CS 360 Cybersecurity

Description

This assignment is due 02/29/2024 at 23:45:00

Unformatted Attachment Preview

Northeastern Illinois University
Department of Computer Science
CS 360-1 CYBERSECURITY
Instructor: Manar Mohaisen
Email: [email protected]
Office: CBT 146
Office Hours: Tue 4:30-5:30 pm (in-person), Tue/Thu 9:30-10:30 am (online)
Zoom meeting: https://neiu-edu.zoom.us/j/9627000353
Spring 2024
Thursday
7:05-9:45 pm
LWH 2094
Course Description: The basic concepts of computer security and the mechanisms at the heart of a computer
system are presented. Topics covered include privacy and personal information, computer crime, legal and ethical
issues in computer security, identification and authentication, cryptography, operating system security, network
security, Internet security, and database security.
Prerequisites: CS308 or CS-207 with a minimum grade of C
Course objectives: The objectives for this course are divided into three categories: Fundamentals of
cybersecurity, implementation of cybersecurity algorithms and attacks using python, and an introduction to Linux
for cybersecurity.
Course outcomes: By the end of this course, students will:
•
•
•
•
•
•
•
•
•
Describe basic security design principles.
Understand the TCP/IP model, fundamental network protocols, and network design components.
Understand basic network attacks.
Acquire basic concepts of network perimeter security.
Understand the fundamentals of browser and software security.
Understand essential cryptographic concepts and algorithms.
Understand basic Linux commands and creating and running virtual security labs.
Learn the fundamentals of Python programming language.
Develop basic security concepts using Python.
Recommended Textbooks:
•
•
•
•
•
M. Goodrich and R. Tamassia, Introduction to Computer Security. Pearson, 2011.
W. Stallings and L. Brown, Computer Security: Principles and Practice, third edition. Pearson, 2015.
C. Easttom, Computer Security Fundamentals, fourth edition. Pearson, 2020.
D. L. Prowse, CompTIA Security+ SY0-501, academic edition. Pearson, 2018.
L. Ramalho, Fluent Python: Clear, Concise, and Effective Programming. O’Reilly Media, 2015.
Further Readings:
•
•
C. Hosmer, Python Forensics: A Workbench for Inventing and Sharing Digital Forensic Technology.
Syngress, 2014.
TJ O’Connor, Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers, and
Security Engineers. Syngress, 2013.
Northeastern Illinois University
Department of Computer Science
•
•
Y. Diogenes and E. Ozkaya, Cybersecurity- Attack and Defense Strategies: Infrastructure Security with
Red and Blue Team Tactics. Packt, 2018.
J. Grus, Data Science from Scratch: First Principles with Python, second edition. O’Reilly, 2019.
Class webpage:
•
D2L: https://neiu.desire2learn.com/
Tentative Brief Content:
•
•
•
•
•
•
•
•
•
•
•
Module 1: Introduction to Cybersecurity
Module 2: Computers, Networks, and Internet Fundamentals
Module 3: Networking and Internet Protocols
Module 4: Network Security and Threats
Module 5: Network Perimeter Security
Module 6: Computer Systems Security
Module 7: Introduction to Cryptography
Module 8: Internet Security
Module 9: Application Security
Module 10: Risk Management
Module 11: Penetration Testing
Tentative List of In-class Labs:
1. Creating a network of virtual machines
2. Discovering security search engines (spyse.com, exploit-db.com, dnsdumpster.com, shodan.io,
privacyrights.org/data-breaches)
3. Discovering your machines (Windows: whoami, systeminfo, getmac, ipconfig /options, nslookup.
Linux: whoami, lsb_release, uname, ip /options, ifconfig /options, nslookup)
4. Kali Linux Security (manage users, groups, and credentials)
5. Networking commands (ping, arp -options, wget, whois, tcpdump, ngrep, ipconfig /release and /renew,
tshark)
6. Python packets: Subnetting (ipaddress) | DNS resolver (dns.resolver) | Introduction to Scapy module
(stacking layers, packet sniffing, ARP scanner, IPSec)
7. Windows and Linux firewalls
8. Basic Static malware analysis (Windows portable executable (PE) format analysis, examining malware
images and strings)
9. Basic Malware disassembly
10. Basics of dynamic malware analysis
11. Windows and Linux hashing tools
12. Python hashing libraries and hashing large files
13. Openssh (secure shell protocol), telnet, wget, netcat
14. Create SQL database in Python and grant, revoke, and delegate permissions
Northeastern Illinois University
Department of Computer Science
15. Snort intrusion detection and prevention system (IDS/IPS)
* To be able to work on the labs, you should
1. Create 3 virtual machines: two Kali and one Windows virtual machine. Install the required tools and
frameworks on the virtual machines. These tools and frameworks will be specified for each lab.
