Faculty Contact Information:
| To be provided on the first day of class. | |
Consultation:
|
Required Texts and Readings:
Proctor, P. E. (2001). The Practical Intrusion Detection Handbook. Upper Saddle River, NJ: Prentice Hall. ISBN 0-13-025960-8
Kruse II, W.G., & Heiser, J.G. (2002). Computer Forensics: Incident Response Essentials. New York: Addison-Wesley. ISBN 0-201-70719-5
American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, D.C.: APA. ISBN: 1-55798-791-2
| |
Supplementary Readings:
| All graduate students should be prepared to utilize the UMUC online library at http://www.umuc.edu/library/. The library contains a large number of full text academic journals that are free of charge and immediately available. The library homepage also contains a number of links related to improving students' research and writing skills. | |
Recommended Journals:
| Publications of the various professional societies (such as ACM -- the Association for Computing Machinery, the IEEE Computing Society, and the various management professional societies) are strongly recommended. In addition, there are many trade journals (such as eWEEK) that MIS professionals should become familiar with, many of these being published both weekly and on-line. | |
Course Description:
| Prerequisite: TLMN 672 or permission of the Program Director. The theory, skills, and tools needed in intrusion detection and computer forensics are the major themes in this course The course discusses techniques for identifying vulnerable target systems and types of malicious code, for mitigating security risks, and for recognizing attack patterns. It also presents the conceptual and operational tools necessary for analysis and resolution of problems with respect to effective filters and firewalls, attack tracing, system recovery, continuity of operation, evidence collection, evidence analysis, and prosecution. | |
Course Goals:
Upon successful completion of this course, the student should understand and be able to apply knowledge concerning:
- Theory, skills, and tools supporting intrusion detection.
- Theory, skills, and tools supporting incident response.
- Theory, skills, and tools supporting computer forensics.
- Current and emerging issues and trends in attacks on and protection of information systems.
| |
Course Objectives:
Upon successful completion, the student should be able to:
- Describe the principles of intrusion detection and computer forensics.
- Discuss techniques for identifying key systems vulnerabilities.
- Describe the major types of malicious code and techniques for mitigating security risk.
- Discuss various methods and techniques for recognizing attack patterns.
- Explain the various tools used for analysis and resolution of problems with filters and firewalls.
- Describe methods of attack tracing, evidence collection, and evidence analysis.
- Discuss methods and techniques for systems recovery and ensuring continuity of operations.
- Define major legal issues related to criminal prosecution and civil actions.
| |
Grading Information:
Final grades will be calculated as follows:
Midterm examination: 25%
Final examination: 25%
Research Paper: 40%
Lab and Other Assignments: 10%
According to the Graduate School grading policy, the following symbols and scale are used:
A = excellent (90-100)
B = good (80-89)
C = passing (70-79)
F = failure (less than 70)
The grade of "B" represents the benchmark for the Graduate School. It indicates the student has demonstrated competency in the subject matter of the course, i.e., has fulfilled all course requirements on time, has a clear grasp of the full range of course materials and concepts, and is able to present and apply these materials and concepts in clear, reasoned, well-organized and grammatically correct responses, whether written or oral.
Only students who fully meet this standard and, in addition, who demonstrate exceptional comprehension and application of the course subject matter, merit an "A."
Students who do not meet the benchmark standard of competency fall within the "C" range or lower. They, in effect, have not met graduate level standards. Where this failure is substantial, they earn an "F." | |
Course Requirements:
Details on the Analytic Research Paper.
A. Length and Style:
The body of an analytic research paper should be 10 pages in length and typed using the APA Guide. Student projects distill fundamental issues, discuss the various available solutions, discuss the benefits and limitations of the available solutions, and provide a new solution and justification. Student papers must state a thesis, and based on the research, attempt to prove or disprove that thesis. An adequate literature search will include a few books and journal articles (or other relevant documents). A search of Internet documentation is required. Students should develop a conclusion which synthesizes the literature in such a way as to demonstrate new knowledge.
B. Term Paper Process:
Students are required to use the structured approach to project construction to aid them in completing a successful paper. Students must turn in several interim products (deliverables) which are part of the term paper grade.
Session 3: Student proposes research paper topic for approval.
Session 9: Outline of the paper with major subject areas identified.
Session 13: Final paper.
C. Evaluation Criteria and Feedback:
The litmus test of a good research project is: "Does my research project provide the professor with new insight on my topic?" BR> | |
Description of Course Requirements:
Successful graduate students in American universities dedicate approximately three hours of preparation/study time for every hour spent in the face-to-face classroom. Thus, the course requirements were developed on the assumption that students would be prepared to spend approximately 150 hours of their own time working on them. In an 8-week term, that is the equivalent of a half-time job. Most graduate distance education courses require at least 10 hours per week of dedicated time, plus time spent in the virtual classroom.
STATEMENT ON WRITING REQUIREMENTS:
Effective managers and leaders are also effective communicators. Written communication is an important element of the total communication process. The Graduate School recognizes and expects exemplary writing to be the norm for course work. To this end, all analyses and papers must demonstrate graduate level writing ability and comply with the format requirements of the Publications Manual of the American Psychological Association. All writing assignments will be graded on the basis of content, logic, analysis, mechanics, organization, and research. Careful attention should be given to source citations, proper listing of references, the use of footnotes, and the presentation of tables and graphs. Work submitted online should follow standard procedures for formatting and citation.
