Cyber Defense

EECS 465, Spring 2020

Updated! Course Details

Lectures Tuesday & Thursday 5:30pm - 6:45pm, 2002 Eaton Hall
Online format starting March 24th (more details available here)
Instructor Alex Bardas
Office Hours: Over Zoom every Tuesday 2:30pm - 4:30pm, and by email appointment
Zoom meeting details
: alexbardas ku edu
Grader/Teaching Assistant Dalton Hahn
Office Hours: Over Zoom every Wednesday 2:00pm - 3:00pm and by email appointment
Zoom meeting details
: daltonhahn ku edu

Syllabus

Check the "Syllabus" section on a regular basis since its content is subject to change throughout the semester.

Course Description

This course is focused on teaching KU students the critical knowledge and skills needed to administer and defend computer networks and systems. Lectures will mainly gravitate around hands-on activities and getting familar with the current cybersecurity landscape.

Textbook

(Optional) Charles P. Pfleeger, Shari Lawrence Pfleeger, and Jonathan Margulies. 2015. Security in Computing (5th Edition). Prentice Hall Press, Upper Saddle River, NJ, USA Other reading materials will be provided by the instructor.

Course Outcomes

This course has the following goals:

  1. Examining real software applications, operating systems, databases, and network systems using existing software tools to identify security threats, vulnerabilities, and employ remediation approaches.
  2. Understanding in a practical setting basic cybersecurity concepts such as reconnaissance, penetration testing, persistent access, etc.
  3. Understanding the behavior of software (and sometimes hardware) tools used for reconnaissance, penetration testing, and remediation.
  4. Analyzing social engineering through the capabilities available in existing software toolkits.

Important Dates

See the KU Registrar for important dates involving enrollement, add/drop, and refund information.

General Course Information

Attendance: Attendance is mandatory. Three unexcused absences will result in a failing grade for this course. (Update! This does not apply to the recorded lectures.)

Announcements: You are responsible for all announcements we make in class, such as information about exams, presentations, changes in the syllabus, etc.

Assignment/Homework Submission: Usually assignments are due at 11:59PM Central Time via Blackboard (unless otherwise specified) according to the date posted in the assignment. In general, expect a 20% per day penalty for late submissions. One minute or 23 hours still count as a whole late day. Each calendar day counts as a late day. In case a solution will be made available by the instructor, late submissions will no longer be accepted.

Academic Integrity - Addressing Cheating and Plagiarism

Cheating and plagiarism will not be tolerated and will be treated severely whenever found. Unless an assignment explicitly states otherwise, all work submitted for credit must be the student's own and is subject to the provisions of the University of Kansas policies. Sharing your work or copying is cheating, and submitting a work that is not all yours is also considered cheating. Any cheating activities will result in an F for the course for all parties involved. Reports of such detected academic misconduct will also be made to your major department, school/college, and university, which oftentimes will result in more serious sanctions. Students should review the university policy on academic conduct. "Academic integrity is a central value in higher education. It rests on two principles: first, that academic work is represented truthfully as to its source and its accuracy, and second, that academic results are obtained by fair and authorized means. Academic misconduct occurs when these values are not respected. Academic misconduct at KU is defined in the University Senate Rules and Regulations." -- KU Student Affairs
From Section 2.6.1 of the University Senate Rules and Regulations: Academic misconduct by a student shall include, but not be limited to, disruption of classes; threatening an instructor or fellow students in an academic setting, giving or receiving of unauthorized aid on examinations or in the preparation of notebooks, themes, reports or other assignments; knowingly misrepresenting the source of any academic work; unauthorized change of grades; unauthorized use of University approvals or forging of signatures; falsification of research results, plagiarizing of another’s work; violation of regulations or ethical codes for the treatment of human and animal subjects; or otherwise acting dishonestly in research.

Citing Sources: If you use any code, such as a library or an existing codebase, you must cite it. Not doing so is considered plagiarism and cheating. If in doubt, please ask.

Updated! Grading

Points Distribution. See "Online Transition" slides and video for more details.

Attendance, class activities, and participation
(every student will be awarded the points for recorded lectures)		 35%
Final exam (format: TBD) 15%
Presentations/assignments
(adjustements covered in slides and video)		 50%
Grading scheme. (The instructor also intends to curve raw scores at the end of the semester)
A 90% +
A- 88% - 89%
B+ 86% - 87%
B 80% - 85%
B- 78% - 79%
C+ 76% - 77%
C 70% - 75%
C- 68% - 69%
D+ 66% - 67%
D 60% - 65%
D- 50% - 59%
F   0% - 49%
Final exam:

Presentations: The order for the presentations will be determined using an online random number generator. If you have any situational time conflicts, please inform the instructor. However, there is no guarantee that a presentation can be rescheduled.

Appeals: Should you wish to appeal a grade that you have received, you must do so within one week of receiving the graded item.

