CSC-3940 System Security

Fall 2023

Instructor:

Roger Shore

Class Schedule:

Office Location:

Congdon Hall 153

MWF 7:50-9:00AM CSC-2410

Telephone:

841-9031

Th 7:50-9:30AM CSC-2410 lab

Office Hours:

TTh 10:00-11:30AM

MW 12:05-1:45PM CSC-3460

MWF 9:00-10:00AM

MW 3:25-5:05PM CSC-4310

TTh 1:35-3:15PM CSC-3940

E-Mail: rshore@highpoint.edu

Web site: linus.highpoint.edu/~rshore


Description: A practical course covering the basic concepts that are essential to security of operating systems, networks, software and various computing support systems. Focus will be on creating and exploring systems with a vulnerability, recreating how attacks on the system exposed the vulnerability, system administration tasks related to system hardening, penetration testing, and security monitoring. Topics will include user account and privilege management, software installation, web site configuration, workstation cloning, clustering, and backups in a variety of environments including Linus, Mac OS X and Microsoft Windows.

Prerequisites: CSC-2410


Course Materials:

  1. Computer Security – A Hands-on Approach 3rd Ed, Wenliang Du, Independently published.

    Optional: Computer and Internet Security – A Hands-on Approach 3rd Ed.

  2. Security Education (SEED) Labs - https://seedsecuritylabs.org

Laptop recommendation:

  1. MacBook Pro preferred or equivalent Windows 10/11
  2. multi-core CPU (Intel, AMD, or Apple M series)
  3. Ram requirements: 16-32 gig
  4. Storage: min 512GB SSD
  5. 802.11ac Wi-Fi wireless networking

Course Objectives: After successfully completing this course,

  1. Students will be able to apply the knowledge gained to successfully install and securely configure software within an established commodity OS. The host machine providing the commodity OS can be local, virtual, or cloud based.

  2. Students will be able to demonstrate their proficiency in the use of scripting languages to write advanced scripts to automate system administration tasks.

  3. Summarize the features and limitations of an operating system used to provide protection and security.

  4. Articulate the need for protection and security in an OS. Access control, buffer overflow exploits, OS mechanisms for providing security and controlling access to resources

  5. Design and implement a backup and restore strategy for a system then confirm the accuracy and completeness of a backup.

  6. Perform system hardening and penetration testing on a variety of systems to discover entry points. Create disaster recovery plan and test the veracity of the plan for a small enterprise.

  7. Explain the mechanisms available in an OS to control access to resources.

  8. Recognize the ethical and professional issues relating to advanced system usage and privileged access to system resources.

Class Preparation: It is assumed that you will read the assigned chapters. Although the material may be summarized, lectures will be used mainly to further demonstrate other approaches to problem solving and to answer specific questions.

SEED Labs: In addition to the major tests and exam, each student will establish a variety of virtual machines either on personal laptop, lab workstation or department cloud (proxmox). Some labs will require the use of a docker containers. With an established server machine and dockers, students will participate in a series of labs to further develop their system administration skills, discover system vulnerabilities, perform system attacks, etc. Labs may consist of establishing a new service on their machine or within a docker container and writing scripts to automate processes. Successful completion of a lab will be demonstrating an increasing mastery the learning objectives. NOTE: Part of your grade on all labs will be documentation. If you submit a solution and the solution is lacking clear and concise documentation, your grade on the project will suffer. This includes excessive documentation. See lab writeup requirements.

Lab Evaluation: The plan is to complete 10 SEED labs. Each lab will have a due date. Any lab not received by the due date will be charged a late penalty. The penalty will be 1 point per day late with a maximum of 7 pts. Labs will not be accepted 7 days after the due date.

Facilities: The department will provide all software necessary to complete the course. This will require the student to have an account on the departmental server. This account will give them access to the software and space to store solutions to assignments. Access to the server will be provided through a workstation in the departmental lab as well as from any remote location on and off campus.

Assessment: The course objectives will be assessed through major tests, the final exam and problem set assignments. The final grade will be determined as follows:


Seed Labs/Assignments/Quizzes: 25%

2 Major Tests: 50%

Cumulative Final Exam: 25%

Total: 100%

Range

93-100

90-93

87-90

83-87

80-83

77-80

73-77

70-73

67-70

63-67

60-63

0-60

Grade

A

A-

B+

B

B-

C+

C

C-

D+

D

D-

F

You must score at least the minimum of a category to be given the associated grade, i.e. an average of 80 is a B- not a C+.

Major tests and Final Exam: All tests and final exam will consist primarily of short answer and problem solving type questions utilizing the knowledge gained while completing the Seed Labs. No make up test will be given unless prior arrangements have been made with excusable reasons. If you miss a test your final grade will be used in place of the missed grade. This means the percentage of the final exam will increase. If you miss the final exam, you will receive an F for the course.

Quizzes/worksheets and assignments: In addition to the major tests and final exam, students will participate in series of problem sets to further develop skills and understanding of system security. Each assignment will focus on a collection of problems that target each learning objective individually or a combination of learning objectives. Successful completion of the assignments will prepare the student for major tests and final exam. There will be at least 12. There is no makeup option for these items. For this reason, two will be dropped to accommodate an occasional absence.

Attendance: High Point University recognizes and honors the value of the face-to-face classroom experience for enhancing student engagement and academic outcomes. Attendance will be taken daily at the beginning of class. As such, you are expected to be present in every class meeting with the exception of an illness that requires quarantine or other reasons pre-approved by the instructor. In those cases online accommodations will be provided. If absent from class, you are responsible for all lectures, in-class exercises, assignments, and handouts. Caution: Being absent from class does not change the due date of assignments. Before a student is dropped for non-attendance, I will give a notification as a warning to a student that he/she is in danger of violating the attendance requirements.


Honor Code: All students are expected to follow the University Honor Code, Full details of the High Point University Honor Code are found here: http://www.highpoint.edu/studentconduct/university-honor-code All academic work should be completed with the highest level of honesty and integrity.


Professionalism: The Mission Statement of the Webb School of Engineering is: To provide an extraordinary engineering education through the delivery of a hands-on, practical education that prepares graduates for a rewarding career or admission into graduate school. The School of Engineering is committed to:

Please treat this class as if it were a company or organization for which you are working. You can exhibit professionalism by attending consistently, arriving on time, communicating your full or partial absence in a timely fashion, completing assignments on time, maintaining engagement, and respecting your peers and the professor.


Classroom etiquette:


Lab etiquette:


Students with Disabilities: High Point University is committed to ensuring all students have equal access to all services and benefits at High Point University. If you are a student with a disability and require academic accommodations due to a diagnosed disability, you must register with the Office of Accessibility Resources and Services (OARS) and submit the appropriate documentation. Requests for accommodations should be made at the beginning of a course. Accommodations are not retroactive. Contact us at oars@highpoint.edu or by telephone at 336-841-9026, for additional information. The Office of Accessibility Resource and Services is located on the 4th Floor of Smith. Library.


Face covering: Wearing a face mask reduces the risk of COVID-19 transmission and is a step we can all take to care for the members of our HPU family. This class will abide by the guidelines that are set forth by the University. Please note this may change as the semester progresses.


Tentative Schedule of Topic Coverage:

Software Security
Test #1
Web Security
Cumulative Final Exam