POLICY ON ACADEMIC INTEGRITY:
Academic integrity is central to the learning and teaching process. Students are expected to conduct themselves in a manner that will contribute to the maintenance of academic integrity by making all reasonable efforts to prevent the occurrence of academic dishonesty. Academic dishonesty includes (but is not limited to) obtaining or giving aid on an examination, having unauthorized prior knowledge of an examination, doing work for another student, and plagiarism of all types.
PLAGIARISM:
Plagiarism is the intentional or unintentional presentation of another person's idea or product as one's own. Plagiarism includes, but is not limited to the following: copying verbatim all or part of another's written work; using phrases, charts, figures, illustrations, or mathematical or scientific solutions without citing the source; paraphrasing ideas, conclusions, or research without citing the source; and using all or part of a literary plot, poem, film, musical score, or other artistic product without attributing the work to its creator. Students can avoid unintentional plagiarism by following carefully accepted scholarly practices. Notes taken for papers and research projects should accurately record sources of material to be cited, quoted, paraphrased, or summarized, and papers should acknowledge these sources in footnotes. The penalties for plagiarism include a zero or a grade of F on the work in question, a grade of F in the course, suspension with a file letter, suspension with a transcript notation, or expulsion. Resubmission of course work from previous classes (whether or not taken at UMUC, UMUC-Europe or BSU), partially or in its entirety, is not acceptable in this course and will result in an automatic failure on the assignment.
DISABLED STUDENTS:
Students with disabilities who need to register or request services should contact the Staff Support Team four to six weeks in advance of registration to request and register for services.
COURSE EVALUATIONS:
Feedback on each graduate course and instructor is important to the university, your professor, and to all UMUC students. UMUC has the responsibility to assess the effectiveness of classroom instruction, and each student has the responsibility to provide accurate and timely feedback through completion of the course evaluation form. This is a shared obligation for us all. It is therefore important that you complete the evaluation form for each course you attend. This should be viewed as an additional course and program requirement. | |
Course Schedule:
SESSION 1: Introduction and Course Overview
Proctor, Chapters 1-2
SESSION 2:
Intrusion Detection Systems
Proctor, Chapters 3-4
SESSION 3:
Detection Technology, Techniques, and Myths
Proctor, Chapters 5-6 Due: Paper title
SESSION 4:
Effective Use of Forensics and Behavioral Forensics
Proctor, Chapters 7-8
SESSION 5:
Design for Compliance: Instructor Provided Material
SESSION 6:
Computer Forensics and Tracking Offenders
Kruse, Chapters 1-2
SESSION 7:
Midterm Exam
SESSION 8:
Examining Hard Drives and Storage Media
Kruse, Chapter 3
SESSION 9:
Encryption and Forensics, Data Hiding, and Hostile
Code Kruse, Chapters 4-6 Due: First section of research paper
SESSION 10:
Forensics Toolkit
Kruse, Chapter 7
SESSION 11:
Forensic Examination of Windows Computers
Kruse, Chapter 8
SESSION 12:
Forensic Examination of UNIX Computers
Kruse, Chapters 9-11
SESSION 13:
Due: Project Paper
SESSION 14:
Final Exam
| |
Academic Policies:
|
The University has a license agreement with Turnitin.com, a service that helps prevent plagiarism from internet resources. I may be using this service in this class by either requiring students to submit their papers electronically to Turnitin.com or by submitting questionable text on behalf of a student. If you or I submit part or all of your paper, it will be stored by Turnitin.com in their database throughout the term of the University's contract with Turnitin.com. If you object to this temporary storage of your paper, you must let me know no later than two weeks after the start of this class. Please Note: If you object to the storage of your paper on Turnitin.com, I may utilize other services to check your work for plagiarism
The official university policy on Plagiarism and Academic Dishonesty can be found at http://www.umuc.edu/policy/aa15025.shtml. Section I.C. states: "Faculty may determine if the resubmission of course work from previous classes (whether or not taken at UMUC), partially or in its entirety, is acceptable when assigning a grade on that piece of course work. Faculty must provide this information in their written syllabi. If the resubmission of course work is deemed to be unacceptable, a charge may not be brought under this Policy and will be handled as indicated in the written syllabi."
Please refer to Description of Course Requirements for specific information on how resubmissions will be treated in this course.
Students with disabilities should contact the appropriate support office at UMUC-Europe.
Jan Keller, Director of Student Services
UMUC-Europe, Heidelberg
Phone: +49-6221-378299
Email: edstudent_svc@ed.umuc.edu
Mailing Address: Unit 29216, APO AE 09102 OR Im Bosseldorn 30, D-69126 Heidelberg, Germany
Please refer to the UMUC-Europe Graduate Catalog for information on the following:
Academic Integrity
Course Load
Exception to Policy
Grade Appeal Process
Make-up Examinations
Nondiscrimination
Code of Civility
Hard copies of the catalog are available at your local Education Center. | |
Faculty Bio:
| Fred Deeter joined the UMUC faculty in April, 2000 and currently serves as Adjunct Associate Professor of Information Technology. He has more than ten years of college/university-level teaching experience, including: Norwich University in Northfield, Vermont; University of Maryland in Kunsan, Korea; Manatee Community College in Bradenton, Florida; and Western International University in Phoenix, Arizona. Mr. Deeter’s IT experience includes 22 years in commercial and DOD information systems as a Director of Information Technology, Operations Manager, Project Manager, Consultant, and Systems Analyst. He holds an MS in Computer Information Systems from Boston University and is presently Director & CIO of Information Technology at Honeywell Aerospace EMEA and AsiaPac. | |