Presentation is loading. Please wait.

Presentation is loading. Please wait.

Yan Chen Dept. of Computer Science Northwestern University Information Security Curriculum Development in Northwestern.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Yan Chen Dept. of Computer Science Northwestern University Information Security Curriculum Development in Northwestern."— Presentation transcript:

1 Yan Chen Dept. of Computer Science Northwestern University http://list.cs.northwestern.edu Information Security Curriculum Development in Northwestern University

2 Security Curriculum in Northwestern Traditional gap till 2004 Offered the first “Internet Security” research course in Spring 2004 Offered the first “Introduction to Computer Security” in Winter 2005 Will offer the first non-major security course in Fall 2005 –Under collaboration with Andrea M. Matwyshy, professor of the Law School –Thanks to MS Trustworthy Computing Curriculum grant –Tentatively title: “Basic Information Security: Technology, Business and Law”

3 Cryptography –Secret key algorithms: DES/AES –Public key algorithms: RSA –One-way hash functions & message digests: MD5, SHA2 Software security –Software security principles: least privilege, defense in depth, keep it simple, etc. Examples: send mail vs. qmail –Buffer overflow and the defense schemes Type safe languages Static source code analysis Run time checking: StackGuard, etc. Intro to Computer Security Course

4 Intro to Computer Security Course (II) Operating system security techniques –Access control: ACL and capabilities –Dealing with bad (legacy) codes: sandboxing Internet vulnerability –Denial-of-service attacks, viruses, worms, Trojan horses Securing the Internet –Intrusion detection systems (IDSs): host- vs. network- based, signature vs. statistical detection Case study: Snort –Firewalls and IPsec –Wireless and cellular network security

5 Class Projects Project 1: GNU Privacy Guard, an open-PGP tool –Encryption, decryption –Signature generation, verification and revocation Project 2: software security –Try exploit of buffer overflow and format string bugs –C-based, needs a little bit knowledge on X86 assembly language, but should be easy to pick up for CS students –Thanks to Prof. Dan Boneh of Stanford University for sharing this project

6 Class Projects (II) Project 3: Intrusion Detection Systems (IDS) –Signature-based IDS: snort Test on real traffic Add rules to snort for detection –Statistical IDS Use DARPA 98 data Provide two learning models: HMM and Gaussian mixture Select/design metrics to detect SYN flooding and port scans –We held a competition for statistical IDS of project 3. The winner earned extra bonus points plus some real gift awards Projects open to release

7 Incorporate Research Lab for Internet and Security Technology (LIST) Http://list.cs.northwestern.edu Hire students for Internet security research –Sponsored by Microsoft Research and Northwestern Murphy Society Most students (including undergrads) move on to research

Download ppt "Yan Chen Dept. of Computer Science Northwestern University Information Security Curriculum Development in Northwestern."

Similar presentations

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Welcome to CS 395/495 Introduction to Computer Security.

Welcome to CS 395/495 Introduction to Computer Security.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Welcome to EECS 354 Network Penetration and Security.

Welcome to EECS 354 Network Penetration and Security.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

Similar presentations

Ads by Google