DAR ES SALAAM INSTITUTE OF TECHNOLOGY (DIT)

DEPARTMENT OF COMPUTER STUDIES

MODULE: CSEU 07302- COMPUTER AND NETWORK SECURITY

MODULE MASTER: Eng.Nnko J.J, MSc (IS), MEng (Software) & BEng Tec (Computer)

COURSE CONTENTS

PART 1: COMPUTER SECURITY

1. General concepts of computer security

 Basics terms and terminologies: e.g. Computer& Network security, attack, threats,
vulnerabilities etc.
 CIA Triad
 Computer security challenges
 Threats and its consequences
 Scope of computer security
 Security functional requirements
 Security architecture
 Security trends
 Computer security strategies
2. Introduction attack procedures
 Ethical hacking meaning and phases in details
3. Computer forensics
 Meaning and terminologies
 Network forensics
 Digital evidence and legal issues
 Computer forensic investigation : Process for conducting computer forensics
investigation, procedures, methodology, tools and reporting
 File systems: Finding and uncovering data as well as tools used
  OS forensics
 E-mail and browser forensics
 Memory forensics : Learn Memory forensics using popular tools
 Mobile forensics
 Cyber forensic Analysis and tools :
- Types of digital/cyber forensic tools: Write blockers;
- Tools used for forensic analysis: Encase, The Sleuth kit, FTK manager, Last
activity view, HxD, CAINE, plain Sight Tool&Nirosoft, Maltego,Autospy
Helix3 Pro etc.
4. User Authentication
 Electronic User Authentication Principles
o A Model for Electronic User Authentication
o Means of Authentication
o Risk Assessment for User Authentication
 Password-Based Authentication
o The Vulnerability of Passwords
o The Use of Hashed Passwords
o Password Cracking of User-Chosen Passwords
o Password File Access Control
o Password Selection Strategies
 Token-Based Authentication
o Memory Cards
o Smart Cards Electronic
o Identify Cards
 Biometric Authentication
o Physical Characteristics Used in Biometric Applications
o Operation of a Biometric Authentication System
o Biometric Accuracy
 Remote User Authentication
 o Password Protocol
o Token Protocol
o Static Biometric Protocol
o Dynamic Biometric Protocol
Case Study: Security Problems for ATM Systems
Key Terms, Review Questions, and Problems
5. Access Control
 Access Control Principles: Access Control Context and Access Control Policies
 Subjects, Objects, and Access Rights
 Discretionary Access Control
o An Access Control
o Model Protection Domains
 Example: Unix File Access Control
o Traditional UNIX File Access Control
o Access Control Lists in UNIX
 Role-Based Access Control: RBAC Reference Models
o Attribute-Based Access
o Control Attributes
o ABAC Logical Architecture
o ABAC Policies
 Identity, Credential, and Access Management: Identity Management; Credential
Management Access Management; Identity Federation
Case Study: RBAC System for a Bank
Key Terms, Review Questions, and Problems

6. Malicious Software
 Types of Malicious Software (Malware)
 Advanced Persistent Threat
 Viruses
 Vulnerability Exploit—Worms
  Social Engineering—Spam E-Mail, Trojans
 Payload—System Corruption
 Payload—Attack Agent—Zombie, Bots
 Payload—Information Theft—Keyloggers, Phishing, Spyware
 Payload—Stealthing—Backdoors, Rootkits
 Countermeasures
Key Terms, Review Questions, and Problems
7. Denial- of-Service Attack
 Denial-of-Service Attacks:
o The Nature of Denial-of-Service Attacks
o Classic Denial-of-Service Attacks
o Source Address Spoofing
o SYN Spoofing
 Flooding Attacks: ICMP Flood ; UDP Flood and TCP SYN Flood
 Distributed Denial-of-Service Attacks
 Application-Based Bandwidth Attacks : SIP Flood and HTTP-Based Attacks
 Reflector and Amplifier Attacks: Reflection Attacks ; Amplification Attacks and
DNS Amplification Attacks
 Defenses Against Denial-of-Service Attacks
 Responding to a Denial-of-Service Attack
Key Terms, Review Questions, and Problems