Grade Responsibilities: This course uses Blackboard mainly for storing and displaying the grades. When explicitly directed by the instructor or grader/TA, Blackboard may be used for uploading assignments/presentation slides. If you have not received a grade you were expecting it is your responsibility to email your instructor no later than 2 weeks past the due date of the grade in question.

Accommodations for Students with Disabilities

The Academic Achievement & Access Center (AAAC) coordinates academic accommodations and services for all eligible KU students with disabilities. If you have a disability for which you wish to request accommodations and have not contacted the AAAC, please do so as soon as possible. They are located in 22 Strong Hall and can be reached at 785-864-4064 (V/TTY). More information can be found on the Student Access Services website. Please contact the instructor privately in regard to your needs in this course.

Expectation of Classroom Conduct

The instructor, Alexandru G. Bardas, considers this classroom to be a place where you will be treated with respect as a human being - regardless of gender, race, ethnicity, national origin, religious affiliation, sexual orientation, gender identity, political beliefs, age, or ability. Additionally, diversity of thought is appreciated and encouraged, provided you can agree to disagree. Activities within the University of Kansas community, including this course, are governed by the Code of Student Rights and Responsibilities. It is the instructor's expectation that all students experience this classroom as a safe environment.

Concealed Carry. Individuals who choose to carry concealed handguns are solely responsible to do so in a safe and secure manner in strict conformity with state and federal laws and KU weapons policy. Safety measures outlined in the KU weapons policy specify that a concealed handgun:

Notice of Copyright and Commercial Note-taking

All lectures and course materials carry a copyright of Alexandru G. Bardas and other authors. Pursuant to the University of Kansas’ Policy on Commercial Note-Taking Ventures, commercial note-taking is not permitted in EECS 465 - Cyber Defense (Spring 2020). Lecture notes and course materials may be taken for personal use, for the purpose of mastering the course material, and may not be sold to any person or entity in any form. Any student engaged in or contributing to the commercial exchange of notes or course materials will be subject to discipline, including academic misconduct charges, in accordance with University policy. Please note: note-taking provided by a student volunteer for a student with a disability, as a reasonable accommodation under the ADA, is not the same as commercial note-taking and is not covered under this policy.

Schedule

NOTE: Schedules are tentative and subject to change.

Course Schedule

Updated on a regular basis. Use your KU Online ID (all numeric is not correct) and password to access the slides and other materials.

Jan 21, 2020 Lecture 1 Introduction and Undergraduate Cybersecurity Certificate slides-intro, slides-cert
Jan 23, 2020 Lecture 2

Networking Terminology and Clonezilla

Supplemental readings:
  • (Optional) Textbook: C. P. Pfleeger, S. Lawrence Pfleeger, and J. Margulies. 2015.
    Security in Computing (5th Edition) - Chapter 11 and Chapter 6: Section 6.1
 slides-net, slides-clonezilla
Jan 28, 2020 Lecture 3 Reconnaissance (Part 1) slides
Jan 30, 2020 Lecture 4

Reconnaissance (Part 2)

Supplemental readings:
  • (Optional) Textbook: C. P. Pfleeger, S. Lawrence Pfleeger, and J. Margulies. 2015.
    Security in Computing (5th Edition) - Chapter 1: Sections 1.4 and 1.5
 slides
Feb 4, 2020 Lecture 5

Exploiting vulnerabilities and Metasploit overview

Supplemental readings: 		slides
Feb 6, 2020 Homework 1
(Lecture 6)

Introduction to SQL injections and Homework 1 background

Supplemental readings: 		hw1, sql-slides, hw1-slides
Feb 11, 2020 Lecture 7

Metasploit activities

Supplemental readings: 		slides
Feb 13, 2020 Lecture 8 Password Cracking (Part 1) slides
Feb 18, 2020 Lecture 9

Password Cracking (Part 2)
Practice files can be found here

Supplemental readings: 		slides
Feb 20, 2020 Pres. Details
Pres. 1 Schedule (Lecture 10) 		Summarize reconnaissance, exploiting vulnerabilities, and password cracking
Presentations: detailed slides and evaluation sheet
Presentations 1: schedule 		hw1-feedback
Feb 25, 2020 Presentations 1 (Lecture 11) Reconnaissance, Exploiting Vulnerabilities, and Password Cracking (Part 1) slides
Feb 27, 2020 Presentations 1 (Lecture 12) Reconnaissance, Exploiting Vulnerabilities, and Password Cracking (Part 2) slides
Mar 3, 2020 Lecture 13 An Overview of Enterprise Network Defenses and Threats
Feedback Presentations 1: slides 		slides
Mar 5, 2020 Lecture 14 Firewalls
No in-class lecture, please watch the recorded video 		slides, video
Spring Break
 No Lectures
Extended Break
 No Lectures: University-wide adjustements due to extordinary circumstances

