322 376: Information and Communication Technology Security (Fall 2015)

Course Description:
Introduction to computer security and information and communication technology, encryption techniques, introduction to number theory, public key algorithm, key management, hash function, digital signature and authentication protocol, electronic mail security, Internet Protocol (IP) security (IPsec), web security, virus, worm, firewall, information technology security management, computer security law.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor: Chakchai So-In, Ph.D., chakso AT kku.ac.th
Office: SC 6706
Office Hours: Wednesday 03.00pm to 05.00pm (after class) (or email me for appointment)
Class homepage: http://web.kku.ac.th/chakso/322376_Fall15/
CNAP CCNA Security material: Cisco Network Academy CCNA Security
Teaching Assistant:

Kanokmon Rujirakul ace_kamikaze AT hotmail.com , Sunday 5.00pm to 06.00pm @ANT Lab level 2

Phet Aimtongkham phet AT phet.in.th, Saturdayday 05.00pm to 06.00pm @ANT Lab level 2

Sarayut Poolsanguan tktschool AT hotmail.com, Thursday 05.00pm to 06.00pm @ANT Lab level 2

Chatchai Poonriboon kengtaykung AT gmail.com, Friday 05.00pm to 06.00pm @ANT Lab level 2

Comdet Phaudphut listzone AT hotmail.com, Saturdayday 05.00pm to 06.00pm @ANT Lab level 2

Location:
Section I+II: - the class meets on Wednesday at room SC1103 from 01.00pm to 03.00pm for lecture.
- Labs: on Wednesday at room 6204C from 10.00am to 12.00pm (Sec I)
- Labs: on Wednesday at room 6204C from 05.00pm to 07.00pm (Sec II)
Section III+IV:- the class meets on Tuesday at room SC1103 from 01.00pm to 03.00pm for lecture.
- Labs: on Tuesday at room 6204C from 03.00pm to 05.00pm (Sec III)
- Labs: on Tuesday at room 6204C from 05.00pm to 07.00pm (Sec IV)
Facebook Group: Facebook Group
Class Email: cs322376 AT gmail.com

Textbook
The main textbooks for the course are
1.Computer and Network Security (Thai Edition) by Chakchai So-In, 2011-2015.
2. ¤ÙèÁ×ÍàÃÕÂ¹áÅÐãªé§Ò¹ Computer Network Lab ©ºÑºãªé§Ò¹¨ÃÔ§ by Chakchai So-In et al., 2015.
3.Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, 2011.
4.CCNA Security Course Booklet Version 1.1 by Cisco Systems, 2012.
5. Cryptography and Network Security: Principles and Practice by William Stallings, 2010
6. Network Security: Private Communication in a Public World by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2002
7. Law (ICT) Thailand

(Optional) Supplementary
1. Master in Security 2nd edition (Thai) by Jatuchai Pangjun, 2010
2. ºÃÔËÒÃ¨Ñ´¡ÒÃ Networking ´éÇÂ Windows 7 by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
3. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 1 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
4. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 2 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
5. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 3 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
6. µÔ´µÑé§ÃÐººà¤Ã×Í¢èÒÂ Linux Server ÀÒ¤»¯ÔºÑµÔ by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
7. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
8. Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2015
9. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
10. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
11. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 1996
12. Network Security Essentials: Applications and Standards by William Stalling, 2010
13. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
14. Network Security Architectures by Sean Convery, 2010
15. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

Other good books are
Slides from Prof. Raj Jain, Network Security Slides
Most importantly, please READ all Computer and Network Security Wiki related topics.
Network Programming (Bee)
UNIX Tutorial for Beginners Tutorial@virginia.edu

Final Project

Example Project I (Class in 2014)

Example Android APP on Market

Click

Example Project I (Class in 2013)

Example Android APP on Market

Click

Example Project I (Class in 2012)

Example Android APP on Market

Click

Example Project I (Class in 2011)

Example Android APP on Market

Click

News

04/08/2015: Homework0 is available here
04/08/2015: Download Homework/Lab cover letter here
04/08/2015: Lecture #1 is available.
04/08/2015: Web site created.

Lecture Schedule: Tentative Subject to Change)

Class	Day	Date	Topic
1	Tuesday	11/08/2015	Course Overview
2	Tuesday	18/08/2015	Need for Security
3	Tuesday	25/08/2015	Risk Analysis
4	Tuesday	01/09/2015	Basic Encryption Techniques
5	Tuesday	08/09/2015	Project Topic Selection Proposal + Encoragement1 + Encoragement2 + Encoragement3
6	Tuesday	15/09/2015	Application Security
7	Tuesday	22/09/2015	Malicious Software + IDS/IPS
8	Tuesday	29/09/2015	Review for Midterm + Security Tool Topic Selection + Dhamma #1 + Dhamma #2 + Dhamma #3
9	Tuesday	06/10/2015	Mid-Term Exam (week 06/10-13/10)
10	Tuesday	13/10/2015	VPN + IPSec
11	Tuesday	20/10/2015	Security Tool Presentation + Firewall
12	Tuesday	27/10/2015	Authentication/Authorization/Accounting + Software/Hardware Security
13	Tuesday	03/11/2015	Block/Stream Ciphers
14	Tuesday	10/11/2015	Public Key Infrastructure
15	Tuesday	17/11/2015	Hashing Techniques + Ethic + Computer Crime + IT Law
16	Tuesday	24/11/2015	Review for Finalterm + Final Project Presentation PPT + Demo + Poster + Video (youtube) + Code/Configuration
17	Tuesday	01/12/2015	Final Exam (week 01/12-08/12)

Note: For Section I; date+1 say Tuesday 01/09 = Wednesday 03/09

Homework/Lab Assignments (Fall 2015 schedule) (Subject to Change)
Four or ten homeworks will be assigned throughout the course. All assignment MUST be turned in as a HARDCOPY (during class or in my mail box). All submission MUST be turned in 7 mins before class. For all reasons, late penalty will be applied. Late homework will be assessed a 30% penalty. No homework will be accepted more than one day late. For EMERGENCY cases, you allow to email me to cs322376@gmail.com including title prefix = "322376_Fall2015_XX:HWY" such that XX is your section number and Y is your homework number.