1. Install Anacoda for Python 3.x: https://www.anaconda.com/
2. Install an IDE of your preference. I strongly recommend using VS Code:
https://code.visualstudio.com/download
3. Install Python packages used in each lab.
Tentative Course Schedule:
Week 1: Introduction to Cybersecurity
Topics: Definitions and fundamental concepts (assets, security measures, threats, adversaries,
…) | The CIA triad (confidentiality, integrity, and availability) | The AAA model
(authentication, authorization, and accountability) | The ten security concepts | Defense in
depth model | Control Types (managerial controls, operational controls, technical control) |
Access control (Identification, authentication, authorization, role-based, rule-based, attributebased, group-based access control) | Windows and Linux permissions
Week 2: Computers, Networks, and Internet Fundamentals
Topics: Computer organization (memory and storage devices, CPU, communication devices,
operation systems, kernel) | TCP/IP model (layers and protocols) | Network design elements
(hub, repeater, bridge, switch, router, firewall) | Protocols and addressing (ethernet, IPv4, IPv6,
MAC address)
Week 3: Networking and Internet Protocols
Topics: Types of networks (LAN, MAN, WAN) | subnetting and CIDR | virtual LAN
(VLAN) | demilitarized zone (DMZ) | inbound and outbound ports | sockets | protocols (ARP,
NAT, ICMP, TCP, UDP, DHCP) | Domain name system and DNS protocol.
Week 4: Network Security and Threats
Topics: Layer 2 attacks (MAC spoofing, MAC flooding, ARP spoofing) | Layer 3 attacks
(packet sniffing, IP spoofing) | Layer 4 attacks (TCP sequence prediction, blind injection, TCP
complete session hijacking) | Layer 7 attacks (DNS pharming and phishing, DNS cache
poisoning) | DoS attacks (ping flood, smurf attack, fraggle, SYN flood, fork bomb, distributed
DoS)
Week 5: Network Perimeter Security
Northeastern Illinois University
Department of Computer Science
Topics: Firewalls | proxy firewalls | proxy servers | anonymizing proxies | demilitarized zones
(DMZ) | Virtual private network (VPN) | intrusion detection systems (IDS) | intrusion prevention
systems (IPS)
Week 6, 7: Computer Systems Security
Topics: Buffer overflow | Insider attacks (backdoors, logic bombs, defenses) | Computer
viruses (execution phases, program virus, macro virus, boot sector virus, encrypted viruses,
polymorphic viruses, metamorphic viruses) | Trojan horses | Computer worms | Rootkits |
Zero-day attacks | Botnets | Privacy-invasive software (adware, spyware)
Week 9: Midterm (in-class)
Week 8, 10: Introduction to Cryptography
Topics: Cryptographic concepts (classical encryption) | Symmetric cryptosystems (ideal block
cipher, Claude Shannon’s diffusion, and confusion concepts, Feistel network, DES, 3DES, AES) |
Public-key cryptosystems (RSA algorithm, Diffie-Hellman key exchange) | Cryptographic
hash functions (properties and security requirements, applications, examples of simple hash
functions, secure hash algorithm)
Week 11: Internet Security
Topics: The World Wide Web (HTTP, HTTPS, HTML, dynamic content, sessions, cookies) |
Attacks on clients (HTTP session hijacking, phishing, privacy attacks, cross-site scripting,
defenses) | Attacks on servers (remote-file inclusion & local-file inclusion, defenses)
Week 12: Application Security
Topics: Database security (Relational databases, SQL, the two-phase commit protocol, SQLbased access definitions, inference attacks, and defenses) | Email security (simple mail transfer
protocol (SMTP), email encryption and authentication, spam email)
Week 13: Risk Management
Topics: Definitions & Concepts | Security controls | Risk assessment | Business impact analysis |
Data security and data protection | Personal risk and policies | Third-party risk and policies.
