MINT 712
MINT 712 Internet Security
Calendar Description:
*3 (fi 6) (variable, 36 hours) Security: vulnerabilities of Internet protocols, penetration techniques and defenses, intrusion detection systems. Cryptography: Public and private key cryptography, key negotiation, certificates. E-commerce security standards for both protocols and hosts. Offered jointly by the Department of Electrical and Computer Engineering and the Department of Computing Science.
General Information:
Term: Winter
Location & Schedule: Bear Tracks
Objectives and Overview:
Technology and the Internet have become an integral part of our everyday lives and they are significantly impacting our culture and society. They provide us with instant access to vast knowledge bases of information, the ability to work from anywhere, to ability manage our finances and pay our bills without having to go into a bank and to even turning on or off our lights at home from anywhere in the world.
No one will argue that the last 25 years of advances in technology and the Internet have provided us with many benefits, however these advances have their dark side as well. Cybercrime is increasing at a rate never seen before, with cyber-attacks that allow the attacker to harvest personal and financial information of millions people, simply by breaking into and stealing the data captured in the databases of large organizations. This information is often sold and used to commit identity theft, fraud and other crimes against innocent people who did nothing more than order a gift online or pay for their groceries with their credit card.
The overall objective of this course is to provide the student with a foundation of knowledge that they may use to build defense-in-depth security solutions that protect the organization's they will work for in the future. It will start with and introduction into the world of IT security, including how the attackers (aka hackers) gather information on the organizations they are targeting. From, there the focus will move towards the knowledge and technologies that can be used to protect the organization's data, which, for the organization and attacker is where the real money is.
Course Topics:
Topics for the course include; common reconnaissance and attack methods, encryption basics and designing a defense-in-depth solution the works for your organization. The course will have several challenging lab and reports to be completed which will give the students insight into:
- the security weaknesses of many existing systems
- the complexity of cryptography
- where to find information on potential attacks
- implementing tools to detect attacks
- the process of monitoring and testing for system vulnerabilities
Marking Breakdown:
First 2-Week Break
Lab #1: Weight 10%
Report #1: Weight 20%
Second 2-Week Break
Lab #2: Weight 20%
Lab #3: Weight 20%
Final Theory Exam
Exam: Weight 30%
Academic Integrity:
The University of Alberta is committed to the highest standards of academic integrity and honesty. Students are expected to be familiar with these standards regarding academic honesty and to uphold the policies of the University in this respect. Students are particularly urged to familiarize themselves with the provisions of the Code of Student Behaviour (online at /law/student-resources/graduate-resources/integrity-and-responsibilities) and avoid any behaviour which could potentially result in suspicions of cheating, plagiarism, misrepresentation of facts and/or participation in an offense. Academic dishonesty is a serious offense and can result in suspension or expulsion from the University. (GFC 29 SEP 2003)
Collaboration:
While you may discuss your individual coursework with other students, the work claimed and submitted in your name must be your own. That said, there are assignment and project-specific policies on how much source code from publicly available sources may be borrowed. Always give proper credit to the original developers in your source code and documentation. Ask permission beforehand if you intend to recycle your work from another course in this course. More details on Appropriate Collaboration is given here.
Regulations listed in the GFC Policy Manual and the University Calendar will be used in resolving any discrepancies.