Homework	Description	Out Date	Due Date
#1	Risk Analysis + Basic Encryption	01/09/2015	15/09/2015
#2	Application Security + Malicious Software + IDS/IPS	15/09/2015	29/09/2015
#3	Symetric Encryption	03/11/2015	17/11/2015
#4	Asymetric Encryption	10/11/2015	24/11/2015

Eight or thirteen lab homeworks (Group 2-3 students) will be assigned throughout the course. All assignment MUST be turned in as a HARDCOPY/SOFTCOPY (during class or in my mail box). All submission MUST be turned in 7 mins before class ends. For all reasons, late penalty will be applied. Late lab homework will be assessed a 30% penalty. For EMERGENCY cases, you allow to email me to cs322376@gmail.com including title prefix = "322376_Fall2015_XX:LabY" such that XX is your section number and Y is your lab homework number.

Note:For homework and lab assignment; you MUST include the cover letter with students' signature OTHERWISE they WILL NOT be graded.

Academic Integrity
Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.

Project - Group of up to 4-6 students (The member is from two lab-groups)

Security Tool
ONLY hands-on security tools on topic of your choice
The final outcome MUST be something VISUAL= Computer/Network/Information/Internet/ Security Tools
There is about 20 mins demo + Document (setting + demo)
Tool Ideas: http://sectools.org/?page=1

Main Project (Project I)
Project Ideas:

Ideas at Stanford.edu

Ideas at Berkeley.edu

Ideas at MIT.edu

Ideas at DotCrime

Ideas at Sunysb.edu

Ideas at Berkeley.edu

Ideas at Udel.edu

Ideas at Fsu.edu

Ideas at Upenn.edu

In this semester, we focus on Mobile and Wireless Network Security including sensor network security; however, we do not limit on these.
Project NSC2011 Examples
Central; Isan; North; South; East; West
Project NSC2012 Examples
Central; Isan; North; South; East; West
Project NSC2013 Examples
Central; Isan; North; South; East; West
Project NSC2015 Examples
Central; Isan; North; South; East; West

Cisco Netrider Contest (Networking Competition)
Netrider 2010; Netrider 2011; Netrider 2012; Netrider 2015
Network Security Contest
Network Security Contest 2010; Network Security Contest 2011; Network Security Contest 2012; Network Security Contest 2013

Lab Homework	Description	Out Date	Due Date
#1	Install Virtual Machine + Windows OS (Chapter 2 + extra)	11/08/2015	18/08/2015
#2	Reset Pass Single Boot + Cracking password + Remote Assistance	18/08/2015	25/08/2015
#3	Install telnet/ssh http/https ftp/secure ftp services + Install Wireshark (Chapter 4)	25/08/2015	01/09/2015
#4	Basic Encryption/Decryption	01/09/2015	08/09/2015
#5	Set up Script + Stenography	08/09/2015	15/09/2015
#6	Shared Files + Windows Security Tools + Netcut	15/09/2015	22/09/2015
#7	Basic networking tools + Port/IP scannning + Personal Firewall (Chapter 5 + extra)	22/09/2015	29/09/2015
#8	Set up Simple IDS	29/09/2015	06/10/2015
#9	Example: Malware and Attacks	13/10/2015	20/10/2015
#10	Set up Windows firewall (2 interfaces) + Web Proxy + Windows NAT	20/10/2015	27/10/2015
#11	IPSec + VPN + Email Security	27/10/2015	03/11/2015
#12	Set up Winredius + Hardware Authen + Syslog Server + Backup	03/11/2015	10/11/2015
#13	Advanced Encryption/Decryption and Hashing	10/11/2015	17/11/2015
#14	ALL lab submissions: Checking + Review Final Lab exam	17/11/2015	24/11/2015
#15	Final Lab Exam	24/11/2015	01/12/2015

Project Milestone	Description	Completion Date
#1	Project Topic Selection Proposal + 15 mins Presentation (what is it)	08/09/2015
#2	Security Tool Topic Selection + 5 mins (what is it)	29/09/2015
#3	Security Tool Presentation + 15 mins Presentation Demo + Document	20/10/2015
#4	Final Project Submission 20 mins Presentation = Poster + PPT + Video (youtube) + Code + Demo	24/11/2015

Note: These are group projects BUT grading individually *write who do what in what%?*

Grading: (tentative)

Mid-Term Exam	25%
Final Exam	25%
Homework + Lab + Quiz + Class participation	20%
Final Lab Exam	10%
Term Project + Security Tool	20% (grading individually)

Note that students are allowed to bring only "ONE" piece of A4 paper in each exam with additional non-memorized calculator
The final exam material will be after the mid-term; however, all related contents will be also covered.
The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
Note: Extra Credits +2.5 to 5% 1st round competition; +5 to 10% Final round competition; Published Paper/NSC/Network Security Contest/CISSP Certification/CCNA or CCIE Security Certification/Imagine Cup/Samart etc. **>1% for taking a network security contest exam

Other related computer and network security research links

CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
CyLab, CMU, http://www.cylab.cmu.edu/
Computer Security Division, NIST, http://csrc.nist.gov/
Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/

Back to Chakchai So-In's Home Page