Catalog DataText Books and Other Source MaterialsHome Page : www.cs.wright.edu/~pmateti/Courses/429 Newsgroup Activity wright.ceg.429Learning ObjectivesPrerequisites by TopicCourse ContentClass/Laboratory ScheduleContribution to Professional ComponentCourse Contribution to Program Educational ObjectivesCourse Contribution to Program Outcomes and AssessmentABCDEFGHIJKPXPXXPXX0PXPXXPXPXPXXPXXPXXEstimate CAC Category ContentOral and Written CommunicationsSocial and Ethical IssuesTheoretical ContentProblem AnalysisSolution DesignLearning OutcomesOutcome Measures and AssessmentCourse Contribution to Program Outcomes and AssessmentSupporting StatementsCEG 429 Internet SecurityCEG 429 Internet SecurityDepartment and Course NumberCEG 429 Course CoordinatorPrabhaker MatetiCourse Title Internet Security Total Credits 4BS CE: Elective; BS CS: Elective.This document was prepared by: Prabhaker Mateti Date: April 04, 2005Catalog DataIntroduction to security issues arising primarily from computer networks. Topics includenode and service authentication, address spoofing, hijacking, SYN floods, smurfing,sniffing, routing tricks, and privacy of data en route. Buffer overruns and otherexploitation of software development errors. Hardening of operating systems. Intrusiondetection. Firewalls. Ethics. Prerequisites: CEG 402Text Books and Other Source Materials1. Simson Garfinkel, Gene Spafford , Practical Unix and Internet Security, 3rd edition (2003), O'Reilly & Associates; ISBN: 0596003234. A recommended text book. 2. William Stallings, Network Security Essentials: Applications and Standards, 1st edition (2000), Prentice Hall; ISBN: 0130160938. A recommended text book.Home Page : www.cs.wright.edu/~pmateti/Courses/429 Newsgroup Activity wright.ceg.429 Learning Objectives1. Develop a deeper awareness of lack of security in networked computer systems 2. Understand the place for cryptography in Internet security 3. Understand the weaknesses of the underlying TCP/IP protocols 4. Learn to write software that avoids security flaws such as buffer overflowPrerequisites by Topic1. Familiarity with the Unix: utilities: ls, cat, ...; bash shell, X11 2. Unix C/C++ Program development tools: editors, compilers, linkers, debuggers 3. TCP/IP "theory": IP, UDP, TCP, DNS, ARP, ICMP 4. TCP/IP "practicals": ifconfig, route, ping, netstat; hubs, switches, routersCourse ContentThe topics are described at some length because they may be too unfamiliar. Thenumbers in parentheses are an estimate of the number of (75-minute) lectures.1. System Essentials (3) The initial boot can be a significant source of insecurity. The sequence of events from initial power-on cold booting to shut down of a computer system. Standard Unix processes: init, getty, inetd, rpc.*, etc. User Authentication: /etc/passwd, /etc/shadow files. One time passwords. Configuring properly. Hardeningan OS. Root kits. Backdoors. Honey pots.2. Applied Cryptography (1) Symmetric keys, Public Private keys, Hashes, MD5, Secure shell. Secure Socket Layer (SSL). 3. Virus, Worms, and Trojan Horses (1) The structure of a computer virus. Anti-virusprograms. Worms. Trojans. Preventive techniques.4. Secure Software Development (2) Buffer Overflow Exploitation. Software development techniques that are resistant to bug exploits. setuid programs, untrustedpaths, race conditions, environment, etc. Type-safety, assertions and invariants. 5. TCP/IP Exploits (3) Sniffing. Spoofing. Design weaknesses in TCP/IP suite. Probing a Host for Weakness. Remote Trojans. Denial of Service Attacks. Distributed coordinated attacks. Domain Name Service (DNS). NIS. 6. Firewalls (3) Packet filters. Circuit (or connection) gateways. An address translating firewall. Stateful inspection in a packet filter. Bastion host. Proxy servers, application gateways. Setting up a Linux PC as a Packet Filtering Router.7. Detection and Documentation of Intrusions (2). Intrusion Detection Systems (IDS). Security audit. Tripwire. Nessus. SAINT.8. Security Standards (1) Survey of a few government originated standards. Cryptography. Fortezza Crypto Cards. The Orange Book. Secure computing architectures and levels A1 (most secure) through D (least). 9. Ethical Issues (2) Class/Laboratory ScheduleEach week has two lectures of 75-minutes each. There is no scheduled lab. Students areexpected to work in open labs for no less than 2 hours a week. Lab work is a significantpart of this course. The laboratory experiments contribute 40% to the final grade. Thereare eight experiments worth 5% each.Contribution to Professional ComponentCEG 429 contributes 4 hours to the Criterion 4(b), and also contains engineering design.Course Contribution to Program Educational ObjectivesCEG 429 contributes to Objectives 1 and 2. Through exposure to the vulnerabilities ofnetworked systems, it deepens the skills to secure and properly configure systems, andwrite exploit-resistant software. The experience gained through the course project isrealistic.Course Contribution to Program Outcomes and AssessmentA B C D E F G H I J KPX PXX PXX 0 PX PXX PX PX PXX PXX PXXEstimate CAC Category Content Core Advanced Core AdvancedData Structures Concepts of PL 1.0Algorithms Comp Organization + Architecture 1.0Software Design 1.0 Other 1.0Oral and Written CommunicationsThere are no oral presentations. Students do submit a Lab Report for each of the 8 labs that highlights the lab details.Social and Ethical IssuesThe exploits and their fixes are presented in the societal context. Explicit discussion of ethics takes up two lectures. Also, there is required reading on the topic. Typically, there is an exam question too.Theoretical ContentThere is an elementary discussion of cryptography.Problem AnalysisThe labs are about a operating systems and services. Detailed analyses of the vulnerabilities and how they came to be present is expected of the students. Solution DesignSecuring a networked computer system properly as a balance between ease of use and degree of security is a goal of the course.Learning Outcomes1. Able to understand the techniques behind current exploits making the headlines 2. Can use existing hacker tools such as password crackers, sniffers, probers and hijackers 3. Can examine a networked computer system for configuration weaknesses 4. Can configure a (wireless/cable/broadband)