Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Published byNathaniel Holland Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering."— Presentation transcript:

1 Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering University of South Carolina farkas@cse.sc.edu http://www.cse.sc.edu/~farkas

2 Computer Science and Engineering 2 Attack Sophistication vs. Intruder Technical Knowledge High Low 1980198519901995 2000 password guessing self-replicating code password cracking exploiting known vulnerabilities disabling audits back doors hijacking sessions sweepers sniffers packet spoofing GUI automated probes/scans denial of service www attacks Tools Attackers Intruder Knowledge Attack Sophistication “stealth” / advanced scanning techniques burglaries network mgmt. diagnostics distributed attack tools Cross site scripting Staged attack Copyright: CERT, 2000

3 Computer Science and Engineering 3 CSI Survey 2008 Types of incidents CSI/FBI Computer Crime and Security Survey Computer Security Institute

4 Computer Science and Engineering 4 CSI Survey 2008 CSI/FBI Computer Crime and Security Survey Computer Security Institute

5 Computer Science and Engineering 5 CSI Survey 2008 CSI/FBI Computer Crime and Security Survey Computer Security Institute

6 Computer Science and Engineering 6 CSI Survey 2008 CSI/FBI Computer Crime and Security Survey Computer Security Institute

7 Computer Science and Engineering 7 Systems must be protected against attacks! What can a business do about it? What can IT professionals do about it?

8 Computer Science and Engineering 8 Graduate Certificate Program in Information Assurance and Security (IA&S)

9 Computer Science and Engineering 9 Security Objectives Confidentiality: prevent/detect/deter improper disclosure of information Integrity: prevent/detect/deter improper modification of information Availability: prevent/detect/deter improper denial of access to services Security Needs

10 Computer Science and Engineering 10 Types of Threats Errors of users Natural/man-made/machine disasters Dishonest insider Disgruntled insider Outsiders

11 Computer Science and Engineering 11 Computer Science and Engineering Semantic Web security –Data and meta-data security –Secure information sharing –Web application security Critical Infrastructure Protection –Economic and social aspects of cyber attacks –SCADA systems security Sample Research Directions Organizational Data Confidential Ontology Secure Data Integration and Inferences Public User Web Data Public Access Control Models Offense Defense Other Research – Policy Compliance – Online Privacy – Open source intelligence – Secure VANET communication

12 Computer Science and Engineering 12 Computer Science and Engineering Secure Semantic Web Web Data and Metadata Security –Semantic-Aware XML access control –RDF security policy –Stream data security Web Services (WS) Security –Service-level security across heterogeneous domains –Identity and trust management –Execution correctness, WS transactions

13 Computer Science and Engineering 13 Computer Science and Engineering Damage Assessment and Social Vulnerability Damage Estimation and Social Vulnerability –Damage of the target may not reflect the real amount of damage –Services may rely on the attacked service, causing a cascading and escalating damage –Identify characteristics to evaluate vulnerability of different social strata for cyber attack consequences Support decision makers to –Evaluate risk and consequences of cyber attacks –Support methods to prevent, deter, and mitigate consequences of attacks

14 Computer Science and Engineering 14 IA Jobs Job market –Civil (Join Information Systems Security Association, ISSA, https://www.issa.org/ ) –Government (Internship available at USC-UTS, and SC Dept. of Probation, Parole, and Pardon Services) –Military (Internship available at SPAWAR, Charleston) Education and training requirements (B.S. degree, certification, hands-on experiments) Salary FUN

15 Computer Science and Engineering 15 IA&S Certificate Program Admission Requirements Baccalaureate degree in computer science, computer engineering, or a related field Work experience as information security professional Admission requirements for graduate study at the Department of Computer Science and Engineering http://www.cse.sc.edu/GRADUATE/AdmissionsPage.html

16 Computer Science and Engineering 16 Graduation requirements 18 hours of graduate study with B average –9 hours core courses –9 hours of elective courses IA&S Certificate Program

