322 376: Information and Communication Technology Security (Fall 2012)

Course Description:
Introduction to computer security and information and communication technology, encryption techniques, introduction to number theory, public key algorithm, key management, hash function, digital signature and authentication protocol, electronic mail security, Internet Protocol (IP) security (IPsec), web security, virus, worm, firewall, information technology security management, computer security law.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor: Chakchai So-In, Ph.D., chakso AT kku.ac.th
Office: SC 6706
Office Hours: Monday 02.30pm to 04.30pm (or email me for appointment)
Class homepage: http://web.kku.ac.th/chakso/322376_Fall12/
CNAP CCNA Security material: Cisco Network Academy CCNA Security
Teaching Assistant:

Kanokmon Rujirakul ace_kamikaze AT hotmail.com , Sunday 5.00pm to 06.00pm @6707

Sarayut Poolsanguan tktschool AT hotmail.com, Tuesday 05.00pm to 06.00pm @6707

Chatchai Poonriboon kengtaykung AT gmail.com, Wednesday 05.00pm to 06.00pm @6707

Location:
Section I: - the class meets on Tuesday at room SC8505 from 09.00am to 12.00pm for lecture (with additional lab hours).
Section II: - the class meets on Wednesday at room SC8405 from 01.00pm to 04.00pm for lecture (with additional lab hours).
Facebook Group: Facebook Group
Class Email: cs322376 AT gmail.com

Textbook
The main textbooks for the course are
1.Computer and Network Security (Thai Edition) by Chakchai So-In, 2012.
2. Cryptography and Network Security: Principles and Practice by William Stallings, 2010
3. Network Security: Private Communication in a Public World by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2002
4. Law (ICT) Thailand

(Optional) Supplementary
1. Master in Security 2nd edition (Thai) by Jatuchai Pangjun, 2010
2. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
3. Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2012
4. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
5. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
7. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 1996
8. Network Security Essentials: Applications and Standards by William Stalling, 2010
9. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
10. Network Security Architectures by Sean Convery, 2010
11. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

Other good books are
Slides from Prof. Raj Jain, Network Security Slides
Most importantly, please READ all Computer and Network Security Wiki related topics.
Network Programming (Bee)
UNIX Tutorial for Beginners Tutorial@virginia.edu

Example Project I (Class in 2011)

Example Android APP on Market

Click

Project I APP

Example Android APP on Market

Click

Mini Lab Project

News

01/14/2012: Lecture #5+#6+#7+#8+#9+#10+#11+#12+#13+#14 are available
01/07/2013: hw5 is available
11/30/2012: hw4 is available
11/30/2012: Lecture #5 is available
11/17/2012: Lecture #4 is available
11/17/2012: hw3 is available
11/10/2012: hw2 is available
11/10/2012: Lecture #3 is available
10/25/2012: hw1 is available (due 11/19)
10/10/2012: Lecture #2 is available
10/01/2012: Download Homework/Lab cover letter here
10/01/2012: Download Project Presentation Review Form here
10/01/2012: Download evaluation form here
10/01/2012: 1. Outline/Story Board/Proposal Examples: Proposal Presentation1, Proposal Report1, Final Report1, Poster1
10/01/2012: 2. Outline/Story Board/Proposal Examples: Proposal Presentation2, Proposal Report2, Final Report2, Poster2
10/01/2012: Lecture #1 is available.
10/01/2012: Web site created.

Lecture Schedule: Tentative Subject to Change)

Class	Day	Date	Topic
1	Monday	10/22/2012	Course Overview
2	Monday	10/29/2012	Encryption Techniques
3	Monday	11/05/2012	Block Ciphers and Encryption Standards
4	Monday	11/12/2012	Advanced Encryption Standard + Symmetric Cipher and Random Variable
5	Monday	11/19/2012	Introduction to Number Theory + Project Topic Selection + Encoragement
6	Monday	11/26/2012	Public Key Encryption
7	Monday	12/03/2012	Proposal Project Presentation + Paper Selection + Dhamma #1 + Dhamma #2 + Dhamma #3
8	Monday	12/10/2012	MAC and Hash Algorithms
9	Monday	12/17/2012	Review for Midterm
10	Monday	12/24/2012	Mid-Term Exam (week 12/24-12/28)
	Monday	12/31/2012	2013 New Year (no class)
11	Monday	01/07/2013	Authentication Application
12	Monday	01/14/2013	Email Security + Web Security
13	Monday	01/21/2013	IP Security + Small Project Submission
14	Monday	01/28/2013	Firewall + Intruder + Malicious Software
15	Monday	02/04/2013	Review for Final + Final Project Presentation/Demo
16	Monday	02/11/2013	Final Exam (week 02/11-02/16)

Note: For Section I; date+2 say Monday 10/22 = Wednesday 10/24

Homework/Lab Assignments (Fall 2012 schedule) (Subject to Change)
Four or ten homeworks will be assigned throughout the course. All assignment MUST be turned in as a HARDCOPY (during class or in my mail box). All submission MUST be turned in 7 mins before class. For all reasons, late penalty will be applied. Late homework will be assessed a 30% penalty. No homework will be accepted more than one day late. For EMERGENCY cases, you allow to email me to cs322376@gmail.com including title prefix = "322376_Fall2012_XX:HWY" such that XX is your section number and Y is your homework number.

