[Class Schedule] [Projects]
Instructor: Angelos
Stavrou
Lecture: Tuesday 7:20pm - 10:00pm
Room: ENGR 5358 Office
Hours: Tuesday 4:30pm - 6:30pm, and by appointment Email:
astavrou(_)gmu.edu
Teaching
Assistant: Maofei Chen
Office: ENGR 5321 Office Hours: Monday: 3:30 - 5:00pm & Wednesday: 2:50 - 4:20pm Plan to ask for TA help/individual attention during class instead of outside Email: mchen18(_)gmu.edu |
Course Description:
This course provides
hands-on experience in configuring and experimenting with commodity
networked systems and security software in a live laboratory environment,
with the purpose of understanding real-world security threats. This course
will take both offensive and defensive approaches and expose students to a
variety of real-world attacks, including viruses, worms, rootkits, and
botnets. Possible mitigation and defending mechanisms such as firewalls
and intrusion detection software will also be covered.
Course Objectives:
Prerequisites:
The prerequisite for this topics class is a C or better in CS 310 Data Structures and CS 367 Computer Systems & Programming; or permission of instructor.
·
Coursework will include
substantial programming projects; in order to be able to complete the
projects, you are expected to have competence in programming that can be
applied to to systems and networking (C, Python, etc.)
·
You are expected to have a
good understanding of operating system internals (system call internals,
run-time memory organization, assembly language/x86)
·
To be clear, you will be
exposed to, and expected to implement, projects related to some subset of
these:
o
Web application security,
wireless vulnerabilities, socket programming, C2 protocols, PE life-cycle,
binary packers, x86 shellcode (arbitrary code execution via stack
smashing, heap spray attacks, ROP gadgets), IDS and analytics, incident
response, penetration testing, maliciously repackaging mobile
applications.
o
If you had to Google any of that,
then think seriously about not taking this course or expect a very steep
learning curve at points along the way.
The coursework will include substantial programming projects; in order to be able to complete the projects, the students must be comfortable with C and Systems' programming.
Grading:
Topics |
Grade |
Class participation |
10% |
Labs 5 - 6 |
50% |
Midterm |
15% |
Final or Team Project |
25% |
Total |
100% |
The students must achieve a total score of at least 90 (out of 100) to be considered for an A. This class is an advanced graduate-level class and is geared towards understanding the fundamental concepts behind Digital Forensics. The students will be expected to participate in large projects under the guidance of the instructor.
Bibliography:
We are going to cover topics using the provided slides, papers, and online material.
On the course web page you will also find assigned reading from on-line articles, code snippets, and research publications. I will also have supplementary materials on reserve or handed out during class.
Computer Accounts:
All students should have accounts on the central Mason Unix system
mason.gmu.edu (also known as osf1.gmu.edu)
and on IT&E Unix cluster zeus.ite.gmu.edu (Instructions and related
links are here). Please read the
FAQ if you have
any questions. Students can work in
IT&E computer labs for programming projects during the specified
hours.
Honor Code:
Please read and adhere to the University's
Academic Honesty Page, GMU
Honor Code, CS Department Honor
Code
Disability
Statement If
you have a documented learning disability or other condition that may
affect academic performance you should:
1) Make sure this documentation is on file with the Office of Disability
Services.
All academic accommodations must be arranged through the ODS. http://ods.gmu.edu
2) Talk with me to discuss your accommodation needs.
Other Usefull Resources
Writing Center: A114 Robinson Hall; (703)
993-1200; http://writingcenter.gmu.edu
University Libraries: “Ask a Librarian” http://library.gmu.edu/mudge/IM/IMRef.html
Counseling and Phychological Services (CAPS): (703)
993-2380; http://caps.gmu.edu
University Policies: The University Catalog, http://catalog.gmu.edu,
is the central resource
for university policies affecting student, faculty, and staff conduct in
university affairs.