322 376: Information and Communication Technology Security (Spring 2013)


Course Description:
Introduction to computer security and information and communication technology, encryption techniques, introduction to number theory, public key algorithm, key management, hash function, digital signature and authentication protocol, electronic mail security, Internet Protocol (IP) security (IPsec), web security, virus, worm, firewall, information technology security management, computer security law.

Prerequisite: Basic Knowledge of Computer Network; Operating System; Computer Architecture; Database

Instructor: Chakchai So-In, Ph.D., chakso AT kku.ac.th
Office: SC 6706
Office Hours: Monday 05.00pm to 06.30pm (after class) (or email me for appointment)
Class homepage: http://web.kku.ac.th/chakso/322376_Spring13/
CNAP CCNA Security material: Cisco Network Academy CCNA Security
Teaching Assistant:
  • Kanokmon Rujirakul ace_kamikaze AT hotmail.com , Sunday 5.00pm to 06.00pm @ANT Lab
  • Sarayut Poolsanguan tktschool AT hotmail.com, Thursday 05.00pm to 06.00pm @ANT Lab
  • Chatchai Poonriboon kengtaykung AT gmail.com, Friday 05.00pm to 06.00pm @ANT Lab
  • Comdet Phaudphut listzone AT hotmail.com, Saturdayday 05.00pm to 06.00pm @ANT Lab

    • Location:
    Section I+II: - the class meets on Wednesday at room SC8504 from 01.00pm to 03.00pm for lecture.
    - Labs: at room 6204C from 10.00am to 12.00pm (Sec I); from 05.00pm to 07.00pm (Sec II)
    Section III+IV:- the class meets on Tuesday at room SC8103 from 01.00pm to 03.00pm for lecture.
    - Labs: at room 6204C from 03.00pm to 05.00pm (Sec III); from 05.00pm to 07.00pm (Sec IV)
    Facebook Group: Facebook Group
    Class Email: cs322376 AT gmail.com
    Textbook
    The main textbooks for the course are
    1.Computer and Network Security (Thai Edition) by Chakchai So-In, 2011-2013.
    2.Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, 2011.
    3.CCNA Security Course Booklet Version 1.1 by Cisco Systems, 2012.
    4. Cryptography and Network Security: Principles and Practice by William Stallings, 2010
    5. Network Security: Private Communication in a Public World by Charlie Kaufman, Radia Perlman, and Mike Specimner, 2002
    6. Law (ICT) Thailand

    (Optional) Supplementary
    1. Master in Security 2nd edition (Thai) by Jatuchai Pangjun, 2010
    2. ºÃÔËÒèѴ¡Òà Networking ´éÇ Windows 7 by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇѲ¹ì, 2012
    3. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 1 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
    4. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 2 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
    5. ¤ÑÁÀÕÃì Ubuntu Linux Server àÅèÁ 3 by ºÑ³±Ôµ ¨ÒÁÃÀÙµÔ, 2012
    6. µÔ´µÑé§Ãкºà¤Ã×Í¢èÒ Linux Server ÀÒ¤»¯ÔºÑµÔ by ¾ÔÈÒÅ ¾Ô·ÂÒ¸ØÃÇÔÇѲ¹ì, 2012
    7. Network and Computer Security Specialist #1, #2, #3 (Thai) by Minister of ICT, Thailand
    8.     Hands-on Ethical Hacking and Network Defense by Michael T. Simpson, Kent Backman, and James E. Corley, 2013
    9. CEH Certified Ethical Hacker All-in-One Exam Guide by Matt Walker, 2011
    10. CEH Certified Ethical Hacker Study Guide by Kimberly Graves, 2010
    11. Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Scheier, 1996
    12. Network Security Essentials: Applications and Standards by William Stalling, 2010
    13. Hacking Exposed: Network Security Secrets and Solutions by Stuart McClure, Joel Scambray, and George Kurtz, 2009
    14. Network Security Architectures by Sean Convery, 2010
    15. CISSP Certified Information Systems Security Professional STUDY GUIDE by SYBEX, 2010

    Other good books are
    Slides from Prof. Raj Jain, Network Security Slides
    Most importantly, please READ all Computer and Network Security Wiki related topics.
    Network Programming (Bee)
    UNIX Tutorial for Beginners Tutorial@virginia.edu

    Final Project

    Example Project I (Class in 2012)

    Example Mini Lab Project (Class in 2012)

