Syllabus
CS 5352/6352 Syllabus
Instructor
Dr. Sajedul Talukder
Assistant Professor
Director, Security and Privacy Enhanced Machine Learning Lab
Office: CCSB 3.0502
Department of Computer Science
The University of Texas at El Paso (UTEP)
(915) 747-8819
stalukder [AT] utep.edu
Textbook


Excel Book Cover
The recommended course texts are:

  1. Applied Information Security: A Hands-on Approach, by David Basin, Patrick Schaller, and Michael Schlapfer. ISBN:978-3642244735.

  2. Computer & Internet Security: A Hands-on Approach, 2nd Edition, by Wenliang Du. ISBN: 978-1733003926.

  3. Certified Ethical Hacker (CEH) Cert Guide Network Defense, by Michael Gregg. Pearson IT Certification. ISBN: 978-0789751270.

Please note that there are several options with respect to obtaining the book. Students can purchase the text at any bookstore in both new and used format, buy or rent it online directly from the the usual Internet textbook resellers such as: Chegg.com or Cengagebrain.com. As outlined above, there are many buying options available. Pick the way that works best for you!

Quote

"The only man who never makes mistakes is the man who never does anything."

- Theodore Roosevelt

Midterm Exam
The midterm exam date is Oct 23.
Study Guide
Study the examples from the slides. Also, look into the homework questions. The exam will have 10 questions.
  • CIA triad
  • System access and authentication
  • vulnerability, threat and control
  • Information security threats
  • 7-layer OSI models
  • TCP
  • UDP
  • IP Addresses and Subnetting
  • Buffer Overflow
  • Denial of Service attack
  • Stages of Hacking
  • Port Scanning
  • Buffer Overflows
  • IP Spoofing
  • Denial-of-Service Attacks
  • ARP Poisoning
  • DNS Poisoning
  • Eavesdropping
  • Session Hijacking
Final Exam
The final exam date is TBA.
Study Guide
Study the examples from the slides. Also, look into the homework questions. The exam will have 12 questions.
  • Web Security
    • Malicious web content
      • Fake code
      • Substitute content
      • Web bug
      • Clickjacking
      • Drive-by download
    • Obtaining user or website data
      • Cross-site scripting
      • SQL injection
      • Dot-dot-slash
      • Server-side include
    • E-mail and instant messaging security
      • E-mail structure
      • Fake email/ spoofing
      • Link manipulation
      • Malicious attachments
      • Spam
      • Social engineering
      • Phishing
      • Spear phishing
      • Vishing
      • Email do's and don'ts
  • Malicious Code
    • Viruses
    • Worms
    • Polymorphic malware
    • Trojan horses
    • Rootkits
    • Logic bombs
    • Spyware
    • Adware
    • Botnets
    • Backdoors and trapdoors
    • Ransomware
    • Malware defenses
    • Cryptography
      • Introduction
        • Basic Terminology
        • Cryptosystem
        • Classical Cryptography
      • Transposition Techniques
        • Rail Fence Cipher
        • Interleaving Transposition Cipher
      • Substitution Techniques
        • Caesar Cipher
        • Monoalphabetic Cipher
        • Polyalphabetic Cipher
        • Playfair Cipher
        • Vigenere Cipher
        • One time pad (vernam) Cipher
      • Cryptographic Hash Function
        • One-way Hash Function Properties
        • Hashing Methodologies