ISA 674 Intrusion Detection

Fall 2011


Time and Place: Wednesday 4:30~7:10pm at Innovation Hall, Room 134

Instructor: Dr. Xinyuan (Frank) Wang

Office: Room 5331, Engineergin Building

Office phone: (703) 993-9461

Office hours: Wednesday 3:00~4:20PM or by appointment

Email: xwangc at gmu dot edu


Teaching Assistant: Ajay Nagarajan

Office hours: TBD, Engineering Building, Room 4456


Course Description

The objective of this course is to provide an in depth introduction to the science and art of intrusion detection. The course consists of lectures and a series of interactive research oriented seminars. Topics covered include: overview of intrusions, history and state of the art of intrusion detection, the principles and techniques of intrusion detection, the limitations and open problems of intrusion detection, countermeasures against intrusion detection, case study of representative techniques used in intrusion detection systems, forensics, virus and worm defense. In addtion to the principles and techniques of intrusion detection, the course will have suibstantial hands-on components.

Course Outcomes

Course Prerequisite

ISA 562, ISA 656, or permission by instructor.

The students are expected to have good understanding on operating system internals (e.g. system call internals, run-time memory organization, assembly language of x86). Proficiency in C programming is essential in order to be successful in the course homework and projects.

Textbook and Readings

There is NO textbook for this course. The course is in form of seminars, and it is based on current research papers!

Reading List (click to see)

Class Schedule (click to see)

Class schedule is tentative and subject to change. Please check frequently.


There will be one midterm exam, 3~4 home work assignments, and a final term project/presentation

The grade consists of

·       Homework 30%

·       Midterm exam 30%

·       Class Discussion Participation 10%

·       Term paper/presentation  30%

The final grade is based on the curve of the raw scores. How many will get A or B (or even C...) depends on the overall performance of all students. Usually the top 30% of the class will get at lease A-, the average grade of the whole class will normally be somewhere between A- and B+. However, it is possible for every student to get A if the performance of the whole class is exceptionally well.

Academic Integrity

All students are required to follow all university, school and department policies regarding academic integrity. Violator of the Honor Code will result in a grade of F for the course, as well as any penalties imposed by the university and/or the CS department.