17 Computer Science and Engineering 17 Core Courses CSCE 522 – Information Systems Security Principles –offered every Fall semester CSCE 715– Network Security –offered every Fall semester CSCE 727 – Information Warfare –offered every 3 rd semester

18 Computer Science and Engineering 18 Elective Courses CSCE 517 – Computer Crime and Forensics CSCE 557 – Introduction to Cryptography CSCE 548 – Secure Software Construction CSCE 716 – Design for Reliability CSCE 717 – Comp. Systems Performance CSCE 790 – Topic Course CSCE 813 – Internet Security CSCE 814 – Distributed Systems Security CSCE 824 – Secure Databases CSCE 853 – Formal Models of Information Security

19 Computer Science and Engineering 19 New undergraduate courses: CSCE 201: Introduction to Information Security

20 Computer Science and Engineering 20 Thank you!

Download ppt "Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering."

Similar presentations

High Performance Research Network. Development Lab. / Supercomputing Center 1 Design of the Detection and Response System against DDoS attacks Yoonjoo.

High Performance Research Network. Development Lab. / Supercomputing Center 1 Design of the Detection and Response System against DDoS attacks Yoonjoo.
DETECTING A CYBER-ATTACK SOURCE IN REAL TIME R. Romanyak 1), A. Sachenko 1), S. Voznyak 1), G. Connolly 2), G. Markowsky 2) 1) Ternopil Academy of National.

DETECTING A CYBER-ATTACK SOURCE IN REAL TIME R. Romanyak 1), A. Sachenko 1), S. Voznyak 1), G. Connolly 2), G. Markowsky 2) 1) Ternopil Academy of National.
CSCE 201 Introduction to Information Security Fall 2010.

CSCE 201 Introduction to Information Security Fall 2010.
1`1 Hacking and Information Warfare. 2 Overview Information Warriors  Who Are They  What Do They Do Types of Threat PsyOps Civil Affairs Electronic.

1`1 Hacking and Information Warfare. 2 Overview Information Warriors  Who Are They  What Do They Do Types of Threat PsyOps Civil Affairs Electronic.
Information Security and Assurance Center 1 Address: 615 McCallie Avenue Phone: 423-425-4043 Chattanooga TN 37403

Information Security and Assurance Center 1 Address: 615 McCallie Avenue Phone: Chattanooga TN 37403
Department of Mathematics and Computer Science www.uncp.edu.

Department of Mathematics and Computer Science
UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering CSCE 190 Computing in the Modern World CSE Curricula Fall 2014 Marco Valtorta.

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering CSCE 190 Computing in the Modern World CSE Curricula Fall 2014 Marco Valtorta.
1  Carnegie Mellon University System Security and U. Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213.

1  Carnegie Mellon University System Security and U. Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.

Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security on the Internet: The Problem, Solutions and Perspectives Alain Patrick AINA Copyright, ECA, June 2006.

Security on the Internet: The Problem, Solutions and Perspectives Alain Patrick AINA Copyright, ECA, June 2006.
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Legal and Ethical Issues in Computer Security

Legal and Ethical Issues in Computer Security
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.

Trust, Privacy, and Security Moderator: Bharat Bhargava 1 Coordinators: Bharat Bhargava 1, Csilla Farkas 2, and Leszek Lilien 1 1 Purdue University and.
Or, How to Spend Your Weekends… Fall 2007 Agenda General Overview of the CISO Arena Technical Security Information Security Strategic Security Kirk Bailey.

Or, How to Spend Your Weekends… Fall 2007 Agenda General Overview of the CISO Arena Technical Security Information Security Strategic Security Kirk Bailey.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Mohammad Alshayeb 19 May 2009. Agenda Update on Computer Science Program Assessment/Accreditation Work Update on Software Engineering Program Assessment/Accreditation.

Mohammad Alshayeb 19 May Agenda Update on Computer Science Program Assessment/Accreditation Work Update on Software Engineering Program Assessment/Accreditation.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

Similar presentations

Ads by Google