CSE 467/567 Computer and Network Security (3 credits)
Catalog description:
Fundamentals of network, operating system and application security. Students will study and implement a variety of security techniques including defense, response and forensics. Extensive analysis, reading and writing will be integral to this course.
Prerequisites:
CSE 383
Required Topics:
- Security Policies and Practices
- Security Policies and their uses
- Incident responses
- Common Policies and Top Attacks
- Vulnerability Analysis
- Application Security
- Writing secure programs
- Security at the requirements gathering
- Security testing
- Buffer Overflow
- Data Input parsing and checking
- Error handling/logging
- Cryptography
- Public and Private Key systems
- File encryption
- Email encryption
- Network Encryption
- Digital Signatures
- Key Infrastructures
- SSl & certificates
- Network Security
- Secure Sockets
- Terminal Security (SSH)
- Levels of Protection
- Protecting machines
- Protecting websites
- Protecting local networks
- Firewalls
- IPTables and IPFW
- Operating System Security
- Physical security
- Backup and recovery
- Authentication
- Tokens
- Passwords
- One Time Passwords
- Password generating devices
- Synchronized password devices
- Boot Security
- File Security
Learning Outcomes:
- Students shall be able to describe Security Policies and Practices
- Students shall be able to describe common Security Policies and their uses
- Students shall be able to describe the role of people in Security
- Students shall be able to craft appropriate security policies for common applications
- Students shall be able to describe the role of security and security policies in the development of software systems
- Students shall demonstrate knowledge of the basics of writing secure programs
- Students shall be able to write appropriate and perform appropriate security tests to programs at the unit and program level
- Students shall demonstrate understanding of the concepts and methods of preventing Buffer Overflow Attacks
- Students shall demonstrate understanding of the concepts and methods for performing Data Input parsing and checking
- Students shall demonstrate understanding of the concepts and methods for performing Error handling/logging
- Students shall demonstrate understanding of the concepts and methods for performing Authentication
- Students shall be able to describe the role of security and security policies in operating systems
- Students shall demonstrate understanding the needs relating to Physical security
- Students shall demonstrate understanding of the needs, concepts and methods for performing Backup and recovery
- Students shall demonstrate understanding of the needs, concepts and methods for performing user Authentication
- Students shall demonstrate understanding of the needs, concepts and methods for performing file security
- Students shall be able to describe the role of security and security policies in networks
- Students shall demonstrate an understanding of the use of secure sockets (SSL)
- Students shall demonstrate an understanding of the use of Terminal Security (SSH)
- Students shall demonstrate an understanding tools and techniques to protecting computers
- Students shall demonstrate an understanding of tools and techniques to protect web applications
- Students shall demonstrate an understanding of tools and techniques to protect local networks
- Students shall demonstrate an understanding of the use of Firewalls
- Students shall demonstrate an understanding of the use of Virtual Private Networks
- Students shall be able to describe and implement methods for protecting information and systems using encryption
- Students shall demonstrate an understanding of the use of Public and Private Key systems
- Students shall demonstrate an understanding of the use of File encryption
- Students shall demonstrate an understanding of the use of Email encryption
- Students shall demonstrate an understanding of the use of Digital Signatures
- Students shall demonstrate an understanding of the use of Key Infrastructures
- Students shall demonstrate an understanding of the use of SSl & certificates
- Students shall implement security best practices
- Students shall be able to implement Vulnerability Analysis
- Students shall be able to describe and develop appropriate Incident response
Graduate students:
Students taking the course for graduate credit will have additional or more in-depth problems in the lab/programming assignments.