Week 14, 15: Penetration Testing
Topics: Introduction (penetration testing, penetration testing methodology, MITRE ATT&CK,
Kali Linux vs Parrot Security) | Introduction to Kali Linux: CLI commands (ls, cd, man, date,
timedatectl, whoami, w, hostname, pwd, uname, which, df, lsblk, ps, top, kill, wget, more, tail,
sort, cewl, wc, zip, unzip, tar, find, locate, sudo, su, reboot, shutdown, text editors vi/nano/gedit,
alias, env, history, chaining operators — &, ;, &&, ||, !, | –, echo, cat, output directions — >, >>, < --, mkdir, rm, shred, file, touch, diff, comm, grep, cut, awk), Filesystem Hierarchy Standard (FHS), Linux important files | Package management (apt update/list --upgradable/upgrade/full- Northeastern Illinois University Department of Computer Science upgrade/install/reinstall/remove/purge/search, apt-cache search/show, dpkg) | Linux security (useradd, groupadd, usermod, userdel, passwd, su, id, /etc/passwd, /etc/shadow, /etc/group) | Services and service management (systemctl start/status/stop/enable, service, ssh, apache2, ufw, netcat) | network sniffing (Wireshark, tcpdump, tshark, network miner) | Passive information gathering (recon-ng, whatweb, sublist3r, maltego framework, dnsenum, host, dnsmap, fierce, nmap, nmap scripting engine (NSE), zenmap) | Vulnerability scanning (Nessus framework) | more ... Week 16: Final exam (online) Homework: An assignment will lose 50 percentage points per 24-hour late period. Unless you have received permission from the instructor due to reasonable circumstances, no late submissions will be allowed after one week from an assignment’s deadline. We will have 6 assignments in total. Exams: Exams are open-book (only textbooks and slides). The exams will not include any programming or Linux components and will only address the cybersecurity concepts covered in this course. Lab Submission: You will be requested to submit a report on 6 labs. The report should consist of a nontechnical summary of about 150 words, followed by a technical summary of the lab. The report should consist of at least four (4) pages, with a font size of no larger than 12 and a line spacing of 1.15 points. Grading policy: Your course’s grade will be the weighted average of the following. Category Exams Homework & Labs Attendance, Participation & Integrity Weight 42% 48% 10% Percentage [90, 100[ [80, 90[ [70, 80[ [60, 70[ [0, 60[ Grade A B C D F Available resources: • • • Office hours: Office hours will be held via Zoom and in person. Appointments: You can always ask for a one-on-one meeting if the regular office hours overlap with your other classes or your work schedule or if you need more time to discuss the material with the instructor. E-mail: You can ask as many questions as you wish through email. I will reply within 48 hours from the time I receive your email. I may offer you a one-on-one meeting to discuss your questions if necessary. Course General Policies AI Policy: ChatGPT, Bard, or any similar model is strictly prohibited during the completion of homework assignments and examinations for this course. These assessments are designed to evaluate individual understanding, critical thinking skills, and the application of course concepts. External assistance undermines these evaluations' purpose and compromises the learning process's integrity. Students must depend on their own knowledge, skills, and efforts to demonstrate their understanding of the course material. Students' commitment to upholding the principles of academic integrity is essential for the fair evaluation and successful learning Northeastern Illinois University Department of Computer Science experience of all participants in this course. Violating any element of this policy will be considered plagiarism and will be addressed accordingly. Phone, Tablet, and Laptop Use Policy: • • • • These devices should be used for educational purposes only, including taking notes and checking course materials. Avoid using any of these devices for texting, making or receiving calls, or visiting social media websites during the class. In case of an emergency and you deem it urgent to receive a call or respond to a message, you can leave the classroom for a brief period to do so. Any violations will result in loss of “attendance, participation & integrity” points. Attendance: Attendance is mandatory. Plagiarism: The first plagiarism occurrence will mean an F for the submitted work. The second occurrence will mean an F in the course. Academic Integrity Policy: By enrolling in this course, you are bound by the NEIU Student Code of Conduct: http://www.neiu.edu/university-life/student-rights-and-responsibilities/student-code-conduct. You will be informed by your instructor of any additional policy specific to your course regarding plagiarism, class disruptions, etc. ADA Statement: Northeastern Illinois University (NEIU) complies with the Americans with Disabilities Act (ADA) in making reasonable accommodations for qualified students with disabilities. To request accommodations, students with special needs should make arrangements with the Student Disability Services (SDS) office, located on the main campus in room D104. Contact SDS via (773) 442-4595 or http://www.neiu.edu/university-life/student-disability-services. Campus Safety: Emergency procedures and safety information can be found at neiu.edu/police. Download the CampusShield app on Google Play or the App Store for enhanced public safety services, including emergency text notifications via Northeastern’s N-Safe system. Purchase answer to see full attachment