Time and Place: Tuesday 4:30~7:10pm at Engineering, Room 5358
Instructor: Arun Sood
Office: Room 5327 Engineering
Office phone: 703.993.1524
Office hours: Tuesday 3:30~4:30PM or by appointment
Email: asood at gmu dot edu
Teaching Assistant: Eunjung Yoon
Office hours:
Email: eyoon2 at gmu dot edu
Course Description
The current computer security architecture rely mainly on prevention and detection techniques. These techniques are reactive and typically require packet inspection. The objective of this course is to provide an introduction to the science and art of intrusion detection. Topics covered include: overview of intrusions, history and state of the art of intrusion detection, the principles and techniques of intrusion detection, the limitations and open problems of intrusion detection, countermeasures against intrusion detection, case study of representative techniques used in intrusion detection systems, forensics, virus and worm defense. We will explore issues related to managing in the presence of an intrusion, and discuss issues related to intrusion tolerance.
Course Outline
ISA 562, ISA 656, or permission by instructor.
The students are expected to have good understanding on operating system internals (e.g. system call internals, run-time memory organization, assembly language of x86). Proficiency in C programming is essential.
There is NO textbook for this course. The course is in form of seminars, and it is based on current research papers!
The instructor will give introductory lectures and discuss research papers. In addition, we plan to organize guest lectures. This course will require active student participation. Students will review the assigned papers and make presentations in class.
This special topics course will involve extensive instructor student interaction. The goal is to help each (or group of 2 or 3) student to produce a paper written in IEEE or ACM conference proceeding style. Student group work will be encouraged, but each student must be able to defend an independent paper and presentation. Student grade will be based on class presentations, class participation, papers and reports.
The course grade will depend on a mid-term (20%), homework and research papers (50%) and final (30%).
There is no anticipated grade distribution.
The IN grade policy as indicated in the catalog will be strictly adhered to. You must provide the necessary back-up documentation (e.g. medical certificate) for your application to be considered favorably. In all circumstances the written request, with all the back up documentation, must be received before the final exam week.
Honor Code procedures will be strictly adhered. Students are required to be familiar with the honor code. You must not utilize unauthorized material or consultation in responding to your tests. Violations of the honor code will be reported. Unless otherwise stated, homework assignments must be based on the student’s own effort.
Please be sure that you are aware of all
provisions of the GMU Honor Code
http://www.gmu.edu/catalog/apolicies/honor.html
and Computer Science Department Honor Code
http://cs.gmu.edu/wiki/pmwiki.php/HonorCode/CSHonorCodePolicies.
If you have a documented learning disability or other condition that may affect academic performance you should:
1) make sure this documentation is on file with the Office of Disability (http://www2.gmu.edu/dpt/unilife/ods//) to determine the accommodations you need; and
2) talk with me to discuss your accommodation needs. All academic accommodations must be arranged through the ODS.