Courses

ITS 35000 Systems Assurance

This course covers the implementation of systems assurance with computing systems. Topics include confidentiality, integrity, authentication, non-repudiation, intrusion detection, physical security, and encryption. Extensive laboratory exercises are assigned.

Required course.

Time & Place

2:00pm-4:00pm
Monday and Wednesday

Textbook

  1. Computer Security: Principles & Practice, Stallings & Brown, 2d Edition
  2. Computer Security: Art and Science, Matt Bishop, Pearson, 2002

Instructor

Ricardo A. Calix, Ph.D.
Computer Information Technology and Graphics
Purdue University Calumet
ricardo.calix@purduecal.edu

Office Hours

241 Anderson, Tuesday and Thursday, 2-4 PM

Assignments

  1. Problem Set 1: Encryption
  2. Problem Set 2: Scanning and Penetration Testing
  3. Problem Set 3: Metasploit
  4. Term Project: Write a paper on a specific exploit and implement it
 

Labs

  1. Lab 1: Crypto Lab - Secret Key Encryption
  2. Lab 2: Crypto Lab - One Way Hash Function
  3. Lab 3: Crypto Lab - Public Key Infrastructure (PKI) [Part A] (Tasks 1, 2, 3)
  4. Lab 4: Crypto Lab - Public Key Infrastructure (PKI) [Part B] (Tasks 5, 6) and RSA encryption algorithm
  5. Lab 5: Crypto Lab - Python Public Key/Private Key Encryption [Part A]
  6. Lab 6: Crypto Lab - Python Public Key/Private Key Encryption [Part B]
  7. Lab 7: Virus coding, Term Project and Catch-up Lab
  8. Lab 8: Intro to Exploits and Metasploit
  9. Lab 9: Intelligence Gathering with Metasploit and Intro to FairuzaWRT
  10. Lab 10: Exploits with Metasploit (Samba vulnerability in Linux), Denial-of-Service Attack Perl scripting, and FairuzaWRT
  11. Lab 11: Metasploit Meterpreter and FairuzaWRT
  12. Lab 12: Metasploit Auxiliary Modules
  13. Lab 13: Metasploit Building Your Own Module
  14. Lab 14: Meterpreter Scripting
  15. Lab 15: Build a port scanner with NMAP and an exploit using Python

 

Useful

Example problems will be provided as required. 

We will use the following software and hardware:

  1. VMWare Workstation 7
  2. Metasploit
  3. SEED Ubuntu pre-built Virtual Machine
  4. Ubuntu Linux 10.10 Virtual Machine  
  5. FairuzaWRT with Nmap on the wrt54gs
  6. Windows XP SP2 Virtual Machine
  7. FairuzaWRT Penetration Testing Tool (Hardware: WRT54GS v1)
  8. Python, Perl, and Ruby
  9. Metasploitable 2
  10. Linksys WRT54GS v1

 

Calendar Fall 2012 (subject to change)

Sun Mon Tue Wed Thu Fri Sat
Aug 19 Aug 20        L1: Introduction Aug 21

 

Aug 22
Lab 1: Crypto Lab - Secret Key Encryption
Aug 23

 

Aug 24 Aug 25
Aug 26 Aug 27
L2: Intro to Cryptography, One Time Pad
Aug 28

 

Aug 29
Lab 2: Crypto Lab - One Way Hash Function

Aug 30
 

Aug 31 Sept 1
Sept 2 Sept 3

Labor day

Sept 4
 

 

Sept 5
L3: Cryptography
Lab 3: Crypto Lab - Public Key Infrastructure PKI (Part A)
Sept 6         Sept 7 Sept 8
Sept 9 Sept 10        L4: Cryptography

Quiz 2   

Sept 11       Sept 12      

Lab 4: Crypto Lab - Public Key Infrastructure PKI (Part B)

Sept 13

 
Sept 14 Sept 15
Sept 16 Sept 17

L5: User Authentication, Access Control

Sept 18

 

Sept 19  

Lab 5: Python Crypto Lab - Public Key / Private Key (Part A)

Sept 20
 

Sept 21 Sept 22
Sept 23 Sept 24

 

Exam 1

 

Sept 25

 
 

Sept 26           L6: Penetration Testing            Lab 6: Python Crypto Lab - Public Key / Private Key (Part B)

Sept 27
 
Sept 28 Sept 29
Sept 30 Oct 1

L7: Malicious Software

Oct 2

 


 

Oct 3    

Lab 7: Virus Coding, Term Project and Catch-up     

Oct 4
 
Oct 5
 
Oct 6
Oct 7 Oct 8

L8: Intrusion Detection

Oct 9
 
Oct 10     

Lab 8: Intro to Exploits (Metasploit)

Oct 11
 
Oct 12 Oct 13
Oct 14 Oct 15

Fall Break

Oct 16

Fall Break

Oct 17         L9: Denial of Service Attack

Lab 9: Intelligence Gathering with Metasploit

Oct 18 Oct 19 Oct 20
Oct 21 Oct 22

L10: Firewalls

Oct 23        Oct 24
Lab 10: FairuzaWRT, Metasploitable, Denial Of Service Attacks  
Oct 25
 
Oct 26 Oct 27
Oct 28 Oct 29     

L11: Operating System Security

Oct 30       Oct 31

Lab 11:Metasploit Meterpreter

 

Nov 1
 
Nov 2 Nov 3
Nov 4 Nov 5

 

Exam 2

 

Nov 6        Nov 7         L12: Physical and infrastruct. Security

Lab 12: Project Metasploit Auxiliary Modules

Nov 8
 
Nov 9 Nov 10
Nov 11 Nov 12      L13: Security Auditing, IT Security mgmt. and risk asses.

Nov 13
 

Nov 14        Lab 13: Metasploit Build Your Own Module (Ruby)

Nov 15
 

Nov 16
 
Nov 17
Nov 18 Nov 19      L14: IT  controls

Lab 14: Meterpreter Scripting

Nov 20      Nov 21
 

 

Nov 22

Thanksgiving

Nov 23
 
Nov 24
Nov 25

Nov 26      L15:  Human Factors

Nov 27       Nov 28
Lab 15: Python Scripting a port scanner and exploit
Nov 29

 

Nov 30
 
Dec 1
Dec 2 Dec 3       Term Project  Presentations Dec 4 Concentrated Study

 

Dec 5
Course wrap-up
Dec 6        Concentrated Study

 

Dec 7
Last Day of Classes
Dec 8
Dec 9 Dec 10
Finals
Dec 11
Finals
Dec 12
Finals
Dec 13
Finals
Dec 14
Finals
Dec 15