1. Cyber Security Essentials Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course

2. Course Outline l May 31: Introduction to Security, Malware l June 7: Security Governance and Risks / Data mining overview l June 14: Access Control / Access control and policy for data management /Data Mining for Security l June 21: Security architecture / Access control for web services and the cloud/Identity Management l June 28: Cryptography / Identity Management / Exam #1 Review l July 5: Exam #1 / Guest Lecture l July 12: Network Security / Secure XML Publishing l July 19: Data and Applications Security / Secure Data Architectures; / Assured Cloud Computing / Securing Social Networks l July 26: Legal Aspects/Forensics / Privacy Preserving Data Mining/Operations Security/Disaster Planning / Physical Security/ l Papers presented / Insider Threat/Review for Exam #2 l August 9: Exam #2

3. Text Book l CISSP All-in-One Exam Guide, Fifth Edition l Author: Shon Harris l Hardcover: 1216 pages l Publisher: McGraw-Hill Osborne Media; 5 edition (January 15, 2010) l Language: English l ISBN-10: 0071602178 l ISBN-13: 978-0071602174

4. Course Rules l Unless special permission is obtained from the instructor, each student will work individually. l Copying material from other sources will not be permitted unless the source is properly referenced. l Any student who plagiarizes from other sources will be reported to the Computer Science department and any other committees as advised by the department l No copying of anything from a paper except for about 10 words in quotes. No copying of figure even if it is attributed. You have to draw all figures. l COURSE ATTENDANCE IS MANDATORY

5. Course Plan l Exam #1: 20 points – July 5 l Exam #2: 20 points - August 9 l Two term papers 10 points each: Total 20 points - June 28, July 27 l Programming project : 20 points - August 2 l Two Assignments: 10 points each: Total: 20 points - June 21, July 19

6. Assignment #1 l Explain with examples the following - Discretionary access control - Mandatory access control - Role-based access control (RBAC) - Privacy aware role based access control - Temporal role based access control - Risk aware role-based access control - Attribute-based access control - Usage control (UCON)

7. Assignment #2 l Suppose you are give the assignment of the Chief Security Officer of a major bank (e.g., Bank of America) or a Major hospital (e.g., Massachusetts General) l Discuss the steps you need to take with respect to the following (you need to keep the following in mining: Confidentiality, Integrity and Availability;; you also need to understand the requirements of banking or healthcare applications and the policies may be: - Information classification - Risk analysis - Secure networks - Secure data management - Secure applications

8. Term Papers l Write two papers on any topic discussed in class (that is, any of the 10 CISSP modules)

9. Sample format - 1 l Abstract l Introduction l Survey topics – e..g, access control models l Analysis (compare the models) l Future Directions l References

10. Sample format - 2 l Abstract l Introduction l Literature survey and what are the limitations l Your own approach and why it is better l Future Directions l References

11. Contact l For more information please contact - Dr. Bhavani Thuraisingham - Professor of Computer Science and - Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 - Phone: 972-883-4738 - Fax: 972-883-2399 - Email: bhavani.thuraisingham@utdallas.edu - URL: - http://www.utdallas.edu/~bxt043000/

12. Project l Software l Design document - Project description - Architecture (prefer with a picture) and description (software – e.g., Oracle, Jena etc.) - Results - Analysis - Potential improvements - References

13. Sample projects l Risk analysis tool l Query modification for XACML l Data mining tool for malware l Trust management system l -

14. Paper: Original – you can use material from sources, reword (redraw) and give reference l Abstract l Introduction l Body of the paper - Comparing different approaches and analyzing - Discuss your approach, - Survey l Conclusions l References - ([1]. [2], - - -[THUR99]. - Embed the reference also within the text. - E.g., Tim Berners Lee has defined the semantic web to be -- -- [2].