Online Transition online

 slides, video
Mar 24, 2020
online		 Lecture 15 DoS and DDoS attacks (Part 1)
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Mar 26, 2020
online		 Homework 2
(Lecture 16)		 DoS and DDoS attacks (Part 2)
Questions? Please send me an email or join the Zoom meeting during office hours 		hw2, slides, video
Mar 31, 2020
online		 Lecture 17

Sniffing Network Traffic

Supplemental readings:
  • (Optional) Textbook: C.P. Pfleeger, S. Lawrence Pfleeger, and J. Margulies. 2015.
    Security in Computing (5th Edition) - Chapter 6.1 and 6.2
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 2, 2020
online		 Lecture 18 Interacting with Network Traffic
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 7, 2020
online		 Lecture 19 Wireless Networks Cracking - WEP
WEP instructions handout: wep-handout
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 9, 2020
online		 Lecture 20 Wireless Networks Cracking - WPA, WPA2, and WPA3
WPA/WPA2 instructions handout: wpa/wpa2-handout
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 14, 2020
online		 Homework 3
(Lecture 21)		 Logging and Auditing Processes
Questions? Please send me an email or join the Zoom meeting during office hours 		hw3, slides, video
Apr 16, 2020
online		 Lecture 22 Overview of Security Onion
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 21, 2020
online		 Lecture 23 Latest Trends in Cybersecurity
Feedback Homework 2: hw2-feedback
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
Apr 23, 2020
online		 Lecture 24 Upcoming Schedule and Introduction to Presentation 2
Questions? Please send me an email or join the Zoom meeting during office hours 		video
Apr 28, 2020
online		 Presentation 2
(Lecture 25)		 Working on the Presentation 2 Report
Feedback Homework 3: hw3-feedback
Questions? Please send me an email or join the Zoom meeting during office hours 		pres2-report-details
Apr 30, 2020
online		 Presentation 2
(Lecture 26)		 Working on the Presentation 2 Report
Deadline for the Presentation2 report: Sunday, May 3 at 11:59PM CT
Questions? Please send me an email or join the Zoom meeting during office hours 		pres2-report-details
May 5, 2020
online		 Lecture 27 Final Exam Review
Questions? Please send me an email or join the Zoom meeting during office hours 		slides, video
May 7, 2020
online		 Lecture 28 Advice and Q&A (Live Discussion Session over Zoom 5:30pm - 6:30pm)
Joining the discussion session is highly encouraged but not mandatory
Deadline for submitting the extra-credit assignment: Thursday, May 7, at 11:59pm CT
Reminder: KU Undergraduate Cybersecurity Certificate
 Zoom-meeting
May 12, 2020 Final Exam

Take-home exam
Feedback Presentation 2: available on Blackboard

 details

Extra Credit

You can earn an extra 5% on your final grade by identifying, reading, and summarizing 5 IEEE, ACM, and/or USENIX conference or journal articles. Other societies may also be accepted, please contact directly the instructor about this matter. Partial credit will also be awarded for less than 5 articles.

Requirements:

Articles serving as class reading materials (i.e., posted in the course schedule) can NOT be used for extra credit.

Note! If you are not sure whether an article is appropriate for earning extra credit, write a few lines about why you think the article is related to the material covered in class and feel free to contact the instructor.

Note! You can access directly IEEE and ACM articles for free if you are connected to KU's network (e.g., wireless JAYHAWK network). You can also use the following links (especially when you are off-campus): ACM-Digital-Library, IEEE-Xplore. Other societies such as USENIX may have all materials available for free from any network.

Important! Besides the instructor's and the grader's/TA's assessments, your summaries will be ran through software applications (Blackboard's SafeAssign and one other application) for identifying plagiarism. Read the articles, write your own summaries, and you will be rewarded.


Updated! Tentative Roadmap

Week Week of Topic(s) Notes
1 1/21 Introduction and networking primer
2 1/27 Reconnaissance
3 2/3 Exploiting vulnerabilities: SQL injections and introduction to Metasploit Assigning Homework 1
4 2/10 Metasploit activities
5 2/17 Password cracking
6 2/24 Presentations: Reconnaissance, exploiting vulnerabilities, and password cracking
7 3/2 Enterprise network defenses
8 3/9 Spring break No lectures
9 3/16 Extended Spring break (details) No lectures
10 3/23 DoS and DDoS attacks — format: online Assigning Homework 2
11 3/30 Sniffing network traffic — format: online
12 4/6 Wireless networks cracking — format: online
13 4/13 Logging & Auditing — format: online Assigning Homework 3
14 4/20 Latest trends in cybersecurity — format: online
15 4/27 Presentations: Enterprise defenses, sniffing traffic, (D)DoS attacks, wireless networks, and logging&auditing Details: TBA
16 5/4 Review sessions — format: online
17 5/11 Finals week — format: TBA