CSE 5388/4392 Security I: Introduction to Computer Security

This course is a hands-on introductory level security course for both undergraduate students and graduate students. After an introduction to the basic concepts and ethical guidelines that underlie the study of security, students will learn about program vulnerabilities and malicious software that lead to most of the security problems in computers today. Students will then learn the basics of cryptography and methods for protecting systems from attack. Finally, we will cover the attacks that occur over the network, the perimeter defenses used to stop these attacks, and the other administrative issues that security professionals must consider in their work.

Instructors:
Dr. Donggang Liu
Office: 330 Nedderman Hall
Office hours: TuTh 4:30-5:30PM
Voice: 817-272-0741; Fax: 817-272-3784
Email: dliu (at) uta (dot) edu 		Dr. Matthew Wright
Office: 303 Nedderman Hall
Office hours: M 5-6PM and Th 4-5PM
Voice: 817-272-0906; Fax: 817-272-3784
Email: mwright (at) uta (dot) edu

Teaching Assistant:
Jun-Won Ho
Email: jxh8138 (at) exchange (dot) uta (dot) edu
Office: GACB 102 (the lab)
Office Hours: Tu 4-5PM, Th 7-8PM (during non-lab weeks)

Class Location: NH 110

Moodle Site: ASCENT

To create an account, click on "Login" in the upper right hand corner of the main page. Then click on "Create new account," which is on the right hand side, fill in your information on the next page. Please use your real name -- we need it to grade you. Once you've logged in for the first time, find CSE 4392/5388 Information Security 1 and enter, using the enrollment key we gave in class (on Thursday 08/07).

Class Webpage: http://isec.uta.edu/infosec1/

Textbook:
  • Charles P. Pfleeger and Shari Lawrence Pfleeger. Security in Computing: Third (or Fourth) Edition. Prentice Hall, Upper Saddle River, NJ. 2003

Course Description:
  • Fundamental Concepts, Principles, and Mechanisms (1.5 weeks)
    • Course introduction
    • Overview of computer security
    • Ethics of hacking and defense
  • Program Vulnerabilities and Malicious Codes (3 weeks)
    • Buffer overflow attack and defense
    • Format string attack and defense
    • Worms, virus and malware
  • Cryptogrphy (1.5 weeks)
    • Cryptographic tools
    • Using cryptogrphy
  • System Security (3 weeks)
    • Authentication and Password
    • Policy, access control, and accountability
    • Design trustworthy system
    • Database security
  • Network Security (3 weeks)
    • Attacker strategy
    • Intrusion techniques and tools
    • Firewalls and intrusion detection systems
  • Administrative Security (2 weeks)
    • Physical security
    • Disaster plans/recovery
    • Backup/documentation/management
Course Objectives:
  • Understanding of fundamental concepts, principles, and mechanisms in information system security
  • Understanding of basic cryptographic concepts commonly used techniques and protocols
  • Understanding of common information system vulnerabilities and techniques to address these vulnerabilities
  • Provide background for advanced topics in information system security and prepare students to work in information system security
Student Deliverables/Grading:
  • Midterm Exam (20%)
  • Final Exam (30%)
  • 3-4 Written Assignments (20%)
  • 8 Laboratory exercises (20%)
  • 14-15 Short reading responses (10%)
Course Prerequisites:

Operating system are required.
C Programming skills are highly recommended.