Computer Security (CIS-3240) Home Page
This is the home page for Peter Chapin's Computer Security course notes for the Fall 2024
semester. Here you will find electronic versions of class handouts, homework assignments,
lecture slides, and links to other references of interest. If you are a student taking Computer
Security, you should bookmark this page.
Lectures will be via Zoom.
Lecture Topics
The lectures for this course will be taught via Zoom.
- 2024-08-26.
Introduction to the course and overview of some basic concepts in computer security.
- 2024-08-28.
Discussed general concepts of symmetric encryption. Demonstrated the hexdump and count
utilities and the substitution cipher program.
- 2024-09-04.
Introduced Feistel ciphers and DES.
- 2022-09-09.
Discussed the AES. Introduced the
One-Time Pad.
- 2024-09-11.
Discussed the "three gnomes." Introduced block cipher modes. Discussed ECB mode, CBC mode,
CFB, and CTR mode.
- 2024-09-16.
Discussed cryptographic hash functions.
- 2024-09-18.
Discussed GCM. Introduced public key cryptography.
- 2024-09-23.
Continued discussion of public key cryptography. Discussed certificate chains.
- 2024-09-25.
Discussed/demonstrated GPG. Introduced random number generation.
- 2024-09-30.
Finished discussion of random number generation. Introduced security protocols via the timestamp protocol.
- 2024-10-02.
Review of timestamp protocol. Introduced SPN. Discussed an example of a voting protocol.
- 2024-10-07. No class (Vacation).
- 2024-10-09. No class (Vacation).
- 2024-10-14.
Introduced TLS.
- 2024-10-16.
Continued discussion of TLS.
- 2024-10-21.
Discussed the Kerberos authentication protocol. Introduced
host-based security.
- 2024-10-23.
Continued discussing host-based security and issues in access control (access control matrix,
ACLs, capabilities, groups/roles). Introduced DAC vs. MAC. Discussed multi-level security.
- 2024-10-28.
Continued discussing ACLs by demonstrating them (along with related issues) on Linux.
- 2024-10-30.
ACL demonstrations on Windows, using both the file system and the registry.
- 2024-11-04.
Introduced distributed access control, trust management, and the RT trust management system.
- 2024-11-06.
Discussed Linux kernel security features with a focus on SELinux.
- 2024-11-11. No class.
- 2022-11-13.
Discussed basic firewall configurations.
- 2024-11-18.
Additional comments about SELinux. Introduced IPsec.
- 2024-11-20.
Discussed CVEs and CWEs. Discussed buffer overflow vulnerabilities.
- 2024-11-25. No class (Vacation).
- 2024-11-27. No class (Vacation).
- 2024-12-02.
Discussed Homework #5.
- 2024-12-04.
Discussed password cracking programs (John the Ripper, Hashcat)
Slides
Homework
- Homework #1 Basic Security Concepts (DocBook source). Due: 2024-09-06
- Homework #2 Block Ciphers (DocBook
source). Due: 2024-09-20
- Homework #3 Hashes and Public Key Cryptography (DocBook source). Due: 2024-10-18
- Homework #4 Security Protocols. (DocBook source). Due: 2024-11-01
- Homework #TLS. TLS. (DocBook
source). This is a potential extra credit assignment if there is interest (let me know).
- Homework #5 Host Security. (DocBook
source). Due: 2024-12-13
Resources/Articles
General References and Utilities
Cryptography
Security Protocols
Network Security
Host Security
Last Revised: 2024-12-08
Copyright 2024 by Peter Chapin <peter.chapin@vermontstate.edu>