The course covers introductory topics in computer security. The goal is to expose students to fundamental security primitives and to a broad range of current security challenges. The course provides a hands-on approach to examining a wide range of topics in operating systems, software engineering, and network and communications security.
Students will work with various tools and techniques used by hackers to compromise computer systems or otherwise interfere with normal operations. The purpose of the class is NOT to teach you how to be a hacker, but rather to teach you the approaches used by hackers so you can better defend against them. Students work in groups of two to complete assigned labs. It is OK to talk to others and help each other in the lab. Students will be graded based upon exams and completion of assigned labs.
Lab Rule:
You will NEVER take any programs from the lab on any writable media/memory devices, nor will you ever connect any of the lab machines to any production wired or wireless network machines or laptop devices. This is to prevent the spread of any of our malicious programs and techniques. You are encouraged to bring code into the lab to experiment with.
Policy on Commenting Software:
Fully commenting code, even code that you were given as a starting point is mandatory. This is one of the instructor’s pet peeves. You must fully comment all code you turn in and must include comments to explain all of the code you turn in. (Even those parts of the code you did not write but were given as a starting point). You must include in the comments an explanation of what the purpose of the code is, the date the code was originally written, the date the code was last modified, your lab team member names and your group number must be in the comments. The last date modified must be correct and in the comments.
Policy on Handouts:
The handouts and lecture notes for 4894 can be downloaded from the class web page (this document) which is password protected. Handouts with proprietary or copyrighted material will be put on the protected page and should not be made publicly available by students.
Prerequisites: ECE3076 or ECE3600 or ECE 4110 or CS3251; some previous C Programming (or Java) experience would be beneficial
There is one required textbook and one recommended textbook. We cover lots of really good material and no one textbook has it all. These are excellent references and will serve you well in future jobs or research projects. We will also occasionally review conference and journal publications.
Text One: Required
| |
 |
|
Introduction to Computer Security, by Goodrich and Tamassia, ISBN: 978-0321512949
|
Text Two: Recommended
| |
 |
|
Hacking Exposed 7: Network Security Secrets & Solutions (SEVENTH EDITION), by McClure, Scambray, and Kurtz, ISBN 978-0071780285
|
| Grading |
| Labs |
30% |
| Midterm 1 |
20% |
| Midterm 2 |
20% |
| Final Exam |
30% |
| Total |
100% |
|
|
| Grading Scale |
| 90% - 100% |
A |
| 80% - 89% |
B |
| 70% - 79% |
C |
| 60% - 69% |
D |
| < 60% |
F |
|
Responsibility for Material:
Students are responsible for all material in assigned sections of texts, even if not explicitly covered in lecture. Students are also responsible for all material covered in lecture.
Exams, Makeup Exams, and Incompletes:
All exams are closed book. As a rule, makeup exams will be offered at the discretion of the professor and only for scheduled absences that are requested in writing at least one week in advance. Medical emergencies are the only exception to this rule and in case of such an emergency, the student must contact the professor as soon as possible to discuss the makeup. Incomplete grades will be given only in extraordinary circumstances.
Late Turn-in and Re-grading:
Labs can be turned in two days after the due date and will be subject to a 20% penalty. The grade for the lab will be zero after this window.
Exams will not be considered for re-grading later than the next class period after they are returned. Re-grading requests should be submitted in writing with a specific explanation of the possible grading error. Photocopies of completed exams will be made by the instructor prior to returning them.
Academic Honesty:
Although students are encouraged strongly to communicate with each other to assist in learning the course material, all students are expected to complete course work individually (unless instructed otherwise), following all instructions stated in conjunction with exams and assignments. All conduct in this course will be governed by the Georgia Tech honor code. Additionally, it is expected that students will respect their peers and the instructor such that no one takes unfair advantage of any other person associated with the course. Any suspected cases of academic dishonesty will be reported to the Dean of Students for further action.
The laboratory is in the Klaus building, room 2446. It will be manned by the teaching assistant based on the schedule below.
| Contact Information |
| Teaching Assistant |
Paul Wilson |
| Email |
 |
| Labs |
Klaus 2446 |
| Lab Hours |
Monday 11:00 am - 2:00 pm |
| Tuesday 10:00 am - noon |
| Wednesday 11:00 am - 2:00 pm |
| Thursday 10:00 am - noon |
The laboratory assignments will be on the following subjects:
- Reconnaissance, Network Mapping, Vulnerability Assessment
- Password Cracking, Network Sniffing, Man-in-the-Middle Attacks, and Virtual Private Networks
- Address Spoofing, Denial of Service, Email Spoofing, and VoIP
- Firewalls
- Rootkits, Backdoors, and Trojans
- Buffer Overflow attacks
- Honeynets
- Worms and Viruses
- Web Security
- Botnets
Link to
A tentative schedule of lectures (subject to change) is provided below.
