322 376: Information and Communication Technology Security (Fall 2017)

Course Description:
Introduction to computer security and information and communication technology, encryption techniques, introduction to number theory, public key algorithm, key management, hash function, digital signature and authentication protocol, electronic mail security, Internet Protocol (IP) security (IPsec), web security, virus, worm, firewall, information technology security management, computer security law.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor: Chakchai So-In, Ph.D., chakso AT kku.ac.th
Office: SC 6706
Office Hours: Monday 03.00pm to 04.00pm/ Tuesday 09.00am to 10.00am (or email me for appointment)
Class homepage: http://csperson.kku.ac.th/chakchai/322376_Fall17/
CNAP CCNA Security material: Cisco Network Academy CCNA Security
Netacad: Cisco Netacad
Teaching Assistant:

Phet Aimtongkham phet AT phet.in.th, Sunday 05.00pm to 06.00pm @ANT Lab level 2

Comdet Phaudphut listzone AT hotmail.com, Sunday 05.00pm to 06.00pm @ANT Lab level 2

Location:
Section I+II: - the class meets on Wednesday at room SC8305 from 01.00pm to 03.00pm for lecture.
- Labs: on Wednesday at room 6204C from 03.00pm to 05.00pm (Sec I)
- Labs: on Wednesday at room 6204C from 05.00pm to 07.00pm (Sec II)
Section III+IV:- the class meets on Tuesday at room SC8405 from 01.00pm to 03.00pm for lecture.
- Labs: on Tuesday at room 6204C from 03.00pm to 05.00pm (Sec III)
- Labs: on Tuesday at room 6204C from 05.00pm to 07.00pm (Sec IV)
Facebook Group: Facebook Group
Class Email: cs322376 AT gmail.com

Textbook
The main textbooks for the course are
1.Computer and Network Security (Thai Edition) by Chakchai So-In, 2011-2017.
2.¤ÙèÁ×ÍàÃÕÂ¹áÅÐãªé§Ò¹ Network Security Lab ©ºÑºãªé§Ò¹¨ÃÔ§ by Chakchai So-In et al., 2017.

Supplementary
1. ¤ÙèÁ×ÍàÃÕÂ¹áÅÐãªé§Ò¹ Computer Network Lab ©ºÑºãªé§Ò¹¨ÃÔ§ by Chakchai So-In et al., 2017.
2. Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, 2011.
3. CCNA Security Course Booklet Version 1.1 by Cisco Systems, 2012.
4. Cryptography and Network Security: Principles and Practice by William Stallings, 2010
5. Network Security: Private Communication in a Public World by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2002
6. Law (ICT) Thailand

Interesting Computer and Network Security Material
1. Master in Security 3rd edition (Thai) by Jatuchai Pangjun, 2017
2. ºÃÔËÒÃ¨Ñ´¡ÒÃ Networking ´éÇÂ Windows 7 by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
3. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 1 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
4. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 2 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
5. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 3 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
6. µÔ´µÑé§ÃÐººà¤Ã×Í¢èÒÂ Linux Server ÀÒ¤»¯ÔºÑµÔ by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇÑ²¹ì, 2012
7. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
8. Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2017
9. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
10. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
11. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 1996
12. Network Security Essentials: Applications and Standards by William Stalling, 2010
13. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
14. Network Security Architectures by Sean Convery, 2010
15. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

Other good books are
Slides from Prof. Raj Jain, Network Security Slides
Most importantly, please READ all Computer and Network Security Wiki related topics.
Network Programming (Bee)
UNIX Tutorial for Beginners Tutorial@virginia.edu

Example Toos/Testbed (Networking/Security/Mobile and Wireless Technology)
Click Here to see a list of testbed/tools
Project (Testbed) (Class in 2017)

Project (Class in 2015)

Project (Class in 2014)

Example Android APP on Market

Click

Project (Class in 2013)

Example Android APP on Market

Click

Project (Class in 2012)

Example Android APP on Market

Click

Project (Class in 2011)

Example Android APP on Market

Click

News

04/08/2017: Final Exam date = Friday 08/12/2017 at 01.00pm - 04.00pm
04/08/2017: Midterm Exam date = Sunday 24/09/2017 at 01.00pm - 04.00pm
04/08/2017: Download Homework/Lab cover letter here
04/08/2017: Lecture #1 is available.
04/08/2017: Web site created.

Lecture Schedule: (Tentative Subject to Change)

Class	Day	Date	Topic
1	Monday	31/07/2017	Course Overview
2	Monday	07/08/2017	Need for Security
3	Monday	14/08/2017	Risk Analysis
4	Monday	21/08/2017	Basic Encryption Techniques
5	Monday	28/08/2017	Application Security
6	Monday	04/09/2017	(Cont.)
7	Monday	11/09/2017	Malicious Software
8	Monday	18/09/2017	Security Topic Selection Proposal (PPT) + Review for Midterm + Dhamma #1 + Dhamma #2 + Dhamma #3 + Encoragement1 + Encoragement2 + Encoragement3
9	Monday	25/09/2017	Mid-Term Exam (week 25/09-29/09) = Sunday 24/09 at 01.00pm - 04.00pm
10	Monday	02/10/2017	IDS/IPS + VPN + IPSec
11	Monday	09/10/2017	Firewall + Authentication/Authorization/Accounting
12	Monday	16/10/2017	Software/Hardware Security + Block/Stream Ciphers
	Monday	23/10/2017	No class
13	Monday	30/10/2017	Public Key Infrastructure
14	Monday	06/11/2017	(Cont.) + Hashing Techniques
15	Monday	13/11/2017	Ethic + Computer Crime + IT Law
16	Monday	20/11/2017	Review for Finalterm + Final Security Tool/App Presentation PPT + Demo + .Doc + Poster + Video (youtube) + Code/Configuration/Testbed
17	Monday	27/11/2017	Final Exam (week 27/11-18/12) = Friday 08/12 at 01.00pm - 04.00pm

Note: For Section I+II; date+1 say Monday 01/09 = Tuesday 02/09

Homework/LabHW Assignments (Fall 2017 schedule): (Subject to Change)
Ten or eleven homeworks will be assigned (as CCNA security Chapter Online Exam) throughout the course (a whole week). Click here https://www.netacad.com.
Ten or eleven Lab Homeworks will be assigned (at the end of lab chapter) throughout the course (a whole week). Click here https://serazu.com/product/view.html?id=704.
Note: Some of the questions will be used as QUIZ during the lecture.

