As information systems, and Internet based systems and computer networks have became pervasive, coupled with the increased intensity and sophistication of security-related attacks, have generated need for comprehensive security strategy which encompasses the use of specialized hardware and software and trained personnel. The course intends to fullfil this need by covering the threats to computer and network systems, evaluating the risks of these threats, and developing countermeasures, by examining the security principles, design approaches, standards, and real-world examples.
Prerequisite(s)
-
Corequisite(s)
-
Special Requisite(s)
Students are expected to know the topics of the CSE3013 and CSE6032 courses.
Instructor(s)
Assist. Prof. Dr. Öznur Şengel
Course Assistant(s)
-
Schedule
Theory (A & B) Tuesday 11:00-12:45, Lab. (A) Tuesday 13:00-14:45, Lab. (B) Tuesday 15:00-16:45
Office Hour(s)
By appointment. To make an appointment, please contact me via e-mail 2 days in advance.
William Stallings, "Network Security Essentials: Applications and Standards", 6/E, 2017.
Other Sources
William Stallings, Lawrie Brown, "Computer Security: Principles and Practice", Prentice Hall, 4/E.
William Stallings, "Cryptography and Network Security Principles and Practice", 7/E.
Chuck Easttom, "Computer Security Fundementals", 3rd Edition.
Course Schedules
Week
Contents
Learning Methods
1. Week
Introduction and Syllabus (Chapter 1)
Oral presentation, Project
2. Week
Symmetric Encryption and Message Confidentiality (Chapter 2)
Oral presentation, Laboratory
3. Week
Public-Key Cryptography and Message Authentication (Chapter 3)
Oral presentation, Laboratory
4. Week
Key Distribution and User Authentication (Chapter 4)
Oral presentation, Laboratory
5. Week
Network Access Control and Cloud Security (Chapter 5)
Oral presentation, Laboratory
6. Week
Transport-Level Security (Chapter 6)
Oral presentation, Project
7. Week
Wireless Network Security (Chapter 7)
Oral presentation, Laboratory
8. Week
Midterm Examination
Midterm Examination
9. Week
Electronic Mail Security (Chapter 8)
Oral presentation, Laboratory
10. Week
IP Security (Chapter 9)
Oral presentation, Laboratory
11. Week
Malicious Software (Chapter 10)
Oral presentation, Project
12. Week
Intruders (Chapter 11)
Oral presentation, Laboratory
13. Week
Firewalls (Chapter 12)
Oral presentation, Laboratory
14. Week
Project Presentation
Oral presentation, Laboratory
15. Week
Review
Oral presentation, Project
16. Week
17. Week
Assessments
Evaluation tools
Quantity
Weight(%)
Midterm(s)
1
20
Project(s)
1
20
Lab Assignment(s)
5
20
Final Exam
1
40
Program Outcomes
PO-1
Adequate knowledge in mathematics, science and engineering subjects pertaining to the relevant discipline; ability to use theoretical and applied information in these areas to model and solve engineering problems.
PO-2
Ability to identify, formulate, and solve complex engineering problems; ability to select and apply proper analysis and modelling methods for this purpose.
PO-3
Ability to design a complex system, process, device or product under realistic constraints and conditions, in such a way so as to meet the desired result; ability to apply modern design methods for this purpose. (Realistic constraints and conditions may include factors such as economic and environmental issues, sustainability, manufacturability, ethics, health, safety issues, and social and political issues according to the nature of the design.)
PO-4
Ability to devise, select, and use modern techniques and tools needed for engineering practice; ability to employ information technologies effectively.
PO-5
Ability to design and conduct experiments, gather data, analyse and interpret results for investigating engineering problems.
PO-6
Ability to work efficiently in intra-disciplinary and multi-disciplinary teams; ability to work individually.
PO-7
Ability to communicate effectively, both orally and in writing; knowledge of a minimum of one foreign language.
PO-8
Recognition of the need for lifelong learning; ability to access information, to follow developments in science and technology, and to continue to educate him/herself.
PO-9
Awareness of professional and ethical responsibility.
PO-10
Information about business life practices such as project management, risk management, and change management; awareness of entrepreneurship, innovation, and sustainable development.
PO-11
Knowledge about contemporary issues and the global and societal effects of engineering practices on health, environment, and safety; awareness of the legal consequences of engineering solutions.
Learning Outcomes
LO-1
To be able to define, identify and describe security services, security mechanisms and security attacks.
LO-2
Understand the need and to be able to apply the different cryptographic techniques for providing various security services.
LO-3
Learn and be able to apply the different computer security technology components such as access control, firewall, intrusion detection and prevention, antimalware technologies, etc..
LO-4
To understand the security issues on the Internet and be able to apply the security principles and technologies while using applications such as FTP, email, Web, etc.
LO-5
Explain and demonstrate the threats to computer and network systems, evaluate the relative risks of these threats and develop cost effective and user-friendly countermeasures.
