the work of another as one's own, or group work as one's individual work, will result in action appropriate to the seriousness of the situation. All cases of apparent intellectual dishonesty are referred to the college administration. In this course, students are expected especially to do entirely their own work on the exams and quizzes. Projects and labs can be done together in groups of two if desired. Note that one group should not be using the results created by another group. Some students learn better when working mostly alone. Others do better when working together. However, never simply copy someone else's work as that does little to help you to learn the material. Remember that you are responsible for knowing how to solve the course's security problems and that you will have to face the test questions on your own.

Be sure to read and follow the CIS Department Policies, available under the main CIS Department Web Page. This statement covers especially the proper use of departmental computing facilities, policies concerning web pages, etc.) In addition, read the Regulations section of the College Bulletin (which covers such things as grading, academic honesty, etc.) and the Student Handbook (which covers academic honesty, classroom etiquette, etc.).

Students with disabilities who may be eligible for academic accommodations and support services should please contact the Associate Dean of Studies, Mrs. Sandy Quinlivan, by phone (724-805-2371), email (sandy.quinlivan@email.stvincent.edu) or by appointment (Academic Affairs-Headmaster Hall). Reasonable accommodations do not alter the essential elements of any course, program or activity.

If the instructor needs to cancel class, every effort will be made to send an email message to students' Saint Vincent email accounts and to post the class cancellation on the college website as well as the course webpage.

Maintained by: Br. David Carlson
Last updated: January 14, 2011
Disclaimer