Submission:
All assignment should be turned via Google Drive = 322376_Fall17. Late lab homework will be assessed a 30% penalty.
Each pair-homework should include title prefix = "GroupID_SubGroupID_ID_HWID" such that ID is your Group/Groupd_SubGroup/HW number.
Each pair-lab should include title prefix = "GroupID_SubGroupID_ID_LabID" such that ID is your Group/Groupd_SubGroup/Lab number.
Each pair-lab homework should include title prefix = "GroupID_SubGroupID_ID_LabHWID" such that ID is your Group/Groupd_SubGroup/Lab number.
Note: For homework and lab assignment; you MUST include the cover letter with students' signature OTHERWISE they WILL NOT be graded.

Lab Schedule: (Tentative Subject to Change)

Lab	Description	Out Date	Due Date
#1	No Class (check equipment)	31/07/2017	07/08/2017
#2	Lab1: Install Virtual Machine + Windows OS + Basic Security (Chapter 1) + User Account Managment + AntiVirus (Chapter 2)	07/08/2017	14/08/2017
#3	Lab2: Shared Files + Netcut + Introduction to Personal Firewall (Chapter 4)	14/08/2017	21/08/2017
#4	Lab3: Basic Encryption/Decryption (Chapter 12)	21/08/2017	28/08/2017
#5	Lab4: Network Service Security (telnet/ftp/www) + Wireshark (Chapter 3)	28/08/2017	04/09/2017
#6	Lab5: Network Managenment Tools (Chapter 5)	04/09/2017	11/09/2017
#7	Lab6: Malwares and Attacks (Chapter 9)	11/09/2017	18/09/2017
#8	Midterm Lab Exam (allow 1 Textbook)	18/09/2017	25/10/2017
#9	Midterm Lecture Exam (allow 1 A4)	25/09/2017	02/10/2017
#10	Lab7: IDS (Chapter 7)	02/10/2017	09/10/2017
#11	Lab8: IPSec + VPN + Email Security (Chapter 6)	09/10/2017	16/10/2017
#12	Lab9: Firewall + Proxy + NAT (Chapter 8)	16/10/2017	23/10/2017
	No Class	23/10/2017	30/10/2017
#13	Lab10: Radius + Syslog Server + Backup (Chapter 10)	30/10/2017	06/11/2017
#14	Lab11: Set up Script + Stenography (Chapter 11)	06/11/2017	13/11/2017
#15	Lab12: Encryption/Decryption + Hashing (Chapter 13)	13/11/2017	20/11/2017
#16	Final Lab Exam (allow 1 Textbook)	20/11/2017	27/11/2017
#17	Final Lecture Exam (allow 1 A4)	27/11/2017	18/12/2017

Academic Integrity
Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.

Security Tools/Apps - Group of 4 up to 6 students
Security Tool
ONLY hands-on security tools on topic of your choice
The final outcome MUST be something VISUAL= Computer/Network/Information/Internet/ Security Tools
There is about 20 mins demo + Document (setting + demo)
Tool Ideas: http://sectools.org/?page=1

Main Project (Project I)
Project Ideas:

Ideas at Stanford.edu

Ideas at Berkeley.edu

Ideas at MIT.edu

Ideas at DotCrime

Ideas at Sunysb.edu

Ideas at Berkeley.edu

Ideas at Udel.edu

Ideas at Fsu.edu

Ideas at Upenn.edu

In this semester, we focus on Mobile and Wireless Network Security including sensor network security; however, we do not limit on these.
Cisco Netrider Contest (Networking Competition)
Network Security Contest
Click Here

Project Milestone	Description	Completion Date
#1	Security Topic Selection Proposal + 10 mins Presentation (topic/list of students + 2 related work + what is it? + example = 5-7 pages)	18/09/2017
#2	Security Topic Tool/App Submission + 20 mins Presentation + .Doc + Poster + PPT + Video (youtube) + Code + Demo	20/11/2017

Note: These are group projects BUT grading individually *write who do what in what%?*

Grading: (tentative)

Mid-Term Exam	20%
Final Exam	25%
Homework + Lab + LabHW + Quiz + Class participation	25% - 30%
Midterm + Final Lab Exams	10% - 15%
Security Tools/App	15% - 20% (grading individually)

Note that students are allowed to bring only "ONE" piece of A4 paper in each exam with additional non-memorized calculator
The final exam material will be after the mid-term; however, all related contents will be also covered.
The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
Note: Extra Credits +2.5 to 5% 1st round competition; +5 to 10% Final round competition; Published Paper/NSC/Network Security Contest/CISSP Certification/CCNA or CCIE Security Certification/Imagine Cup/Samart etc. **>1% for taking a network security contest exam

Other related computer and network security research links

CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
CyLab, CMU, http://www.cylab.cmu.edu/
Computer Security Division, NIST, http://csrc.nist.gov/
Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/

Back to Chakchai So-In's Home Page