Course Information
About
This under-graduate course is about the fundamentals of information security, which is a set of practices intended to keep data secure from unauthorized access or alterations. The course covers some fundemental topics such as crpthography techniques, network security concepts, malware and phishing attacks.
The aim of this course is to demonstrate students variety of different aspects of how to secure data and services against harmful attacks. The students are expected to gain a foundational understanding in information security. The students, moreover, will be expected to gain hand-on experience via four assignments supplied through BBM465 course.
The course is taught by Dr. Ahmet Selman Bozkır. The teaching assistant is Ali Baran Taşdemir.
Exam Dates
First Midterm: 13 November 2023 - Monday at 13:00
Second Midterm: 11 December 2023 - Monday at 13:00
Final: to be announced
Time and Location
Lectures: Monday at 13:00-15:50 (Seminar Hall)
Reference Books
- Computer Security and the Internet: Tools and Jewels (pdf available online).
- Network Security: Private Communication in a Public World, 2nd Edition. C. Kaufman, R. Perlman, and M. Speciner, Prentice-Hall
- Handbook of Applied Cryptography. A. Menezes, P. van Oorschot and S. Vanstone. CRC Press (pdf available online).
- Security Engineering: A Guide to Building Dependable Distributed Systems, Ross J. Anderson, John Wiley & Sons
Policies: All work on project must be done with pairs unless stated otherwise. You are encouraged to discuss with your classmates about the given project, but these discussions should be carried out in an abstract way. That is, discussions related to a particular solution to a specific problem (either in actual code or in the pseudocode) will not be tolerated.
In short, turning in someone else’s work, in whole or in part, as your own will be considered as a violation of academic integrity. The conducted study must be reported in a suitable format and be sent through email.
Communication
The course webpage will be updated regularly throughout the semester with lecture notes, presentations, and important deadlines. For the laboratory class of this course, please register to Piazza BBM465 communication group
Course Requirements and Grading
Grading for BBM463 will be based on
- Midterm exam 1 (25%),
- Midterm exam 2 (30%), and
- Final exam (45%).
Schedule
| Date | Topic | Notes |
| Oct 2 | Introduction[slides] | Welcome message, CIA triad |
| Oct 9 | Basic Ciphers[slides] | Basic Ciphers, Vigenere Cipher, Enigma |
| Oct 16 | Block Ciphers, DES, Encryption Modes[slides] | Block Ciphers, DES, Encryption Modes |
| Oct 23 | Strength of Ciphers[slides] | Cryptographic Work Factor |
| Oct 30 | CRCs, Cryptographic Hash Functions, MACs, HMAC[slides] | CRCs, CHFs, MACs |
| Nov 6 | Public Key Cryptography, RSA, Key Exchange[slides] | Public Key Cryptography, RSA, Key Exchange |
| Nov 13 | Midterm 1 [No Class] | |
| Nov 20 | Digital Certificates, X509 Standard[slides] | Digital Certificates, X509 Standard |
| Nov 27 | Firewalls, Netfilters[slides] | Firewalls, Netfilters |
| Dec 4 | VPN, Security Information and Event Monitoring (SIEM)[slides] | VPN, Security Information and Event Monitoring (SIEM) |
| Dec 11 | Midterm 2 [No Class] | |
| Dec 18 | User Authentication and Authentication Protocols[slides] | User Authentication and Authentication Protocols |
| Dec 25 | Anti-Phishing, Methods and Future [slides] | Anti-Phishing, Methods and Future |
| Jan 1 | Holiday for New Year |
Resources
Reference Journals
- Computers & Security (COSE)
- IET Information Security
- International Journal of Information Security
- Journal of Cryptology
- IEEE Transactions on Information Forensics and Security
- ACM Transactions on Information and System Security
- Journal of Computer Virology and Hacking Techniques