Topic(s): Course Overview and Introduction , |
Ethical Hacking
- Ethical Hacking
- Introduction and Overview
- Fundamental Concepts
Reading(s): |
- Class: Goodrich (Chapter 1)
- Lab:
- S. A. Shaikh, H. Chivers, P. Nobles, J. A. Clark, Hao Chen. Network reconnaissance. Network Security, Volume 2008, Issue 11, 2008. [PDF]
- Supplemental Material:
- B. Cheswick. An Evening with Berferd in which a cracker is lured, endured, and studied. Usenix, 1992. [PDF]
[Lab 1: Reconnaissance, Network Mapping, Vulnerability Assessment] - - Assigned: January 12th, Due: January 21st
Topic(s): Network Security - Network Models , Network Security - TCPIP |
- Network Security Concepts
- Attacks at Multiple Layers and Countermeasures
- Denial-of-Service Attacks
- Firewalls
- Intrusion Detection
- Wireless Networking Concepts, Attacks, and Countermeasures
Reading(s): |
- Class: Goodrich (Chapter 5)
- Lab:
- D. Goodin. Why passwords have never been weaker and crackers have never been stronger [Site]
- Supplemental Material:
[Lab 2: Password Cracking, Network Sniffing, Man-in-the-Middle Attacks, and Virtual Private Networks] - - Assigned: January 21st, Due: January 30th
Topic(s): Network Security - TCPIP,Networks - DNS |
- Network Security Concepts
- Attacks at Multiple Layers and Countermeasures
- Denial-of-Service Attacks
- Firewalls
- Intrusion Detection
- Wireless Networking Concepts, Attacks, and Countermeasures
Reading(s): |
- Class: Goodrich (Chapters 5, 6)
- Lab:
- Supplemental Material:
Topic(s): Firewalls,Wireless Networks |
- Network Security Concepts
- Attacks at Multiple Layers and Countermeasures
- Denial-of-Service Attacks
- Firewalls
- Intrusion Detection
- Wireless Networking Concepts, Attacks, and Countermeasures
Reading(s): |
- Class: Goodrich (Chapters 6)
- Lab:
- Supplemental Material:
[Lab 3: Address Spoofing, Denial of Service, Email Spoofing, and VoIP] - - Assigned: Januaray 30th, Due: February 8th
Topic(s): Operating Systems Concepts,Operating Systems Security |
- Operating Systems Concepts Overview
- Process Security
- Memory and Filesystem Security
- Application Program Security
Reading(s): |
- Class: Goodrich (Chapter 3)
- Lab:
- Supplemental Material:
[Lab 4: Firewalls] - - Assigned: February 8th, Due: February 17th
Topic(s): Operating Systems Security, File System Security , Application Program Security, Password Characterization |
- Operating Systems Concepts Overview
- Process Security
- Memory and Filesystem Security
- Application Program Security
Reading(s): |
- Class: Goodrich (Chapter 3)
- Class: Zero-Sum Password Cracking Game: A Large-Scale Empirical Study on the Crackability, Correlation, and Security of Passwords [Link]
- Lab:
- Supplemental Material:
[Lab 5: Rootkits, Backdoors, and Trojans] - - Assigned: February 17th, Due: February 26th
Topic(s): Malware |
- Insider Attacks
- Computer Viruses
- Malware Attacks
- Privacy-Invasive Software
- Countermeasures
Reading(s): |
- Class: Goodrich (Chapter 4)
- Lab:
- Supplemental Material:
Topic(s): Malware |
- Insider Attacks
- Computer Viruses
- Malware Attacks
- Privacy-Invasive Software
- Countermeasures
Reading(s): |
- Class: Goodrich (Chapter 4)
- Lab:
- Supplemental Material:
[Lab 6: Buffer Overflow attacks] - - Assigned: February 26th, Due: March 7th
Topic(s): Cryptography |
- Symmetric Cryptography
- Public-Key Cryptography
- Cryptographic Hash Functions
- Digital Signatures
Reading(s): |
- Class: Goodrich (Chapter 8)
- Lab:
- Supplemental Material:
[Lab 7: Honeynets] - - Assigned: March 7th, Due: March 16th
Topic(s): Hash Functions |
- Symmetric Cryptography
- Public-Key Cryptography
- Cryptographic Hash Functions
- Digital Signatures
Reading(s): |
- Class: Goodrich (Chapter 8)
- Lab:
- Supplemental Material:
[Lab 8: Worms, Viruses, and Wireless] - - Assigned: March 16th, Due: April 3rd
Topic(s): Physical Security , Device Identification |
- Authentication Technologies
- Miscellaneous Topics
Reading(s): |
- Class: (GTID) - A Passive Technique for Fingerprinting Wireless Devices with Wired-side Observations. [PDF]
- Lab:
- Supplemental Material:
[Lab 9: Web Security] - - Assigned: April 3rd, Due: April 12th
Topic(s): Secure Storage |
Reading(s): |
- Class: Goodrich (Chapter 9, Section 9.7)
- Lab:
- Supplemental Material:
[Lab 10: Botnets] - - Assigned: April 12th, Due: April 21st
Topic(s): Usable Security, Invited Talks, Course wrap up - Makeup |
Reading(s): |
- Class:
- Lab:
- Supplemental Material:
FINAL EXAM (2:50pm - 5:40pm)
