Topic outline

  • General


    WELCOME LETTER

    Dear Students

    Welcome to the Information Security (CSE 423) courses, I, Md. Fahad Hossain will be your co-pilot in this online journey of learning.

    I care about your success in these courses. I'm glad you are here.

    Md.  Fahad Hossain
    Lecturer, Department of Computer Science and Engineering
    Daffodil International University

    profile_pic

    Md. Fahad Hossain

    Lecturer, Department of CSE

    Daffodil International University

    Office: Room: 316(4), AB-4

    Email: fahad.cse0365@diu.edu.bd

    Phone: +8801946704373

    Course Rationals

    Information security — or infosec —  is the protection of information by people and organizations in order to keep information safe for themselves, their company, and their clients.Every organization needs protection against cyber attacks and security threats. Cybercrime and malware are constant threats to anyone with an Internet presence, and data breaches are time-consuming and expensive.The goal of IT security is to protect these assets, devices and services from being disrupted, stolen or exploited by unauthorized users, otherwise known as threat actors.

    Course Objectives

    O1
    To learn the basic concepts of Information Security.
    O2
    To learn the types of Cybercrime and Attacks.
    O3
    To learn the value of information to the modern organisation.
    O4
    To learn company Policies and Strategies to mitigate the security problems.
    O5
    To learn CIA triad of Confidentiality, Integrity and Availability.

    Course Outcomes

    CO1
    Interpret the components, tools and techniques of Information Security systems
    CO2
    Analyze and resolve security issues in networks and computer systems to secure an IT infrastructure.
    CO3
    Learn to Develop policies and procedures to manage enterprise security risks.
    CO4
    Interpret and forensically investigate security incidents.

    TEXT/REFERENCE BOOKS

    01
    Cryptography_and_Network_Security
    By William Stallings, Fourth Edition.

    Assessment Plan

    Final Exam
    40
    Mid-term Exam
    25
    3 Class Tests
    15
    Attendance
    07
    Assignment
    05
    Presentation
    08
    Total
    100

  • Week - 1: Information Security and It’s Elements

    Week - 1: Information Security and It’s Elements

    Discussion Points: 

          • Introduction of information security
          • Principles of Security (CIA Triad) and Five major Elements (Confidentiality, Integrity, Availability, Authenticity and Non-Repudiation)
          • What is ‘Attack’ in information
          • What is ‘Attack’ in information security and Classification of Attack (Active, Passive, Close-in Attack, Insider Attack and Distribution Attacks)
          • Information Warfare

    Expected Learning Outcomes:

          • Recognize the Principles of Security and Five major Elements.
          • Differentiate between computer security attack.

    Resources of Learning:


    • Open Discussion Forum
    • Assignment-1
      Opened: Monday, 8 August 2022, 12:00 AM
      Due: Thursday, 11 August 2022, 12:00 AM
      Restricted Not available unless: You belong to 52-K
    • Assignment-1
      Opened: Thursday, 11 August 2022, 12:00 AM
      Due: Thursday, 18 August 2022, 12:00 AM
      Restricted Not available unless: You belong to 52-J

  • Week - 2: Ethical Hacking and Concept

    Week - 2: Ethical Hacking and Concept

    Discussion Points: 

          • What and who is Hacker
          • Hacker Classes (White, Black Gray)
          • Cyber Attack
          • Difference between Cyber security and Information Security
          • Art and philosophy of hackers
          • Story of Hacking

    Resources of Learning:

  • Week - 3: Security Risk Management

    Week - 3: Security Risk Management

    Discussion Points: 

          • Information Assurance
          • What is Risk, Purpose, Risk Level
          • Identification of Risk-Scenarios
          • Relationship between Vulnerabilities and Risk Scenarios based on Assets

    Resources of Learning:

  • Week - 4: Security Risk Management(Contd.)