    Example Project I (Class in 2011)
    News
    Lecture Schedule: Tentative Subject to Change)
    ClassDayDateTopic
    1Tuesday06/04/2013Course Overview + Need for Security
    2Tuesday06/11/2013Risk Analysis
    3Tuesday06/18/2013(Cont.)
    4Tuesday06/25/2013Basic Encryption Techniques
    5Tuesday07/02/2013Project Topic Selection + Encoragement1 + Encoragement2 + Encoragement3
    6Tuesday07/09/2013Malicius Software + IDS/IPS
    7Tuesday07/16/2013Application Security
    8Tuesday07/23/2013Review for Midterm + Dhamma #1 + Dhamma #2 + Dhamma #3
    9Tuesday07/30/2013Mid-Term Exam (week 07/29-08/02)
    10Tuesday08/06/2013Proposal Project Presentation + VPN + IPSec
    11Tuesday08/13/2013Firewall
    12Tuesday08/20/2013Authentication/Authorization/Accounting + Software/Hardware Security
    13Tuesday08/27/2013Block/Stream Ciphers
    14Tuesday09/03/2013Public Key Infrastructure
    15Tuesday09/10/2013Hashing Techniques
    16Tuesday09/17/2013Review for Finalterm + Final Project Presentation + Demo + Poster + Report + Code
    17Tuesday09/24/2013Final Exam (week 09/23-09/30)

    Note: For Section I; date+1 say Tuesday 06/04 = Wednesday 06/05
    Homework/Lab Assignments (Spring 2013 schedule) (Subject to Change)
    Four or ten homeworks will be assigned throughout the course. All assignment MUST be turned in as a HARDCOPY (during class or in my mail box). All submission MUST be turned in 7 mins before class. For all reasons, late penalty will be applied. Late homework will be assessed a 30% penalty. No homework will be accepted more than one day late. For EMERGENCY cases, you allow to email me to cs322376@gmail.com including title prefix = "322376_Spring2013_XX:HWY" such that XX is your section number and Y is your homework number.

    HomeworkDescriptionOut DateDue Date
    #1Risk Analysis + Basic Encryption06/18/201307/02/2013
    #2Application Security + Malicious Software + IDS/IPS07/02/201307/16/2013
    #3Symetric Encryption08/27/201309/10/2013
    #4Asymetric Encryption09/10/201309/17/2013

    Eight or ten lab homeworks (Group 5-8 students) will be assigned throughout the course. All assignment MUST be turned in as a HARDCOPY/SOFTCOPY (during class or in my mail box). All submission MUST be turned in 7 mins before class ends. For all reasons, late penalty will be applied. Late lab homework will be assessed a 30% penalty. For EMERGENCY cases, you allow to email me to cs322376@gmail.com including title prefix = "322376_Spring2013_XX:LabY" such that XX is your section number and Y is your lab homework number.

    Lab HomeworkDescriptionOut DateDue Date
    #1Install VMware/Virtual Box + Install USB book disk + Install Ubuntu + WindowXP Pro. (dual Boots)06/04/201306/11/2013
    #2Reset Pass Single Boot + Cracking password (john and ripper + L0phtCrack) + Reset Pass Cisco router + use netstat, ipconfig, ifconfig, route, whois, nslookup, tracert, etc.06/18/201306/25/2013
    #3Install telnet/ssh http/https ftp/secure ftp services + Install Wireshark + Scan telnet/ssh http/https ftp/secure ftp services07/02/201307/09/2013
    #4Install TCPDump + port/ip scannning (nmap + superscan + tcptrace)07/16/201307/23/2013
    #5Set up simple access-list (PTracer) + Set up firewall + ipchain (2 interfaces)08/06/201308/13/2013
    #6Set up Simple IDS (window snort or window IDS) + IPsec + GRE (PTracer)08/20/201308/27/2013
    #7Set up Winredius + Cisco Authen (Hardware) + Simple user/pass + Set up syslog server09/03/201309/17/2013
    #8Submission of All Lab Report + Final Lab Exa09/24/201309/24/2013
    Note:For homework and lab assignment; you MUST include the cover letter with students' signature OTHERWISE they WILL NOT be graded.
    Academic Integrity
    Students at Khon Khan University are engaged in the first step for their professional career with the highest standards. Please follow the academic integrity guideline at Cheating and Plagiarism [@CMU]. All these rules are enforced for the entire course.
    Project - Group of up to 5-6 students (You MUST include some students from STAT)

    Main Project (Project I)
    Project Ideas:
  • Ideas at Stanford.edu
  • Ideas at Berkeley.edu
  • Ideas at MIT.edu
  • Ideas at DotCrime
  • Ideas at Sunysb.edu
  • Ideas at Berkeley.edu
  • Ideas at Udel.edu
  • Ideas at Fsu.edu
  • Ideas at Upenn.edu


    • In this semester, we focus on Mobile and Wireless Network Security including sensor network security; however, we do not limit on these.
    Project NSC2011 Examples
    Central; Isan; North; South; East; West
    Project NSC2012 Examples
    Central; Isan; North; South; East; West
    Project NSC2013 Examples
    Central; Isan; North; South; East; West

    Cisco Netrider Contest (Networking Competition)
    Netrider 2010; Netrider 2011; Netrider 2012; Netrider 2013
    Network Security Contest
    Network Security Contest 2010; Network Security Contest 2011; Network Security Contest 2012; Network Security Contest 2013

    Project Milestone

    Description

    Completion Date

    #1Project Topic Selection + 15 mins Presentation (what is it)07/02/2013
    #2Proposal Submission + 20 mins Presentation (story board - theory/objective/limitation/use case/activity diagram/..etc.) Click here for detail (page 33 BUT at least 15 pages - Check also Senior Project Guideline here page 18-19) Download Project Presentation Review Form here 07/16/2013
    #3Final Project Submission Click here for detail (page 36)+30 mins Presentation/Demo09/17/2013

    Note: These are group projects BUT grading individually *write who do what in what%?*
    Grading: (tentative)
    Mid-Term Exam25%
    Final Exam25%
    Homework + Lab + Quiz + Class participation20%
    Final Lab Exam10%
    Term Project20% (grading individually)
    Bonus CCNA Security Final Exam5%

    Note that students are allowed to bring only "ONE" piece of A4 paper in each exam with additional non-memorized calculator
    The final exam material will be after the mid-term; however, all related contents will be also covered.
    The exam includes 1. True/False (+1, -1, and 0), 2. Numerical and Analysis, and 3. Fill in the blank.
    The final grade will be curved based on the overall performance of the whole class (probablistic clear cut-off point).
    Note: Extra Credits +2.5 to 5% 1st round competition; +5 to 10% Final round competition; Published Paper/NSC/Network Security Contest/CISSP Certification/CCNA or CCIE Security Certification/Imagine Cup/Samart etc. **>1% for taking a network security contest exam

    Other related computer and network security research links
    1. CCSS Center for Computer Systems Security, University of Southern California, http://ccss.usc.edu/
    2. UW CSE Systems, Networking, and Security Research, University of Washington, http://www.cs.washington.edu/research/systems.intro.html
    3. Cyber Security, Virginia Tech, http://www.cyber.vt.edu/research
    4. The Computer Security Group, UCSB, http://seclab.cs.ucsb.edu/
    5. Security Research Lab, UC Berkeley, http://security.cs.berkeley.edu/
    6. IBM Security and Privacy, IBM, http://researcher.ibm.com/view_project.php?id=151
    7. CyLab, CMU, http://www.cylab.cmu.edu/
    8. Computer Security Division, NIST, http://csrc.nist.gov/
    9. Networking and Security Research Center, PSU, http://nsrc.cse.psu.edu/
    10. Security Group @CA, University of Cambridge, http://www.cl.cam.ac.uk/research/security/
    11. Stanford Security Laboratory, Stanford University, http://seclab.stanford.edu/
    12. Network Operations and Internet Security Lab, GATECH (Prof. Nick Feamster), http://www.gtnoise.net/
    13. Illinois Security Lab, UIUC (Dr. Carl A. Gunter), http://seclab.illinois.edu/
    14. Systems and Internet Infrastructure Security (SIIS), PSU, http://siis.cse.psu.edu/
    15. Network Security Lab, Columbia University, http://nsl.cs.columbia.edu/
    16. CENTER FOR INFORMATION AND COMPUTATION SECURITY (CICS), UCLA, http://www.cs.ucla.edu/security/
    17. Center for Wireless Information Network Studies, WPI (Prof. Kaveh Pahlavan), http://www.cwins.wpi.edu/
    18. Maryland Cybersecurity Center, UMD, http://www.cyber.umd.edu/faculty/index.html
    19. Center for Research on Computation and Society (CRCS), Harvard, http://crcs.seas.harvard.edu/
    20. Systems and networking group, UCSD, http://sysnet.sysnet.ucsd.edu/sysnet/
    21. Information Security Research Group, UCL, http://sec.cs.ucl.ac.uk/
    22. Center for Information Assurance and Security, UTexas, http://www.cias.utexas.edu/index.htm
    23. Johns Hopkins University Information Security Institute (JHUISI), JHU, http://web.jhu.edu/jhuisi/
    24. University of Oregon Network Security Research Lab, University of Oregon, http://netsec.cs.uoregon.edu/
    Back to Chakchai So-In's Home Page