1 / 28

CSCE 727 Information Warfare

CSCE 727 Information Warfare. Instructor: Csilla Farkas Class time: M, W 2:50 – 4:05 pm Class Homepage: http://www.cse.sc.edu/~farkas/csce727-2014/csce727.htm Office Hours: M, W 2:00 – 2:30 pm and 4:15 – 5:15 pm or by appointment.

derex
Download Presentation

CSCE 727 Information Warfare

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSCE 727 Information Warfare

  2. Instructor: Csilla Farkas • Class time: M, W 2:50 – 4:05 pm • Class Homepage: http://www.cse.sc.edu/~farkas/csce727-2014/csce727.htm • Office Hours: • M, W 2:00 – 2:30 pm and 4:15 – 5:15 pm or by appointment

  3. Prerequisite(s) or corequisite(s): CSCE 522 or permission of instructor • Course objectives: Introduction to information warfare principles and technologies. • Defensive information warfare • Offensive information warfare

  4. Basic Bibliography • Required: • D. Denning: Information Warfare and Security (Addison Wesley, 1998, ISBN: 0201433036) • Lecture handouts and references listed for each lecture • Recommended: • Cyber Warfare: Mapping the Cyber Underworld (O’Reilly Media,2nd edition, 2011, ISBN-10: 1449310044, ISBN-13: 978-1449310042)

  5. Student Work • Research project: there will be one individual research project with a final submission of a research paper • Homework and class participation: there will be several homework assignments based on textbook material and reading assignments • Tests: there will be two in-class, open book tests

  6. GRADING • Research project: 25% • Presentation of related work: 5%) • Homework assignments: 25% • Tests: 45% (midterm 20%, final 25%) • Final grades are calculated from a total score of 100: 90 < A 87 < B+ <= 90 80 < B <= 87 76 < C+ <= 80 65 < C <= 76 60 < D+ <= 65 50 < D <= 60

  7. Tentative Schedule • Week 1-3: Fundamental IW concepts • Week 4-9: Offensive Activities • Week 10-13: Defensive Information Warfare • Week 14-15: Student Presentations

  8. Questions?

  9. Student IntroductionYour NameMajorExposure to Information AssuranceWhat you expect to gain from this classArea of interest

  10. Information Assurance Studies

  11. IA Specialization • Undergraduate and Graduate level • Core Requirement (3 Hours) • CSCE 522: Information Security Principles (3 credits) – meets CNSS 4011 standard • Additional Requirements: • Elective IA course (3 credit) • 2nd elective course (3 credits) or 500-level or above CSCE course with IA project component

  12. CNSS Certifications • National Training Standard for Information Systems Security Professionals, CNSSI No. 4011 • National Training Standard for System Administrators in Information Systems Security, CNSSI No. 4013 • National Training Standard for Information Systems Security Officers, CNSSI No. 4014

  13. IA&S Courses • Offered since 2000 • 12 new courses • 4 undergraduate and graduate • 8 graduate students only • Approved by USC • Accredited by the Committee on National Security Systems (CNSS)

  14. IA&S Certificate Programhttp://www.cse.sc.edu/isl/education/iaands (modifications are being proposed)

  15. Graduation requirements 12 hours of graduate study with B average • 6 hours core courses • 6 hours of elective courses

  16. Core Courses • CSCE 522 – Information Systems Security Principles • offered every Fall semester -- APOGEE • CSCE 715– Network Security • offered every Fall semester

  17. Elective Courses • CSCE 517 – Computer Crime and Forensics • CSCE 557 – Introduction to Cryptography • CSCE 548 – Secure Software Construction • CSCE 716 – Design for Reliability • CSCE 717 – Comp. Systems Performance • CSCE 727 – Information Warfare • CSCE 813 – Internet Security • CSCE 814 – Distributed Systems Security • CSCE 824 – Secure Databases

  18. Center for Information Assurance Engineering (CIAE) • http://www.cse.sc.edu/isl • Information about: • Research • Education • Publications • People • Useful links

  19. More Questions?

  20. Committee on National Security Systems (CNSS) • CNSS 4011: National Information Assurance Training Standard for Information Systems Security Professionals • CSCE 522 + 1 additional IA course + 1 course with IA project • CNSS 4013: National Information Assurance Training Standard for System Administrators • CNSS 4011 requirements + CSCE 727 • CNSS 4014: National Information Assurance Training Standard for Information Systems Security Officers • CNSS 4011 requirements + CSCE 727 + CSCE 715 20

  21. Information Systems Security(Overview)http://www.cse.sc.edu/~farkas/csce522-2013/csce522.htm

  22. Security Objectives • Confidentiality: prevent/detect/deter improper disclosure of information • Integrity: prevent/detect/deter improper modification of information • Availability: prevent/detect/deter improper denial of access to services • Authenticity: Verify claimed identity • Non-Repudiation: Cannot deny action

  23. Achieving Security • Policy • What to protect? • Mechanism • How to protect? • Assurance • How good is the protection?

  24. Security Tradeoffs Security Functionality COST Ease of Use

  25. Information Security Planning • Organization Analysis • Risk management • Mitigation approaches and their costs • Security policy and procedures • Implementation and testing • Security training and awareness

  26. Carry Out Fixes and Validate Identify Business and Technical Risks Define Risk Mitigation Strategy Synthesize and Rank Risks Measurement and Reporting Risk Management Framework (Business Context) Who Cares? Understand Business Context Strengthen system Why care? What should be done? How to mitigate risk? 26

  27. The Art… Policies and procedures Privacy Best practices Ethics and Law National-level considerations International considerations Etc.

  28. Next ClassRefresh IA Concepts

More Related