COS30015 IT Security Outline 2021 - final PDF

Preview

Summary

WEFEFSEDFSEDAEDAWDSDASDASD ASDAS ASDASDAS WADAWDAWDAWDASDASDASDASDASASDASDASD ASD ASD A A DA A AD ADAD A ASD ASD ASD ASD ASDASDASD ASD S A AS AS AS ASD AS AS AS A AS A ASDAFAEFA SD ASDAD AD...

Description

Department of Computer Science and Software Engineering Faculty of Science, Engineering and Technology Higher Education Division

Unit of Study Outline COS30015 IT Security Semester 2, 2021

© Swinburne University of Technology, 2020 Except as provided in the Copyright Act 1968, this document may not be reproduced in any form without the written permission of the University.

Unit of Study Outline Unit of study code Unit of study name Teaching Term/Semester & Year Contact Hours (hrs/wk) or total contact hours

COS30015 IT Security 2021 Semester 2 4 hours per week

Requisites:

Pre-requisites

COS20012 Data Communications and Security or COS30020 Web Application Development or COS10009 Introduction to Programming or COS10011 Creating Web Applications and one of TNE10005 Network Administration or TNE10006 Networks and Switching

Co-requisites Concurrent pre-requisites Anti-requisites Assumed knowledge

Database/web scripting and fundamentals of programming and networking.

Credit Points

12.5

Campus/Location

Hawthorn

Mode of Delivery

Face-to-face and online

Assessment Summary

1. Research project 2. Online Quiz 3. Practical project

Individual Individual Individual

40% 20% 40%

Aims Students who complete this unit of study: Will understand the nature of security threats to IT systems. Will be aware of deficiencies in modern software systems and will understand how to manage the security of computer networks. Will be familiar with the tools used by hackers and crackers and be aware of ways of identifying and rectifying security breaches. Will understand how to assess the vulnerability of computing systems. Will understand the role of a programmer in developing secure systems. Will be able to collect digital evidence and understand the rules of evidence gathering. Will be able to describe and use a number of authentication tools. Learning Outcomes After successfully completing this unit, you will be able to: 1. Evaluate security of client computers. Page 2 of 10

Students will be able to describe and discover network services using a variety of tools and evaluate the security vulnerabilities of those services. Students will be able to change default settings in Windows and common web browsers to minimise vulnerabilities. 2. Evaluate security of servers. Students will be able to describe and discover common vulnerabilities in Internet-based servers running Unix or Linux including web servers, scripting languages, database servers and permissions. 3. Plan security audits. Students will be able to develop a specific methodology for an audit for a particular server or system. 4. Understand concepts of social engineering. Students will be able to evaluate system risks based on human behaviour (for example password management), motivations of potential attackers and the degree of risk to a specific system or service. 5. Use a variety of security related tools. Students will be able to use DNS, network status and other system monitoring tools and draw conclusions from the output of such tools. 6. Identify attacks and mitigate attacks. Students will be able to identify Denial of Service attacks and other unwanted network-borne traffic (spam, messaging) and describe options for minimising the effects of such activities. 7. Evaluate authentication and encryption systems. Students will be able to describe authentication schemes (e.g. multi-factor) and encryption schemes (e.g. PGP, shared key, Certificates, SSH, IPSec) and describe their effectiveness. 8. Evaluate physical access threats. Students will be able to identify risks associated with access to computers, servers and network devices (e.g. keyloggers, boot disks, alternate operating systems, data recovery). 9. Research issues in IT Security. Independently research and present a topic on IT security, including identifying technologies, issues, vulnerabilities and mitigation strategies.

Content • Overview of Internet Crime and computer security threats. • Operating System Flaws. • Introduction to maintaining a Secure System. • Set up, patch and monitor. • Penetration testing tools. • System logs. • Firewalls, security: theory, practice, design and implementation. • Ports scanning, packet sniffing and intrusion detection. • Understanding and responding to security alerts. • Server technologies, risks and policies. • Vulnerability analysis and Audit. • Secure programming practices. • Security Models. • Physical Security. • Authentication (identity, biometrics and digital signatures). • Digital Forensics.

