Computer Security Architectures
CS 795 – Special Topics and IT 803
Instructor: Arun Sood
Thursday 4:30 pm
to 7:10 pm
IN 136
Most current Computer Security Architectures adopt reactive approaches that require examination of packets. Recently, other techniques have been developed – one such approach has been developed at GMU. The focus of this course is on a study of alternate security architectures. We will explore how these can be combined in a layered defense and factors that affect the selection of the architectures. The course will require active student participation, and we will be reviewing recent papers and reports.
Topics List:
Student interest is expected to have an impact on the topics covered. I provide below a list of potential topics as a guidance.
Reactive approaches:
· Intrusion detection
· Intrusion prevention
· Firewalls
Non-reactive approaches
· Intrusion tolerance
· White listing
· Black listing
Related issues and techniques
· Vulnerabilities
· Software rejuvenation
· Applied cryptography – key management
Economic analysis
· Public access to loss reporting is limited. One area that economic analysis has been applied is patch management.
Special services and servers
· DNS and DNSSEC
· Web servers and Ecommerce
· NTP (SNTP), SMTP, etc
Lecture Strategy:
The instructor will give introductory lectures and discuss his research results – two websites below provide a link to his work. In addition, we plan to organize guest lectures. This course will require active student participation. Students will review the assigned papers and make presentations in class.
Grade:
This special topics course will involve extensive instructor student interaction. The goal is to help each student to produce a paper written in IEEE or ACM conference proceeding style. Student group work will be encouraged, but each student must be able to defend an independent paper and presentation.
Student grade will be based on class presentations, class participation, papers and reports.
Relevant websites:
http://cs.gmu.edu/~asood/scit Provides links to several papers on Self Cleansing Intrusion Tolerance. Pointers to on-line pubs and media reports about SCIT are also included.
http://cs.gmu.edu/~lics/icc/GFIRST-BOF-DNS.htm Collection of papers relevant to DNS server protection.
Additional references will be added later.