15. Papers to read for Exam #1 l Identity Management - David W. Chadwick, George Inman: Attribute Aggregation in Federated Identity Management. IEEE Computer 42(5): 33-40 (2009)George InmanIEEE Computer 42 l Role-based Access control - Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996)Edward J. CoyneHal L. FeinsteinCharles E. YoumanIEEE Computer 29 l Usage Control - First 20 pages or so of - Jaehong Park, Ravi S. Sandhu: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) Jaehong ParkACM Trans. Inf. Syst. Secur. 7

16. Papers to read for Exam #1 l Dissemination Control - Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi- dimensional Characterization of Dissemination Control. POLICY 2004: 197-200Role-based Access control Roshan K. ThomasPOLICY 2004

17. Index to Exam #1 l Lecture 3: Information Security Governance, Risk (Q1) l Lecture 5:Data Mining for Malware Detection (Q2) l Lecture 6: Access Control (Q3) l Lecture 7: Access Control in Data Management Systems (Q4) - Also includes the 3 papers on role based access control, Usage control and dissemination control (Q5) l Lecture 8: Security Architecture and Design (Q6) l Lecture 9: Security for SOA/Web Services (Q7) l Lecture 10: Secure Cloud Computing (Q8) l Lecture 12: Cryptography (Q9) l Lecture 14: Charts on Identity Management (based on Identity Management paper) (Q10) l Extra credit 2 questions

18. Papers to read for Exam #2 l Security and Privacy for Social Networks - Jack Lindamood, Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham: Inferring private information using social network data. WWW 2009: 1145-1146 Jack LindamoodMurat Kantarcioglu Bhavani M. ThuraisinghamWWW 2009 - Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham: A semantic web based framework for social network access control. SACMAT 2009: 177-186 Barbara CarminatiElena FerrariMurat KantarciogluBhavani M. ThuraisinghamSACMAT 2009 l Secure XML Publishing - Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third- Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004) Elisa BertinoElena FerrariBhavani M. ThuraisinghamAmar GuptaIEEE Trans. Knowl. Data Eng. 16

19. Papers to read for Exam #2 l Assuring Information Sharing in the Cloud - Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani M. Thuraisingham: Design and Implementation of a Cloud-Based Assured Information Sharing System. 36-50 Tyrone CadenheadMurat KantarciogluVaibhav KhadilkarBhavani M. Thuraisingham l Papers presented by the TA – posted in Lecture 16 (July 5, 2013) Large-scale Plagiarism Detection and Authorship attribution - (1) Juxtapp: A Scalable System for Detecting Code Reuse Among Android Applications - http://www.cs.berkeley.edu/~dawnsong/papers/2012%20juxtapp _dimva12.pdf (2) On the Feasibility of Internet-Scale Author Identification http://www.cs.berkeley.edu/~dawnsong/papers/2012%20On%20t he%20Feasibility%20of%20Internet- Scale%20Author%20Identification.pdfhttp://www.cs.berkeley.edu/~dawnsong/papers/2012%20juxtapp _dimva12.pdf http://www.cs.berkeley.edu/~dawnsong/papers/2012%20On%20t he%20Feasibility%20of%20Internet- Scale%20Author%20Identification.pdf

20. Papers to read for Exam #2 l Privacy - Rakesh Agrawal, Ramakrishnan Srikant: Privacy-Preserving Data Mining. SIGMOD Conference 2000: 439-450 (presented August 2, 2-13, posted Lecture 27)Ramakrishnan SrikantSIGMOD Conference 2000 l Overview of patents, trademarks, copyright, trade secret - - posted Lecture 26 (presented August 2, 2013) l Insider Threat Detection (Lecture 28) - Pallabi Parveen, Jonathan Evans, Bhavani M. Thuraisingham, Kevin W. Hamlen, Latifur Khan: Insider Threat Detection Using Stream Mining and Graph Mining. SocialCom/PASSAT 2011: 1102-1110Jonathan EvansBhavani M. Thuraisingham Kevin W. HamlenLatifur KhanSocialCom/PASSAT 2011

21. Index to Exam #2 l Lecture 11: Assured Cloud Computing for Information Sharing l Lecture 15: Telecommunications and Network Security l Lecture 16: Two papers presented by TA on July 5 Large-scale Plagiarism Detection and Authorship attribution l Lecture 17: Data and Applications Development Security l Lecture 18:/Multilevel Secure Data Mgmt/Secure Data Architectures l Lecture 19: Security and Privacy in Social Networks l Lecture 20: Legal, Regulations, Compliance and Investigations l Lecture 21: Physical (Environmental) Security l Lecture 22: Business Continuity and Disaster Recovery Planning l Lecture 23: Operations Security

22. Index to Exam #2 (Concluded) l Lecture 24: Digital Forensics l Lecture 25: Privacy l Lecture 26 – Patents, Trademarks, Copyright, Trade secret l Lecture 27 – Privacy preserving data mining l Lecture 28 – Insider Threat detection l Lecture 29 – Cyber Operations