8. Intrusion Detection
 Intruders Intruder Behavior types
 Intrusion Detection Basic Principles
 Analysis Approaches Anomaly Detection Signature or Heuristic Detection
 Host-Based Intrusion Detection : Data Sources and Sensors ; Anomaly HIDS
Signature or Heuristic HIDS ; Distributed HIDS
 Network-Based Intrusion Detection: Types of Network Sensors ; NIDS Sensor
Deployment; Intrusion Detection Techniques ; Logging of Alerts
  Distributed or Hybrid Intrusion Detection
 Intrusion Detection Exchange Format
 Honeypots

Example System: Snort Snort Architecture Snort Rules 8.10 Recommended Key
Terms, Review Questions, and Problems

9. Firewall and Intrusion Prevention Systems

 Role of Firewalls in Computer and Network security
 Firewall Characteristics and Access Policy
 Types of Firewalls
- Packet Filtering Firewall
- Stateful Inspection Firewalls
- Application-Level
- Gateway
- Circuit-Level Gateway
 Firewall Basing Bastion : Host Host-Based Firewalls and Personal Firewall
 Firewall Location and Configurations :
o DMZ Networks Virtual Private Networks
o Distributed Firewalls Summary of Firewall
o Locations and Topologies
 Intrusion Prevention Systems: Host-Based IPS Network-Based; IPS Distributed
or Hybrid IPS Snort Inline
Key Terms, Review Questions, and Problems

10. Database and Cloud security

PART 2: CRYPTOGRAPHY

 Basics of cryptography and cryptographic tools

  Cryptographic algorithms:

Review question; practical labs and group assignments to be given to students.

PART 3: SOFTWARE SECURITY

1. Buffer overflow (reference chapter 10)

2. Software security( Chapter 11)
3. OS Security (Chapter 12)

PART 4: NETWORK SECURITY

1. Internet protocols and standards

2. Internet authentication application
3. Wireless network security
4. Mobile security

PRACTICALS CLASSES

PART A: PERSONAL COMPUTER AND MS APPLICATION SECURITY

LAB 1:

 Access control to personal computer

  System users login and password
4th week
 Securing BIOS
 Securing Ports and other drives
 Securing Documents (MS Word)

PART B: NETWORK THREATHS AND ATTACKS

LAB 1: Gathering Target Information: Reconnaissance & Footprinting

4-5th
LAB 2: Gathering Network and Host Information: Scanning and Enumeration (chapter 3&4)
week
LAB 3: Vulnerability analysis (chapter 5)
LAB 4: System Hacking: Password Cracking, Escalating Privileges, and Hiding Files (chapter
6)
6th week
LAB 5: Trojans, Backdoors, Viruses, and Worms (chapter 7)
LAB 6: Gathering Data from Networks: Sniffers (chapter 8)
LAB 7: Social Engineering (chapter 9) 7-8th
week
LAB 8: Denial of Service and Session Hijacking (chapter 10)
LAB 9: Session hijacking (chapter 11)
LAB 10: Bypassing Network Security: Evading IDSs, Honeypots, and Firewalls (chapter 12)
LAB 11: Web Hacking: Google, Web Servers, Web Application Vulnerabilities, and Web-Based 9th week
Password Cracking Techniques (chapter 13&14)

LAB 12: Attacking Applications: SQL Injection and Buffer Overflows (chapter 15)
10th
LAB 13: Wireless Network Hacking. (Chapter 16) week

LAB 14: Hacking mobile platform (chapter 17) 11-12th

LAB 15: IoT hacking (chapter 18) week

LAB 16: Cryptography (chapter 20) 13-14th week

MODE OF ASSESSMENT
1. Individual assignments
2. Group assignments - 15 %
3. Group presentations -5%
4. Practical (reports on each lab)
5. Project - 10%
6. Test 1&2 - 10%
7. Exam (FE) - 60%