This course will introduce the student to the field of cybersecurity and Internet architecture. The application, physical, link, network and transport layers of the protocol stack are presented. The student will study technologies, processes and practices designed to protect networks, computers, programs, and data from attacks. Cybersecurity issues such as malware (worms, phishing, trojans,and viruses) and other vulnerabilities will be presented. Prerequisites: COSC 2610 Operating Systems and COSC 2670 Network Principles.
The course contents as of 2017:
Introduction to Cybersecurity. What is cyberspace? Define cybersecurity and differentiate it from information security. Describe risk management process in the context of IT governance and within Enterprise Risk Management framework. What are cybersecurity risks? Identify cybersecurity threat actors and vectors for cyber attacks.
Analyze cases of large scale cyber attacks and focus on impact.
Cybersecurity is multi-disciplinary subject and not just a technology issue. Identify technologies, processes and practices to protect corporate information assets. What are preventive, detective and corrective cybersecurity controls. Analyze human resources aspect of cybersecurity and risk awareness education. Physical security and cybersecurity.
More in-depth analysis of cybersecurity protection measures with focus on end-point security. (Cryptographic controls, user authentication, access controls).
An in-depth analysis of cryptographic algorithms (RSA, DSA, DH, ECDH, ECC) and their implementation in coding is performed using Sage mathematics development framework.
In-depth analysis of malicious software as cybersecurity attack vector. Analyze main protection technologies such as host-based firewalls, intrusion detection and prevention systems. Hands-on exercises with malware analysis tools (static and dynamic code analysis). Studying taxonomy for malware description.
In-depth analysis of software security with focus on end-point security. Analyze buffer overflow vulnerabilities and attacks. Perform hands-on exercises in C++ and Python for studying buffer overflow attacks. Identify Operating System vulnerabilities and security hardening for Windows, Linux and Mac OS. Hands-on exercises with Kali and Ubuntu linux.
Describe the Internet architecture and identify its vulnerabilities from cybersecurity aspects. In-class discussion on cryptographic vulnerabilities and CVE, CWE, and CVSS. Analyze Internet security protocols and standards, Internet authentication applications. Analyze Denial of Service (DoS) attacks with special focus on connected industrial systems (case study in automotive industry, shipping, construction, railways transportation).
Identify internetworking security controls. In-depth analysis of network-based firewalls, intrusion detection and prevention. Analyze security of wireless networks with in-class detailed review of the latest WPA2 vulnerabilities publicly disclosed.
Presentations of term papers. Course review. Final exam.