CDA6938 Special Topic: Research in Computer and Network Security (spring’07)

1. CDA6938 Special Topic: Research in Computer and Network Security (spring’07) Class Overview

2. Tuesday/Thursday 4:30pm – 5:45pm • Office Hour: 2:30pm – 4:30pm • Eng3-335, czou@cs.ucf.edu, 407-823-5015 • Class webpage: • http://www.cs.ucf.edu/~czou/CDA6938

3. Why Am I Teaching This Course? • Computer and Network Security is important • A broad research/application issue • Impact on many important applications • Become more important as we rely heavily on computer and the Internet • Helpful to your study and future career: • If you plan to conduct security research related work • If you plan to conduct any research-related work • Help you to learn basic steps in conducting research • How to: Read paper? Find hole in paper? Find topic to do? Make presentation? Conduct collaborated research?

4. A “Seminar” Course • Focus on cybersecurity-related research • Study research papers, publications • Students must have active roles: • Present papers in class • Be active in class discussion, ask questions! • Count in your grade! • Not an introductory class on computer security • No lab experiments • No introduction on security appliance or cryptography • However, you are not required to have much knowledge of computer security beforehand

5. Prerequisite • You must have knowledge of computer networking! • TCP/IP, packet, Internet (addr., DNS, routing…) • Basic knowledge on: • Probability (most research work uses this!) • Software (stack, system call…) • Operating system

6. Class Grading Policy • Class presentations:                  20% • Homework (paper review/summary):      10% • In-class participation/discussion:    20% • Final term project:                   50% • Two students as a group • Will use +/- grading system

7. Topics Covered in Class • Focus mainly on wired Internet security • Internet worm, Internet security measurement • Honeypot, Spam, Denial-of-Service, Intrusion Detection • Network attack techniques • Host-based computer security • Software security, OS security • Will also cover: • Wireless security • Sensor network security issues • Wireless LAN security • More papers to be added in the following two weeks

8. Term Project • Two students form a group to do term project together • A research oriented term project • Project report follows the same format as a paper for publish • Learn how to conduct research and write paper • Form the group and decide the title 6-8 weeks later

9. Example of Term Project • Simple: • Survey of the state-of-art research work in a topic • Repeat and realize algorithm/experiments in a published paper • Middle: • Minor improvement of algorithms in published papers • Advanced: • Present a novel idea with support from simulation or real experiments • E.g., success in using an idea from another area to a new topic in computer security • Has potential to be developed as a published paper

10. What I know and Do not know • I know most research in Internet security • Especially on Internet worm, botnet, modeling • I have some knowledge in: • Intrusion detection, software security • Wireless security • Hence the course will evolve as we go on • I will also learn from this course

11. Class Format • Papers are grouped according to topics • As we move to a new topic, usually I will present a brief introduction • In each class, two students present two papers • Presentation: 25 min • Discussion: 10 min • My summary: 5 min (at the end if time allows) • Point out what you do right, wrong • Help you improve your paper reading, presentation skill

12. Next • I will give two presentations in this week • “Internet malware modeling and defense” • “Modeling and Measuring Botnet” • Objective: • Give you an example on paper presentation • Show how to ask questions in reading a paper • Show how to find points to do further research by yourself • Come ready to ask questions and discuss • Remember, class discussion counts 20% of grade!