Key Generic Skills for this Unit of Study You will be provided with feedback on your progress in attaining the following generic skills: • •

analysis skills, problem solving skills, Page 3 of 10

• •

communication skills, ability to tackle unfamiliar problems

Learning and Teaching Structure 2 hour lectures every week, for one hour video-streaming lecture and one hour live-streaming lecture. 2 hour laboratory class every week including week 1. In a Semester, you should normally expect to spend, on average, twelve and a half hours of total time (formal contact time plus independent study time) a week on a 12.5 credit point unit of study. Provisional Schedule Week

Date

Laboratory

Podcast/ Reading

Linux Lab.

Security Now 1, 47, 65. Risky Business 217. Goodrich Chapter 1

(Mon) 1

2

2 Aug

9 Aug

Overview: Security concepts and models, usability issues, types of threats, Security Terminology, What's Legal Security Resources. Physical security: Authentication, Forensics, Physical access attacks. Recent threats

Listen to Security Now episodes 50, 53, 57. Network lab

Security Now 211, 213, 137, 90, 94, 291 Risky Business 240, 163. 159, 129, 73, 70, 52, 51

Assessment

Release Assignment 1

Goodrich Chapter 2 3

16 Aug

Operating System security: Access control, buffer overflows, virtualisation, DEP, ASLR, sandboxing.

Buffer overflows

Security Now 39, 53, 54, 55, 78, 172, 174, Risky Business 152, 120 Goodrich Chapter 3

4

23 Aug

Malware: Types, attacks, examples, countermeasures. GhostRAT, WannaCry, Stuxnet Flame, BEAST, Zeus, CRIME

Malware RATs and remote access Buffer Overflows

Security Now 8, 9, 21, 22, 191, 193, 321, 353 Risky Business 67, 170, 169, 160, 17 Goodrich Chapter 4

5

30 Aug

Network Security 1: Revision, hardware, protocols, layers. MITM, DDOS attacks

Denial of Service

Security Now 25, 26, 27, 29, 195, 313, 319. Risky Business 11, 187, 188, 189 Goodrich Chapter 5

Page 4 of 10

6 Sept

6

Network Security 2: DNS, SSH, IPSec, VPNs, Intrusions, WiFi

Firewalls, nmap, Wireshark, netstat, ifconfig

Security Now 11, 13, 155, 170, 260, 335, 337, 355. Risky Business 87.

Research project due Thursday 23:59

Goodrich Chapter 6

7

13 Sept

Non-teaching week

20 Sept

Web Security: cookies, session hijacks, XSS, defences

Non-teaching week Online quiz in the lab.

Security Now 85, 86, 87, 166, 168, 217, 219, 221, 225, 285. Risky Business 174

Online quiz taken in this lab class.

Goodrich Chapter 7 27 Sept

8

4 Oct

9

11 Oct

10

11

12

Cryptography: pre-shared key symmetric key asymmetric key PGP / GPG SSH / SSL brute force attack authentication digital certificates Security Models: Trust, Access control models, standards, patching, Vulnerability, Disclosure, Encryption, TPM, code signing. Web Application Security: Transaction processing, email, Credit card security, DRM, social networking, SQL injection, Spam.

18 Oct

Cloud security and law: Virtualisation security, PIE, TNO, Risk, Jurisdictional issues

25 Oct

Revision Lecture and guest talk

XSS, cookies

Security Now 125, 151, 179, 181, 183, 185, 195, 243. Risky Business 187, 197, 212 Goodrich Chapter 8 Security Now 99, .307, 319 Risky Business 141, 217, 230

Crypto

Goodrich Chapter 9 SQL Injection

Metasploit

TBA

Security Now Risky Business 102 Goodrich Chapter 10 https://www.cyb er.gov.au/advic e/cloudcomputingsecurity TBA

Practical project due Sunday 23:59

Teaching Staff Name

Role

Yuantian Miao

Lecturer,

A/Prof. Jun Zhang JAMIE OOI

Convenor

Campus & Room No.

Hawthorn EN511b

Phone No.

9214 3823

Email Address

Consultation Times

[email protected]

Thursday 4:30pm~6:30pm

[email protected]

by appointment

Demonstrator

Page 5 of 10

Rory Coulter ASHUTOSH PATEL SAMUAL GOLDING

Demonstrator

[email protected]

Demonstrator Demonstrator

Canvas Site for this Unit of Study Important information concerning this unit of study is placed on the Swinburne course management system (Canvas), accessible via https://swinburne.instructure.com/ It is your responsibility to access on a regular basis • the Canvas site for your unit of study, • the Announcements section on Canvas, and • any emails sent by the teaching staff to your student email address via Canvas. • If you access your email through a provider other than Swinburne, it is your responsibility to ensure that your Swinburne email is redirected to your private email address. Swinburne student email is now provided by Microsoft Office 365. • To login navigate to http://outlook.com/student.swin.edu.au and use the following login details: • Login: @student.swin.edu.au • Default Password: Date of birth (DDMMYY) • Email Address: @student.swin.edu.au • If you access your email through a provider other than Swinburne, it is your responsibility to ensure that your Swinburne email is redirected to your private email address. Canvas discussion boards are to be used for peer support and exchange of ideas. Code is not to be posted. Students who post parts of assignments will be banned. a) Assessment Overview

Assessment Task

Individual/ Group Task

Related Learning Objective(s)

Weighting

Due Date

Online quiz

Individual

1, 2, 4

20%

Week 7 starting 20th Sept

Research project

Individual

5, 7, 8, 9

40%

9th Sept

Practical project

Individual

1, 2, 3, 4, 5, 6

40%

31th Oct

* includes compulsory presentation in lab

b) Minimum requirements to pass this Unit As the minimum requirements of assessment to pass a unit and meet all ULOs to a minimum standard, an undergraduate student must have achieved: an aggregate mark for the unit of 50% or more. c)

Examinations No exam in S2 2021.

d) Assessment Criteria: • Marking criteria for the project will be published on Canvas. Plagiarism penalties will be applied depending on the severity of the offence. Students who can be demonstrated to have copied more than 100 contiguous words or 5 sentences from web sites or other students' work will receive a 0 for their project. • Online quiz will be a multiple choice test, based on a randomly selected pool of questions. Test marks will be calculated automatically. Page 6 of 10

• • • • • •

The assessment criteria and results will be moderated following Swinburne policies and procedures. Online quiz Canvas test which will only be available during labs in week 7. The assignments will be submitted through Canvas (https://swinburne.instructure.com/). Students should ensure that they can log in to Canvas before the due date / time. A completed soft copy of the Assignment Cover Sheet must be included in the assignment document. Documents may be forensically examined to determine their origin. Students are responsible for keeping copies of their assessable work. Device failures, viruses and other disasters are not grounds for late submissions. The work put into the project should involve 30 hours of work.

e) Referencing To avoid plagiarism, you are required to provide a reference whenever you include information from other sources in your work. Further details regarding plagiarism are available in Section C of this document. Referencing conventions required for this unit are: Vancouver (as used by IEEE). Helpful information on referencing can be found at https://www.swinburne.edu.au/library/referencing/ https://ieeeauthorcenter.ieee.org/wp-content/uploads/IEEE-Reference-Guide.pdf f) Extensions and Late Submissions: • Assignments or projects submitted after the due date and time will attract a penalty of 10% of the total marks available per working day late, up to a maximum of five working days. Assignments submitted after five working days will be graded with zero marks. • Extensions will only be granted in exceptional circumstances, on medical or compassionate grounds. Extensions must be applied for in advance of the due date (except in emergencies). Students should contact the convener by phone or in person to apply for an extension. Medical or other certificates will be required. The convener must sign the bottom of the assignment cover sheet when approving the extension. g) Assessment Results: Assignment results will be distributed to students through the ESP system (automatically generated e-mails) and Canvas. Students should ensure that their Swinburne e-mail accounts are being checked regularly. Students must retain all assessed material that contributes to the final result up until such time as the final results are published. h) Groupwork Guidelines: A group project is the collective responsibility of the entire group, and if one member is temporarily unable to contribute, the group should be able to reallocate responsibilities to keep to schedule. In the event of longer-term illness or other serious problems involving a member of a project group, it is the responsibility of the other members to make the project supervisor aware of the situation straight away. Group project reports must be submitted with the project cover sheet, signed by all members of the group. All group members must be satisfied that the work has been correctly submitted. Any penalties for late submission will apply to all group members, not just the person who submitted.

Resources and Reference Material Reference books may available as electronic resources (use the links listed) or in print from the Swinburne library (Hawthorn branch).

Page 7 of 10

Text: • Introduction to Computer Security, M T Goodrich and R Tamassia, Addison Wesley (Pearson), any edition. Recommended Reading: • Gray Hat Hacking, The ethical hacker's handbook 3rd. ed, A Harper [et al.], McGraw-Hill 2011 • Hands-on Ethical Hacking and Network Defense, Michael T Simpson, Thomson 2006 • Computer Security Fundamentals, Chuck Easttom, Pearson/Prentice Hall NJ, 2006. • Advanced Guide to Linux Networking and Security, Ed Sawicki, Nicholas Wells, Thomson/Course Technology Australia, 2006. • Please check updated unit website in Canvas for more References: • Podcasts can be obtained from http://risky.biz, http://www.grc.com/SecurityNow.html and http://www.twit.tv • Buffer overflow attacks- detect, exploit, prevent. James C. Foster ... [et al.], http://ezproxy.lib.swin.edu.au/login?url=http://library.books24x7.com/library.asp?^B&bookid=94 03 • Aggressive network self-defense, Neil Archibald ... [et al.], http://ezproxy.lib.swin.edu.au/login?url=http://library.books24x7.com/library.asp?^B&isbn=1931 836205 • Network Defence and Countermeasures Principles and Practice, Chuck Easttom, Pearson/Prentice Hall, NJ, USA, 2005.

PART C:

FURTHER INFORMATION

For further information on any of the below topics, refer to Swinburne’s Current Students web page http://www.swinburne.edu.au/student/.

Student Charter Please familiarise yourself with Swinburne’s Student Charter. The charter describes what students can reasonably expect from Swinburne in order to enjoy a quality learning experience. As students contribute to their own learning experience to that of their fellow students, the charter also defines the University's expectations of students.

Student behaviour and wellbeing Swinburne has a range of policies and procedures that govern how students are expected to conduct themselves throughout the course of their relationship with the University. These include policies on expected standards of behaviour and conduct which cover interaction with fellow students, staff and the wider University community, in addition to following the health and safety requirements in the course of their studies and whilst using University facilities. All students are expected to familiarise themselves with University regulations, policies and procedures and have an obligation to abide by the expected guidelines. Any student found to be in breach may be subject to relevant disciplinary processes. Some examples of relevant expected behaviours are: • Not engaging in student misconduct • Ensuring compliance with the University’s Anti-Discrimination, Bullying and Violence and Sexual Harassment requirements •

Complying with all Swinburne occupational health and safety requirements, including following emergency and evacuation procedures and following instructions given by staff/wardens or emergency response. Page 8 of 10

In teaching areas, it is expected that students conduct themselves in a manner that is professional and not disruptive to others. In all Swinburne laboratories, there are specific safety procedures which must be followed, such as wearing appropriate footwear and safety equipment, not acting in a manner which is dangerous or disruptive (e.g. playing computer games), and not bringing in food or drink.

Canvas You should regularly access the Swinburne Course Management System (Canvas) available via https://swinburne.instructure.com/. Canvas is regularly updated with important Unit information and communications.

Communication All communication will be via your Swinburne email address. If you access your email through a provider other than Swinburne, then it is your responsibility to ensure that your Swinburne email is redirected to your private email address.

Plagiarism Plagiarism is the action or practice of taking and submitting or presenting the thoughts, writings or other work of someone else as though it is your own work. Plagiarism includes any of the following, without full and appropriate acknowledgment to the original source(s): • The use of the whole or part of a computer program written by another person; • the use, in essays or other assessable work, of the whole or part of a written work from any source including but not limited to a book, journal, newspaper article, set of lecture notes, current or past student’s work, any other person’s work, a website or database; • The paraphrasing of another’s work; • The use of musical composition, audio, visual, graphic and photographic models, • The use of realia that is objects, artefacts, costumes, models and the like. Plagiarism also includes the preparation or production and submission or presentation of assignments or other work in conjunction with another person or other people when that wor...