CSNB414

Data and Computer Security

SEMESTER I 2015/2016
Lecturers Info
Lecturers Name
Room No.
Office Tel. No.
Email
Time Table

Norziana Jamil
BW-3-C34
+603-89212020 ext 2374
Norziana@uniten.edu.my
Lecture
Sec 1A&1B
Monday: 10am 12pm (BW-G-R06)
Thursday: 3pm 4pm (BW-1-R15)
Lab
Section 1A:
Wednesday: 3pm 5pm (BW-3-L04)
Section 1B:
Thursday: 1pm 3pm (BW-3-L04)
Sec 2A&2B
Monday: 4pm 6pm (BW-G-R06)
Tuesday: 12pm 1pm (BW-2-L14)
Lab
Section 2A:
Wednesday: 8am 10am (BW-3-L04)
Section 2B:
Thursday: 4pm 6pm (BW-3-L04)

Consultation Hours

Tuesday: 9am 11am

Thursday: 4pm 6pm

Course Info
Aims/Objectives:

This course aims to:

1. Acquire knowledge on the concepts of data and computer
security.
2. Understand various security threats and the appropriate
solutions.
3. Apply relevant theories and principles to real life problems
and situations.
4. Assess, design and implement secure systems.
5. Expose students with the trends and latest issues in data
and computer security.

Course
Outcomes:

At the end of the course, the student should be able to:

1) Discuss the major security threats and mechanisms.
2) Explain the concepts and practical workings of ciphers from
history to present.
3) Describe the methods of authentication.
4) Identify the desired functionalities and the relevant
components for building a secured organizational network.
5) Differentiate non-malicious from malicious code.
6) Distinguish the security implications of attacks and the
appropriate security mechanisms at different layer of OSI.
7) Discuss the latest issues in data and computer security.

Course Content and Weekly activity

Week

Chapter

Week 1
(1-5 June 2015)

Chapter 1:
Introduction to
Data and
Computer
Security

Topic

Activities

Computer security concepts.

Security attack, vulnerability,
threat and safeguard.
Security Service and
mechanism.

.
Week 2
(8-12 June
2015)

Chapter 2:
Cryptography

Introduction of cryptosystem.
Cryptographic properties.
Symmetric Cipher Model.
Substitution techniques.
Transposition techniques.

Week 3
(15-19 June
2015)

Chapter 2:
Cryptography

Traditional block cipher

structure.
Data Encryption Standard.
Advanced Encryption
Standard.
AES implementation.
RC4 stream cipher.

Week 4
(22-26 June
2015)

Chapter 3:
Public Key
Infrastructure

Week 5
(29 June 3 Jul
2015)

Chapter 3:
Public Key
Infrastructure

Diffie Hellman Key Exchange.

Elliptic Curve Cryptography

Week 6
(6-10 July
2015)

Chapter 4: Data
Integrity

Cryptographic hash functions.

Message Authentication
Codes.
Digital signatures.

Week 7
(13-17 Jul
2015)

Chapter 4: Data
Integrity

Principles of Public Key

Infrastructure.
The RSA algorithm.

Elgamal Digital Signature

Scheme.
NIST Digital Signature
Algorithm
X.509 Certificates.

Quiz 1

Assignment 1


Week 8
(17/7/2015
26/7/2015)

Chapter 5:
Authentication

Remote User Authentication

Principles.
Remote User-Authentication
Using Symmetric Encryption.
Remote User Authentication
Using Asymmetric
Encryption.

Midterm Test
(Chapter 1-3)

SEMESTER BREAK & HARI RAYA HOLIDAY

Week 9
(27-31 Jul
2015)

Chapter 6:

Network Security

Firewall
DMZ, NAT, Proxy
IDS

Week 10
(3-7 Aug 2015)

Chapter 6:

Network Security

Sniffing attack, spoofing

attack, DDOS attack,
mapping, Active Codes.

Assignment 2

Week 11
(10-14 Aug
2015)

Chapter 7:
Transport-Level
Security

Web security considerations.

Secure Socket Layer.
Transport Layer Security.
HTTPS
Secure Shell

Week 12
(17-21 Aug
2015)

Chapter 8:
Malicious
attacks

Types of malicious software.

Propagation Infected
Content Viruses.
Propagation Vulnerability
Exploit Worms.
Payload Attack agent
Zombie, Bots

Assignment 3

Payload information theft

keyloggers, phishing,
spyware.
Payload stealthing
backdoors, rootkits.
Countermeasures.

Quiz 2

Week 13
(24-28 Aug
2015)

Chapter 8:
Malicious
attacks

Week 14
(1-4 Sept 2015)

Chapter 10:
Special topic in
data and
computer
security

Week 15
(7-11 Sept
2015)

Email security.
Security for cloud computing.
Digital forensics in cyber
security.
Ethical hacking.

Revision and study week

Week 16/17
(14-29 Sept
2015)

FINAL EXAM WEEKS

Text Book
Compulsory:
Security in Computing, by Charles P. Pfleeger, 4th Edition, Prentice Hall, 2007.
Additional:
Computer Security, William Stallings, Pearson, 2008
Cryptography and Network Security, Atul Kahate, McGrawHill, 2003

Lecture Notes & Announcement

The lecture notes and other class materials can be obtained from the Unitens Learning
Management System:
http://lms.uniten.edu.my/moodle/
You need to login and register to the class to obtain the class materials.
Announcement & important notices will be sent through class notice (email) or Moodle
system.
Make sure you have an updated email address in the Uniten Online system.
Assessment
Midterm test
Quiz [2]
Assignment [3]
Lab [7]
Final Examination
Total

10%
10%
20%
20
40%
100%

There will be no make up for test and quiz. If you failed to come to the quiz and/or test,
the respective contribution will be carried out to the contribution of your final exam,
respectively.
Attendance
Attendance will be taken for every lecture. It is a Unitens rule, that you must attend more
than 80% of the lectures to be admitted to the Final Examination. Your lecturer reserves
the right to apply this rule.