To operate the Blended Learning Center(BLC) at optimal level, maintenance will be performed every day at 8:30 AM and at 5:00 PM regularly which can take up to 30 minutes. Please consider scheduling your activity in the BLC platform accordingly.
Topic outline
- General
General
Dear Students
Welcome to the Information Security (CSE 423) courses, I, Md. Fahad Hossain will be your co-pilot in this online journey of learning.
I care about your success in these courses. I'm glad you are here.
Md. Fahad Hossain
Lecturer, Department of Computer Science and Engineering
Daffodil International University
Md. Fahad Hossain
Lecturer, Department of CSE
Daffodil International University
Office: Room: 316(4), AB-4
Email: fahad.cse0365@diu.edu.bd
Phone: +8801946704373
Information security — or infosec — is the protection of information by people and organizations in order to keep information safe for themselves, their company, and their clients.Every organization needs protection against cyber attacks and security threats. Cybercrime and malware are constant threats to anyone with an Internet presence, and data breaches are time-consuming and expensive.The goal of IT security is to protect these assets, devices and services from being disrupted, stolen or exploited by unauthorized users, otherwise known as threat actors.
O1
To learn the basic concepts of Information Security.
O2
To learn the types of Cybercrime and Attacks.
O3
To learn the value of information to the modern organisation.
O4
To learn company Policies and Strategies to mitigate the security problems.
O5
To learn CIA triad of Confidentiality, Integrity and Availability.
CO1
Interpret the components, tools and techniques of Information Security systems
CO2
Analyze and resolve security issues in networks and computer systems to secure an IT infrastructure.
CO3
Learn to Develop policies and procedures to manage enterprise security risks.
CO4
Interpret and forensically investigate security incidents.
01
Cryptography_and_Network_Security
By William Stallings, Fourth Edition.
- Week - 1: Information Security and It’s Elements
Week - 1: Information Security and It’s Elements
Week - 1: Information Security and It’s Elements
Discussion Points:
- Introduction of information security
- Principles of Security (CIA Triad) and Five major Elements (Confidentiality, Integrity, Availability, Authenticity and Non-Repudiation)
- What is ‘Attack’ in information
- What is ‘Attack’ in information security and Classification of Attack (Active, Passive, Close-in Attack, Insider Attack and Distribution Attacks)
- Information Warfare
Expected Learning Outcomes:
- Recognize the Principles of Security and Five major Elements.
- Differentiate between computer security attack.
Resources of Learning:
Assignment-1
Restricted Not available unless: You belong to 52-K
Assignment-1
Restricted Not available unless: You belong to 52-J
- Week - 2: Ethical Hacking and Concept
Week - 2: Ethical Hacking and Concept
Week - 2: Ethical Hacking and Concept
Discussion Points:
- What and who is Hacker
- Hacker Classes (White, Black Gray)
- Cyber Attack
- Difference between Cyber security and Information Security
- Art and philosophy of hackers
- Story of Hacking
Resources of Learning:
- Week - 3: Security Risk Management
Week - 3: Security Risk Management
Week - 3: Security Risk Management
Discussion Points:
- Information Assurance
- What is Risk, Purpose, Risk Level
- Identification of Risk-Scenarios
- Relationship between Vulnerabilities and Risk Scenarios based on Assets
Resources of Learning:
Quiz-1(52-J)
Restricted Not available unless: You belong to 52-J
Quiz-1(52-K)
Restricted Not available unless: You belong to 52-K
- Week - 4: Security Risk Management(Contd.)
Week - 4: Security Risk Management(Contd.)
Week - 4: Security Risk Management
Discussion Points:
- Risk frequency based on Risk Scenarios on assets if vulnerability
- Risk Analysis
- Risk Rating Table
- Risk Determination
- Risk Rating Matrix and calculation
- Classification of Risk Trigger
- Business Impact Analysis (BIA)
- Estimated Downtime
Resources of Learning:
- Week - 5: Incident Management and AI and ML in Information Security
Week - 5: Incident Management and AI and ML in Information Security
Week - 5: Incident Management and AI and ML in Information Security
Discussion Points:
- Demonstration of Wavelength Division Multiplexing (WDM) and its applications
- Demonstration of Time Division Multiplexing (TDM) and its applications
- Discussion on Data rate management
Resources of Learning:
- Week -6: Malware
Week -6: Malware
Malware
Discussion Points:
- What is Malware
- Types of Malwares
- Ways for Malware to Enter
- APT & APT Characteristics
- APT Lifecycle
- Malware Generating
Resources of Learning:
- Week - 7: Malware Detection and Analysis
Week - 7: Malware Detection and Analysis
Week - 7: Malware Detection and Analysis
Discussion Points:
- Basic OS Auditing
- Static Analysis
- Dynamic Analysis
- Basic Reverse Engineering
Resources of Learning:
- Week - 8: Review of Previous Weeks
Week - 8: Review of Previous Weeks
Week - 8: Review of Previous Weeks
Discussion Points:
- Review the difficult topics of previous weeks specifically, Signal conversions and performance measurement
Assignment
Risk Management Assignment (52-J)
Restricted Not available unless: You belong to 52-J
Risk Management Assignment (52-J) (Late)
Restricted Not available unless: You belong to 52-J
Risk Management Assignment (52-K)
Restricted Not available unless: You belong to 52-K
Risk Management Assignment (52-K) (Late)
Restricted Not available unless: You belong to 52-K
- Presestation
Presestation
Presentation 52-J Assignment
Restricted Not available unless: You belong to 52-J
Presentation 52-K Assignment
Restricted Not available unless: You belong to 52-K
- Week - 7: Midterm Exam
Week - 7: Midterm Exam
Contents for Exam:
- Information Security and It’s Elements
- Ethical Hacking and Concept
- Security Risk Management
- Incident Management and AI and ML in Information Security
- Malware
- Malware Detection and Analysis
- Topic 11
Topic 11
Week - 9: Personal Device Security
Discussion Points:
- Basic OS Auditing
- Static Analysis
- Dynamic Analysis
- Basic Reverse Engineering
Resources of Learning:
- Topic 12
Topic 12
Week - 10: System hacking and Security
Discussion Points:
- Basic OS Auditing
- Static Analysis
- Dynamic Analysis
- Basic Reverse Engineering
Resources of Learning:
- Topic 13
Topic 13
Week - 11: Introduction to Encryption
Discussion Points:
- Basic OS Auditing
- Static Analysis
- Dynamic Analysis
- Basic Reverse Engineering
Resources of Learning:
- Topic 14
Topic 14
Week - 12: Cyber Law
Discussion Points:
- Basic OS Auditing
- Static Analysis
- Dynamic Analysis
- Basic Reverse Engineering
Resources of Learning: