Graduate Studies Reports Access
Graduate Course Proposal Form Submission Detail - EEL6808
Tracking Number - 5107
Current Status:
-
Campus: Tampa
Submission Type: New
Course Change Information (for course changes only):
Comments:
Detail Information
- Date & Time Submitted: 2014-10-15
- Department: Electrical Engineering
- College: EN
- Budget Account Number:
- Contact Person: Nasir Ghani
- Phone: 8139744772
- Email: nghani@usf.edu
- Prefix: EEL
- Number: 6808
- Full Title: Data Networks, Systems, & Security
- Credit Hours: 3
- Section Type: C -
Class Lecture (Primarily)
- Is the course title variable?: N
- Is a permit required for registration?: N
- Are the credit hours variable?: N
- Is this course repeatable?: Y
- If repeatable, how many times?: 1
- Abbreviated Title (30 characters maximum): Network & System Security
- Course Online?: O -
Online (100% online)
- Percentage Online: 0
- Grading Option:
-
- Prerequisites: None
- Corequisites: None
- Course Description: Beginning with preparatory modules on Database Systems and Operating System Concepts, this course provides a technical and operational overview of data communication, computer networks, and the foundations for their operation.
- Please briefly explain why it is necessary and/or desirable to add this course: Needed for program/concentration/certificate change
- What is the need or demand for this course? (Indicate if this course is part of a required sequence in the major.) What other programs would this course service? In the original (and approved) proposal for the M.S. in Cybersecurity, the program was given "CNT 5004 Data Communication/Networks" as the designators for the program's core course in networks, systems and security. We discovered, as we prepared to deliver that course this Spring (2015), that the course number and name are incorrect. Perusing the SCNS, no existing graduate course in the SUS had the scope or descriptive title to characterize the intended core course. We are, therefore, requesting a new course number with a corresponding name that describes its scope and content.
- Has this course been offered as Selected Topics/Experimental Topics course? If yes, how many times? Yes, 1 time
- What qualifications for training and/or experience are necessary to teach this course? (List minimum qualifications for the instructor.) Knowledge of and/or experience with installing, configuring, maintaining, upgrading/optimizing, and troubleshooting a network.
Foundational understanding of Database Systems Management and Operating Systems Concepts.
- Objectives: This course provides a technical and operational overview of data communication, computer networks, and the foundations for their secure operation. Students will acquire a basic understanding of network components and how they interact. This material will be the basis for learning how to install, configure, maintain, upgrade/optimize, and troubleshoot a network. We will begin with preparatory modules on Database Systems Management (because databases are often targeted in network attacks) and on Operating Systems (including the latter here is in line with ACMs IS 2010 model curriculum). We will cover both software and hardware technologies that enable network operations. Students will learn to analyze and design computer/ communication networks by understanding the network layered architecture and the protocol stack. The course will begin by introducing network design, topologies and architecture, then proceeding to explicate components, devices, technology and protocols, before taking on more applied issues of network management and security.
- Learning Outcomes: Module 1
Databases and Database Management Systems
Understand and explain basic database concepts, including indexing, inference, aggregation, and polyinstantiation
Outline the structure and operation of the relational data and NoSQL models
Describe the properties of constraints and triggers in SQL
Distinguish between object based and object oriented languages
Contrast the structures, objects and subjects of the Access Matrix and Access Modes database security models
Explain common database security and management vulnerabilities such as those in passwords, user privileges and escalations, SQL injections, buffer overflows, broken configuration, failure to apply patches, DoS, storage/ transmission of unencrypted data.
Identify the general properties of hash functions
Describe the basic principles of encryption and how they are applied in database management
Compare commonly used discretionary, mandatory, and role-based access controls (e.g., DAC, MAC, RBAC, Clark-Wilson)
Describe the uses of distributed multitiered application in managing data/information flow between system components
Identify how inference and aggregation attacks operate for collecting sensitive information
Module 2
Operating Systems Concepts
Describe mechanisms of program execution through processes and threads within the processes that simultaneously execute different parts of the code or control the execution state for a given segment of code through process control blocks and thread control blocks
Compare different memory management schemes (e.g., real, virtual)
Outline the basic concepts and processes in file-systems interface (access, sharing, protection, directories and file system mounting) and implementation (structure, directory implementation, allocation, free space management, performance and recovery)
Explain the main models and mechanisms of access control in OS and specifically the use of access control lists
Identify common security problems (e.g., breaches of confidentiality, integrity, and availability; theft or denials of service) and program and system threats (e.g., Trojan horses, back doors, logic bombs, stack and buffer overflows, viruses, worms) to operating systems
Describe how virtual machine managers (hypervisors) allow multiple operating systems to share a single hardware and how they support the independence and efficiency of guest operating systems (virtual machines)
Explain how operating systems are protected by controlling the access of programs, processes, or users to the resources defined by a computer system (including architectures that regulate privileged and nonprivileged states at the kernel and application levels)
Analyze common OS protection/security measures such as encryption, authentication, key distribution
Understand security design principlesincluding, domain separation, process isolation, resource encapsulation, least privilegeand how they apply to protecting an OS
Module 3
Overview of Networking, Networked Media, Network Architectures and Topologies
Describe the fundamental concepts, technologies, components and issues related to communications and data networks, including the software and non-software (protocols, performance, etc) aspects
Distinguish between different types of networks (WAN, LAN, SAN, WLAN, etc.)
Outline the 7-layered Open Systems Interconnection (OSI) model and explain the functions at each level and how they interact
Explain how the Internet is a form of networked media
Construct a network architecture to align with a specific set of needs/requirements for a particular set of hosts/clients
Explain the role of topologies in network design theory
Define and describe the different types of network topologies, such as bus, ring, star, tree, mesh
Module 4
IT System Components, Network Devices and Network Services
Describe the fundamental elements of an information technology and system, including workstations, servers, and peripheral devices
Explain the types and functions of network storage devices
Distinguish between Routers, Switches, Gateways and interpret how each operates in an IT system
Review the uses of Guards, CDSes, VPNs, and Firewalls and explain how they operate
Outline the roles and importance of intrusion detection (IDSs)and intrusion prevention systems (IPSs)in network defense
Classify mobile devices and their current and future roles in network services
Module 5-6
Network Technology and Protocols
Describe how networks infrastructures are planned, created and operate
Review some of the most common network protocols (e.g., TCP/IP v4 and v6, DNS, HTTP, SSL, TLS) and distinguish between them.
Describe the fundamental characteristics of packet-switched data networks and the key Internet protocols that make up the TCP/IP communications suite
Explain the operation and applications of network address translation and sub-netting
Apply network and packet trace analysis methodologies
Demonstrate the use of a network monitor to display packets
Demonstrate the use of network monitoring and mapping tools
Recognize and relate best practices for evolving networks, including change management, BYOD, and MDM
Outline the concepts and operations remote and distributed network management and explain how distribution servers can help to optimize available bandwidth
Module 7
Network Management
Describe processes and tools for network monitoring to identify performance and connectivity issues
Explain the different methods/approaches for network performance optimization
Outline and common approaches to network troubleshooting
Apply a basic troubleshooting methodology to a given scenario
Identify types of documentation for configuration management
Identify principles of congestion control: reactive and proactive, efficiency and fairness
Describe principles of routing: link-state and distance vector. Semantics and syntax of IP.
Module 8
Overview of Network Security Issues
Review the Principles for Secure Networking
o Preparation:
What are we trying to protect?
What operations are authorized?
What is the security perimeter?
o Know the configuration of the network's hardware and software and the vulnerabilities of the configuration
o Know the threat and consider it in relation to the vulnerabilities to assess the risk.
o Authenticate and authorize access to network resources.
o Maintain audit logs
o Have a plan to detect and respond to security incidents.
o Ensure individual accountability
Describe the Building Blocks for Network Security
o Encryption: Privacy
o Encryption: Authentication
o Encryption: Applications
o Authentication mechanisms
o Intrusion detection
o Security management tools
SATAN, ISS, Crick, Snoop
o Firewalls
Outline the role and mechanisms (and potential threats) of WLAN Discovery and Access in Network security
o Cracking WEP Keys
o Sniffing WLAN Traffic
o Denial of Service
o Bluesnarfing/Bluejacking
o Evil Twin
o War Driving
- Major Topics: Databases and Database Management Systems
Operating Systems Concepts
Overview of Networking, Networked Media, Network Architectures and Topologies
IT System Components, Network Devices and Network Services
Network Technology and Protocols
Network Management
Overview of Network Security Issues
- Textbooks: Tanenbaum, Andrew S. and David J. Wetherall, Computer Networks: 5th Edition, NY: Prentice Hall, 2010.
- Course Readings, Online Resources, and Other Purchases: Tanenbaum, Andrew, Modern Operating Systems, 3rd ed, NY: Prentice Hall, 2007 (Chapter 1)
Silberschatz, Abraham, Peter B. Galvin, and Greg Gagne. Operating system concepts, 9th Ed. NY: Wiley, 2013. (Chapters 1-3)
Halvorsen, Hans-Petter, Introduction to Database Systems, Posrsgrunn, Norway: Telemark University College, 2009.
Elmasri, Ramez, and Shamkant Navathe, Fundamentals of Database Systems 6th Ed. Boston: Addison-Wesley, 2011. (Chapters 1-2)
Riverbed Modeler (for creating and testing virtual or simulated network operations)
- Student Expectations/Requirements and Grading Policy: Grading Scale: The following grading scale will be applied:
90% - 100% is an A
80% - 89% is a B
70% - 79% is a C
60% - 69% is a D
less than 60% is an F.
