CIS Logo SVC Logo

   Computing & Information Systems
   Department

 

Schoology Facebook        Search CIS Site      Tutorials

CS 325 Home Page



Topics in Advanced Security



Spring 2011


This course concentrates on the following advanced topics in computer and network security: secure coding, computer forensics, malware analysis, and penetration testing. Several other general topics in computer security will be covered in the text and discussed so as to round out the coverage. Students will be asked to be more independent in this class than in CS 225, and will have to figure out on their own how to make certain software, exploits, etc. to work. There will be more class presentations and other occasions to actively participate. There will be less lecturing. Some of the projects will be of your own design. Students will also have the opportunity to determine, in part, what activities they will do to fulfill the course requirements.

Further Course Information

  • Course Syllabus
  • Labs: The following labs are now available in Br. David's office. Email him to set up a time.
    • Web goat lab 1: penetration testing
    • Web goat lab 2: penetration testing
    • Forensics lab 1: EnCase demo
    • Forensics lab 2: bank case
    • Windows network-based forensics lab (a follow-up to the above bank forensics lab) -- newest lab!
    • Malware analysis lab 1
    • Malware analysis lab 2
  • Be sure you have gone over chapters 1, 2, 3, 4, 5, 9, 13, 18, 19, and 23 in the text.
  • SANS Top 25 Most Dangerous Software Errors
  • SANS What Works in Internet Security
  • SANS Certifications
  • SANS Reading Room
  • Presentation materials. Remember that for each presentation you should provide the class with a well-written outline on paper or something equivalent, such as PowerPoint slides. The following electronic documents are available:
    • Kareen's The_5_steps_of_Malware_Analysis.pptx in the Malware Analysis folder on the course network drive.
    • Bartko's Dynamic_Analysis.pptx in the MalwareAnalysis folder on the course network drive.
    • The files used by James Kuhns and Tony in their steganography presentation are in the Steganography folder on the course network drive.

Comic Relief


We studied security flaws due to integer overflow and how the integers wrap around. Here's an illustration of the wrap-around aspect.
Thanks to http://xkcd.com. Note their license information.

[If androids someday DO dream of electric sheep, don't forget to declare sheepCount as a long int.]

Note on Flu


Because of the possibility of H1N1 and other types of flu affecting us on campus, please practice good hand washing, etc. If you get the flu, please notify me by phone or e-mail and stay home for 24 hours after the fever has gone. Check with me about what you miss. You will not be penalized for missing class in this situtation. It is better to stay away from class and not spread the flu when you are ill.

Resources and Links



Security

Hacker/Cracker


Be warned that some of the language and opinions expressed in these web sites may be offensive.

Internet Safety

Computer and Network Security Related

Thanks to all who helped to create this course.

Instructor: Br. David Carlson



Maintained by: Br. David Carlson
Last updated: February 13, 2014
Disclaimer