    Week - 4: Security Risk Management

    Discussion Points:

          • Risk frequency based on Risk Scenarios on assets if vulnerability
          • Risk Analysis
          • Risk Rating Table
          • Risk Determination
          • Risk Rating Matrix and calculation
          • Classification of Risk Trigger
          • Business Impact Analysis (BIA)
          • Estimated Downtime

    Resources of Learning:

  • Week - 5: Incident Management and AI and ML in Information Security

    Week - 5: Incident Management and AI and ML in Information Security

    Discussion Points: 

          • Demonstration of Wavelength Division Multiplexing (WDM) and its applications
          • Demonstration of Time Division Multiplexing (TDM) and its applications
          • Discussion on Data rate management

    Resources of Learning:

  • Week -6: Malware

    Malware

    Discussion Points: 

          • What is Malware
          • Types of Malwares
          • Ways for Malware to Enter
          • APT & APT Characteristics
          • APT Lifecycle
          • Malware Generating

    Resources of Learning:

  • Week - 7: Malware Detection and Analysis

    Week - 7: Malware Detection and Analysis

    Discussion Points: 

          • Basic OS Auditing
          • Static Analysis
          • Dynamic Analysis
          • Basic Reverse Engineering

    Resources of Learning:

  • Week - 8: Review of Previous Weeks

    Week - 8: Review of Previous Weeks

    Discussion Points: 

          • Review the difficult topics of previous weeks specifically, Signal conversions and performance measurement

    Assignment

    • Risk Management Assignment (52-J)
      Opened: Friday, 16 September 2022, 12:00 AM
      Due: Thursday, 6 October 2022, 11:59 PM
      Restricted Not available unless: You belong to 52-J
    • Risk Management Assignment (52-J) (Late)
      Opened: Friday, 16 September 2022, 12:00 AM
      Due: Thursday, 6 October 2022, 11:59 PM
      Restricted Not available unless: You belong to 52-J
    • Risk Management Assignment (52-K)
      Opened: Friday, 16 September 2022, 12:00 AM
      Due: Thursday, 6 October 2022, 11:59 PM
      Restricted Not available unless: You belong to 52-K
    • Risk Management Assignment (52-K) (Late)
      Opened: Friday, 16 September 2022, 12:00 AM
      Due: Thursday, 6 October 2022, 11:59 PM
      Restricted Not available unless: You belong to 52-K

  • Presestation


    Presentation

    • Presentation 52-J Assignment
      Opened: Saturday, 29 October 2022, 12:00 AM
      Due: Monday, 31 October 2022, 11:00 PM
      Restricted Not available unless: You belong to 52-J
    • Presentation 52-K Assignment
      Opened: Saturday, 29 October 2022, 12:00 AM
      Due: Monday, 31 October 2022, 11:00 PM
      Restricted Not available unless: You belong to 52-K

  • Week - 7: Midterm Exam



    Contents for Exam:

            • Information Security and It’s Elements
            • Ethical Hacking and Concept
            • Security Risk Management
            • Incident Management and AI and ML in Information Security
            • Malware
            • Malware Detection and Analysis

  • Topic 11

    Week - 9: Personal Device Security

    Discussion Points: 

          • Basic OS Auditing
          • Static Analysis
          • Dynamic Analysis
          • Basic Reverse Engineering

    Resources of Learning:

    • Topic 12

      Week - 10: System hacking and Security

      Discussion Points: 

            • Basic OS Auditing
            • Static Analysis
            • Dynamic Analysis
            • Basic Reverse Engineering

      Resources of Learning:

      • Topic 13

        Week - 11: Introduction to Encryption

        Discussion Points: 

              • Basic OS Auditing
              • Static Analysis
              • Dynamic Analysis
              • Basic Reverse Engineering

        Resources of Learning:

        • Topic 14

          Week - 12: Cyber Law

          Discussion Points: 

                • Basic OS Auditing
                • Static Analysis
                • Dynamic Analysis
                • Basic Reverse Engineering

          Resources of Learning: