CMSC 491/791 Active Cyber Defense

Fall 2017

Prof. Charles Nicholas
410-455-2594
nicholas@umbc.edu
ITE 356
Office hours: MW 2-3pm,
but check this site because my schedule may change from week to week

Course information

Wednesday, 7-9:25pm, beginning August 30, 2017.
(the official time may be listed as 7:10-9:40, but we will start at 7pm!)

ROOM CHANGE: meeting in UC 302 Wednesday September 6, and PUP 206 September 13 and September 20.
(Sherman 151 on August 30 only)

Beginning September 27, we meet in PUP 105.

Prerequisites:

Interest in cyberdefense, including inter-collegiate competition. Computer Science background equivalent to Data Structures CMSC 341 is assumed.

Permission of the instrcutor is required in order to enroll. Send email to nicholas@umbc.edu from your UMBC email address, and tell me your name AND (your date of birth or your student ID). You may attend the class sessions even if you are not enrolled!

At this point, everybody who has asked for permission has been responded to. If you have not received permission, contact me again...

This is NOT an entry-level systems or security course. Students are expected to have a working knowledge of the Windows and Unix operating systems, networks, and/or software development techniques, along with interest if not experience in planning and conducting both penetration testing and countermeasures development.

Overview

• The purpose of this course is to provide a means of awarding academic credit to those who intend to participate in the UMBC CyberDefense Club weekly meetings.
• This is a HANDS ON course. Bring your laptop!
• Everybody will be required to participate in some fashion in the cyberdefense competition that the Cyberdawgs will be organizing this fall. Performance in that event may qualify you for membership in our Cyberdefense Team, which won the 2017 National Collegiate Cyber Defense Competition.
• The first day of class, August 30, will be organizational, rather than technical. You can decide then whether you want to enroll or not.
• Everybody is welcome at this and future class meetings, even if not enrolled in the class.

Notes

• August 30, 2017
  This will be an introduction and orientation session. Not a Cyberdawg meeting as such, since those will begin the following week.
  You are welcome to attend if that helps you decide whether to enroll in the class, or if it helps you decide if you want to be involved in the Cyberdefense club.
  We discussed how grades will be assigned, what homeworks might be given, and so forth. Attendance but also active participation are important!
  People who master the material to the point where they can effectively help others are likely to be awarded a good grade.
  I anticipate giving many As, many Bs, and few if any lower grades.
  Experienced club members will be able to talk about how to get started
  Is anybody interested in the National Cyber League?
  
  
• September 6
  Class and club meet in UC 302
  This will be the first club meeting as such. The room has been announced over the UMBCCD email list, which you can join from the club web page UMBC CyberDefense Club.
  Dr. Nicholas will be on travel this week, so no office hours. I will be in email contact.
  You are welcome to look at my famous tutorial on malware analysis.
  We have recently acquired a BluVector box! Does anybody know what that is?
  
  
• September 13
  Introduction to (or review of) UNIX
  The materials presented are available at the Cyberdawg's github site (pdf)
  For fans of Red Hat, or CENTOS, here's a good overview of Linux concepts and commands
  
  
• September 20
  Virtual machines are cool!
  The materials presented are available at the Cyberdawg's github site (ppt)
  The VMs Lab (pdf)
  
  
• September 27
  Web hacking part 1 (pdf)
  
  
• October 4
  Web hacking part 2 (pdf)
  Dr. Alan Sherman and his research team are seeking volunteers to participate in interviews, which will last thirty minutes to an hour.   Subjects will receive $10 cash to compensate for their time, and all information will be kept confidential. The web site for our project is  http://cisa.umbc.edu/cats/.  Students can contact Dr. Linda Oliva  oliva@umbc.edu to sign up for an interview slot, or visit the interview calendar. Refreshments will be made available for interviewees.
  
  
• October 11
  
  
• October 18
  
  
• October 25
  
  
• November 1
  Sikorsky!
  
  
• November 8
  note that next Tuesday, 11/14, is the last day to drop with a W
  
  
• November 15
  
  
• November 22
  no class Wednesday before Thanksgiving
  
  
• November 29
  Dr. Nicholas will introduce the subject of malware analysis, using this tutorial.
  
  
• December 6
  Last day of class
  
  I wanted to encourage you to take a few minutes to complete the course survey for CMSC 491/791, which provides valuable feedback for me, the program, and the university.  I really appreciate the time that you take to complete these surveys, and the department takes them seriously as a way to keep improving the course.
  
  While you're at it, please complete the course surveys for all of your courses, and ask your friends to do the same!  The administration actually does look at the data and we do our best to work with departments and faculty to address problems, and to reward and recognize great teaching.
  
  Thanks!
  
  
• December 13
  No class today, since this is the "study day"
  
  

Reading List

We will develop the reading list as we go. Students should know how to use the UMBC Library research port and other facilities to get access to papers they want. I suggest using a paper management system such as Mendeley. Suggestions for improving this list are welcome.

Textbook(s): None

The following book(s) are not required, but may be helpful:

Cyberoperations, by Mike O'Leary

Windows Internals, Parts 1 and 2, by Mark Russinovich

Hacking: the art of exploitation, by Jon Erickson.

Be careful when dowloading "free" copies of this or similar books! Additional resources, varying in quality, can be found on Wikibooks and other places.

Course Policies

Grading

Students enrolled in CMSC 491 will be expected to attend and participate in the weekly Cyberdawg meetings, including the prep work that may be announed before or after each class session. Also, to suggest resources that could be added to this site, such as on-line tutorials, tools, YouTubes, and so forth.

Students enrolled in CMSC 791 will be subject to the same expectations as students in 491, but in addition, will be expected to prepare material that may be useful in future offerings of this or similar courses.

 

Abuse of Resources PAY ATTENTION TO THIS!

Abuse of the knowledge or experience you gain in this course may subject you to discipline under UMBC policy and/or criminal prosecution. Do not expect your status as a student to protect you if you break the law! Hacking into campus computers (other than systems approved for such a purpose) is a violation of UMBC policy, and may result in disciplinary action possibly including expulsion, in addition to possible criminal charges.

Academic Honesty

Academic dishonesty of any kind will be handled in accordance with University policy.

"By enrolling in this course, each student assumes the responsibilities of an active participant in UMBC's scholarly community, in which everyone's academic work and behavior are held to the highest standards of honesty. Cheating, fabrication, plagiarism, and helping others to commit these acts are all forms of academic dishonesty, and they are wrong. Academic misconduct could result in disciplinary action that may include, but is not limited to, suspension or dismissal. To read the full Student Academic Conduct Policy, consult the UMBC Student Handbook, the Faculty Handbook, or the UMBC Policies section of the UMBC Directory." [Statement adopted by UMBC's Undergraduate Council and Provost's Office.]

 

Resources

A collection of resources will be made available.. Suggestions are welcome!

This web site's URL should be https://www.csee.umbc.edu/courses/undergraduate/CMSC491activeCyber/