Performance in this classwill be judged and weighted on the following basis:
Presentation and Reading Quizzes: 50%
Network Simulation Exercises: 15%
Final Exam: 25%
Final Project: 10%
- Assignments, Exams and Tests: Five quizzes will be given after covering material from the readings, presentations and multimedia material during the modules.
Quiz 1: Module 1
Quiz 2: Module 2
Quiz 3: Module 3&4
Quiz 4: Module 5&6
Quiz 5: Module 7&8
Students will create and evaluate network operations using three network simulation exercises.
The final exam is cumulative.
For the final project, students will create a simulation in which they install, configure, maintain, upgrade/optimize, and troubleshoot a network.
- Attendance Policy: Course Attendance at First Class Meeting Policy for Graduate Students: For structured courses, 6000 and above, the College/Campus Dean will set the first-day class attendance requirement. Check with the College for specific information. This policy is not applicable to courses in the following categories: Educational Outreach, Open University (TV), FEEDS Program, Community Experiential Learning (CEL), Cooperative Education Training, and courses that do not have regularly scheduled meeting days/times (such as, directed reading/research or study, individual research, thesis, dissertation, internship, practica, etc.). Students are responsible for dropping undesired courses in these categories by the 5th day of classes to avoid fee liability and academic penalty. (See USF Regulation Registration - 4.0101,
http://usfweb2.usf.edu/usfgc/ogc%20web/currentreg.htm)
Attendance Policy for the Observance of Religious Days by Students: In accordance with Sections 1006.53 and 1001.74(10)(g) Florida Statutes and Board of Governors Regulation 6C-6.0115, the University of South Florida (University/USF) has established the following policy regarding religious observances: (http://usfweb2.usf.edu/usfgc/gc_pp/acadaf/gc10-045.htm)
In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. Its the responsibility of the student to monitor Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.
- Policy on Make-up Work: Policy on Make-up Work
As a general policy, there are no make-ups for quizzes, projects or the final exam. If a student wishes to submit an assignment late, the instructor may accept it at his/her discretion and assess a suitable grade penalty.
System Emergencies
In the event of an emergency, it may be necessary for USF to suspend normal operations. During this time, USF may opt to continue delivery of instruction through methods that include but are not limited to: Blackboard, Elluminate, Skype, and email messaging and/or an alternate schedule. It is the responsibility of the student to monitor the Blackboard site for each class for course specific communication, and the main USF, College, and department websites, emails, and MoBull messages for important general information.
Scheduled Absences
Students are expected to notify their instructors at the beginning of each academic term if they intend to be absent for a class or announced examination for religious reasons. They will be given reasonable opportunities to make up any work missed. For further information, please refer to: http://generalcounsel.usf.edu/policies-and-procedures/pdfs/policy-10-045.pdf
Academic Dishonesty
The University of South Florida has in place specific policies and procedures regarding academic dishonesty or disruption of academic process (also see below for more detail). Academic dishonesty includes, but is not limited to: copying or relying on anothers work and using it as your own; representing work you previously prepared for another class as work that was prepared for this class; and using any material during a quiz exam that has not been approved by the professor.
Academic dishonesty will result in a grade of FF and, possible dismissal from the program. An FF received as a result of academic dishonesty puts you on Academic Warning for the remainder of your time at USF. A class in which you receive an FF as a result of academic dishonesty is not repeatable. All papers, research, and examinations will be monitored carefully and students found cheating will be punished to the fullest extent allowed by the University and the Department.
In an effort to ensure compliance, plagiarism tracking software (SafeAssign) may be employed in this course. The University of South Florida has an account with an automated plagiarism detection service which allows instructors to submit student assignments to be checked for plagiarism. Your assignments may be submitted to this detection system, in which they are compared to a large database of journal articles, web articles, and previously submitted papers. Because all papers will be submitted to SafeAssign, you should know your rights:
You may be required to submit your paper to a plagiarism detection site that will be identified by your instructor. In order to comply with federal (FERPA) and state privacy laws, you (students) are not required to include personal identifying information such as your name, SSN, and/or U# in the body of the work (text) or use such information in the file naming convention prior to submitting. Please follow carefully your instructors instructions regarding what identifying information to include. Your submission will be placed in the course grade center in your account that can be accessed by the instructor and attributed to you.
If you have any questions, please refer to USFs Procedures for Alleged Academic Dishonesty or Disruption http://www.ugs.usf.edu/catalogs/0809/adap.htm and Student Academic Grievance Procedures http://www.ugs.usf.edu/catalogs/0809/arcsagp.htm
- Program This Course Supports: Master of Science in Cybersecurity
- Course Concurrence Information: None
- if you have questions about any of these fields, please contact chinescobb@grad.usf.edu or joe@grad.usf.edu.