Homework	Description	Out Date	Due Date
#1	Basic Computer and Network Security + DES	11/05/2012	11/19/2012
#2	AES	11/19/2012	12/03/2012
#3	Number Theory + Random	12/03/2012	12/17/2012
#4	Public Key Encryption	01/07/2013	01/21/2013
#5	Application Security	01/21/2013	02/04/2013

Academic Integrity
Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.

Project/Lab - Group of up to 10-12 students (You MUST include 3-4 students from STAT)
Ethic Hacking Additional Labs following Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2010

Main Project (Project I)
Project Ideas:

Ideas at Stanford.edu

Ideas at Berkeley.edu

Ideas at MIT.edu

Ideas at DotCrime

Ideas at Sunysb.edu

Ideas at Berkeley.edu

Ideas at Udel.edu

Ideas at Fsu.edu

Ideas at Upenn.edu

In this semester, we focus on Mobile and Wireless Network Security including sensor network security; however, we do not limit on these.
Project NSC2012 Examples
Central; Isan; North; South; East; West
Project NSC2013 Examples
Central; Isan; North; South; East; West

Small Project (Project II) Small Project (Security Lab)
Submit Video Set up Presentation + .doc (manual) + show setup to TA

1) Set up Virtual Machine (Vmware+virtualbox) + install window server + linux server + create member user/web php page + setup Web/Telnet/SSH server + reset admin/root password
2) Set up window/linux server + create member user + use John the Ripper, Pwdump, Fgdump, etc to hack user and password
3) Set up window/linux server + install Wireshark/Tcpdump + setup web server/HTTPS + use Wireshark/Tcpdump to capture packets of http://www.kku.ac.th
4) Set up window/linux server + install Wireshark/Tcpdump + setup telnet/SSH server + create member user + use Wireshark/Tcpdump to capture packets of when telnet/ssh
5) Set up window/linux server + create member user + use netstat, ipconfig, ifconfig, route, etc to test network command + use nmap, tcptrace or other networking map tools to find out active KKU hosts and open ports including topology
6) Set up window/linux server + create member user + install OpenPGP and test secure email
7) Set up window/linux server + create member user + install FTP + Secure FTP + and test (secure) FTP using Wireshark to catpure user/password
8) Set up window/linux server + create member user + set up IPSec + using Wireshark to capture Telnet user/pass with/without IPSec
9) Set up window/linux server + setup opensource firewall window/linux (ipchain etc.) + setup rule not to allow www
10) Write a simple program to encrypt/decrypt "text" over image/video
11) Set up linux server + setup 2 networking cards + set up static routing /forwarding (ipchain etc)+ setup linux firewall not to allow ping
12) Set up linux server + setup 3 networking cards + set up static routing /forwarding (ipchain etc) + setup NAT for 2 networks
13)Write 3 virus programs and show how to protect them
14) Set up opensource software router

Project Milestone	Description	Completion Date
#1	Project Topic Selection+15 mins Presentation (what is it)	11/19/2012
#2	Proposal Submission +20 mins Presentation (story board - theory/objective/limitation/use case/activity diagram/..etc.) Click here for detail (page 33 BUT at least 15 pages - Check also Senior Project Guideline here page 18-19) Download Project Presentation Review Form here	12/03/2012
#3	Small Project Submission (Security Lab + Presentation	01/21/2013
#4	Final Project Submission Click here for detail (page 36)+30 mins Presentation/Demo	02/04/2013

Note: These are group projects BUT grading individually *write who do what in what%?*

Grading: (tentative)

Mid-Term Exam	25%
Final Exam	25%
Homework + Quiz + Class participation	20%
Small Project	5%+5% (grading individually)
Term Project	25%+5% (grading individually)

Note that students are allowed to bring only "ONE" piece of A4 paper in each exam with additional non-memorized calculator
The final exam material will be after the mid-term; however, all related contents will be also covered.
The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
Note: Extra Credits +2.5 to 5% 1st round competition; +5 to 10% Final round competition; Published Paper/NSC/Network Security Contest/CISSP Certification/CCNA or CCIE Security Certification/Imagine Cup/Samart etc. **>1% for taking a network security contest exam

Other related computer and network security research links

CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
CyLab, CMU, http://www.cylab.cmu.edu/
Computer Security Division, NIST, http://csrc.nist.gov/
Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/

Back to Chakchai So-In's Home Page