Download Introduction to Computer and Network Security Course - Prof. Brian Levine and more Study notes Computer Science in PDF only on Docsity! CMPSCI 460 1 FORM B UNIVERSITY OF MASSACHUSETTS AMHERST OFFICE OF THE SECRETARY THE FACULTY SENATE UNDERGRADUATE COURSE APPROVAL FORM (Courses Numbered 001-599) 15 Copies Required for Courses Numbered 001-499 20 Copies Required for Courses Numbered 500-599 1. DEPARTMENT, COURSE NUMBER AND TITLE: CMPSCI 460, Introduction to Computer and Network Security 2. SCHOOL OR COLLEGE: Natural Sciences and Mathematics 3. Proposer’s Name, Telephone and Email: Brian Levine, 413-577-0238, brian@cs.umass.edu 4. Proposed Instructor: Brian Levine 5. Course Credits: 3 6. Are there Prerequisites? Yes . If yes, please specify CMPSCI 377 7. What is the intended clientele? Lower Division Upper Division X Department majors only Departmental/related majors X Non-Majors If course is intended for majors, what role will it play in the curriculum? Required Elective X 8. Complete Course Catalog Description (30 Words): This course provides an introduction to the principles and practice of system and network security. A focus on both fundamentals and practical information will be stressed. The three key topics of this course are cryptography, system security, and network security. Subtopics include ciphers, hashes, key exchange, security services (integrity, availability, confidentiality, etc.), security attacks, vulnerabilities, exploits, countermeasures. 9. Please attach the following materials: X Week-by-week outline of topics covered in course (or syllabus) X List of Required readings X Description of required assignments (papers, exams, projects, reports, presentations, etc.) X Summary of course grade criteria X Selected bibliography of works used by instructor in developing course, especially recent works (as appropriate) Upon approval of the course by the department head, one copy of this form shall be sent from the departmental office to the Faculty Senate Office to allow for the course to be published on the University’s Web Site for comment. For courses numbered 500-599, the “Guidelines for Course Approval Form” from the Graduate Council must accompany the new course proposal.. CMPSCI 460 2 Introduction to Computer and Network Security Course Grade Criteria: • lab and homework assignments (30%) 4-5 major assignments (see attached example) • quizzes (30%) Typically one quiz every 2-3 weeks • exams (30%) two exams • presentation/participation (10%) Each student presents one 5 minute lecture about current security news during the semester. Evolution: The course has been offered experimentally more than several times and has converged on a set of core topics, while always making room for the latest advances in such topics as wireless networking, law, malware, etc. We estimate the enrollment for this course will be between 15 and 30. Selection of Bibliography of materials used to develop the course: • Matt Bishop, Introduction to Computer Security, Addison-Wesley 2004. • William Stallings, Cryptography and Network Security, Prentice Hall 2005 • Bruce Schneier, Applied Cryptography, John Wiley & Sons, 1996 Topic List and Reading Chapters refer to Bishop text above. Date Topic Title Reading Tue Sep 4 Introduction Ethics, Overview, Expectations Ch 1 Thu Sep 6 Definition, Security Primitives Ch 2,3 Tue Sep 11 Cryptography Overview, History Ch 8 Thu Sep 13 Symmetric,Asymmetric Ch 11 Tue Sep 18 Protocols Ch 9 Thu Sep 20 Protocols (cont'd) Ch 10 Tue Sep 25 Policy Ch 4 , 5; UMass Computing Policies Thu Sep 27 Policy Assurance Ch 6, 7.3-7.5 Tue Oct 2 Risk Ch 17 Thu Oct 4 Information Security Law Ch 18 Thu Oct 11 Protection Buffer Overflow Ch 24, 25 Tue Oct 16 Secure coding Ch 12, 26 Thu Oct 18 Exam Tue Oct 23 Systems Hardening Ch 19 Thu Oct 25 More Hardening http://www.honeynet.org/papers/bots/ Tue Oct 30 TCP/IP Weaknesses Ch 23
