ISA 674 Intrusion Detection

Fall 2008

 

Time and Place: Wednesday 4:30~7:10pm at Innovation Hall, Room 317

Instructor: Dr. Xinyuan (Frank) Wang

Office: Room 341 S&T II

Office phone: (703) 993-9461

Office hours: Wednesday 3:30~4:30PM or by appointment

Email: xwangc at gmu dot edu

 

Teaching Assistant: Nour Aulabi

Office hours: Monday, Tuesday 7:00~8:00PM at ST-II Room 330

Email: naulabi@gmu.edu

 

Course Description

The objective of this course is to provide an in depth introduction to the science and art of intrusion detection. The course consists of lectures and a series of interactive research oriented seminars. Topics covered include: overview of intrusions, history and state of the art of intrusion detection, the principles and techniques of intrusion detection, the limitations and open problems of intrusion detection, countermeasures against intrusion detection, case study of representative techniques used in intrusion detection systems, forensics, virus and worm defense. In addtion to the principles and techniques of intrusion detection, the course will have suibstantial hands-on components.

Course Outcomes

  • An comprehensive understanding on the subject of intrusion detection
  • A knowledge of the state of the art of intrusion detection research
  • A detailed understanding on how intrusion happens
  • A deep understanding on the principles and techniques used in intrusion detection, as well as the technical challenges and fundamental limitations of intrusion detection
  • Preparation to become either a capable practitioner or independent researcher in intrusion detection

Course Prerequisite

ISA 562, ISA 656, or permission by instructor.

The students are expected to have good understanding on operating system internals (e.g. system call internals, run-time memory organization, assembly language of x86). Proficiency in C programming is essential in order to be successful in the course homework and projects.

Textbook and Readings

There is NO textbook for this course. The course is in form of seminars, and it is based on current research papers!

Reading List (click to see)

Class Schedule (click to see)

Class schedule is tentative and subject to change. Please check frequently.

Grading

There will be one midterm exam, 3~4 home work assignments, and a final term project/presentation

The grade consists of

·       Homework 30%

·       Midterm exam 30%

·       Class Discussion Participation 10%

·       Term paper/presentation  30%

The final grade is based on the curve of the raw scores. How many will get A or B (or even C...) depends on the overall performance of all students. Usually the top 30% of the class will get at lease A-, the average grade of the whole class will normally be somewhere between A- and B+. However, it is possible for every student to get A if the performance of the whole class is exceptionally well.

Academic Integrity

All students are required to follow all university, school and department policies regarding academic integrity. Violator of the Honor Code will result in a grade of F for the course, as well as any penalties imposed by the university and/or the CS department.

Disability Statement

If you have a documented learning disability or other condition that may affect academic performance you should: 1) make sure this documentation is on file with the Office of Disability Services (SUB I, Rm. 222; 703-993-2474; www.gmu.edu/student/drc) to determine the accommodations you need; and 2) talk with me to discuss your accommodation needs. All academic accommodations must be arranged through the ODS.