UNIVERSITY OF CENTRAL FLORIDA

 

DEPARTMENT OF COMPUTER SCIENCE

 

CAP 6133: Advanced Topics in Computer Security and Computer Forensics

With focus on IoT Security and Privacy

 

FALL 2017

 

Instructor:

Dr. Xinwen Fu

Office

TBD

Phone

TBD

E-Mail

xinwenfu@gmail.com

Homepage

http://www.cs.uml.edu/~xinwenfu (tentative)

Office Hours:

9:00AM – 10:30AM MW

 

Course Name:

CAP 6133: Advanced Topics in Computer Security and Computer Forensics

Credits:

3.00

Duration:

08/21/2017 - 12/09/2017

Time:

MoWe 10:30AM - 11:45AM

Location:

NSC O110

 

TA:

TBD

Email:

TBD

 

COURSE DESCRIPTION

Advanced topics in computer security and forensics such as cryptography; automatic intrusion detection, advanced pattern matching, statistical techniques, firewalls, and vulnerability scanning.

 

The goal of Fall 2017 of this class is to have students become acquainted with IoT security, privacy and forensics. The key objectives include: understand IoT frameworks, applications and security and privacy concerns; be familiar with IoT hardware security; master IoT system security; master IoT software security; master IoT network security. The recited topics include two parts: (a) basic modules including introduction to IoT, introduction to basic security and privacy concepts and techniques needed to understand IoT, Amazon AWS IoT, Raspberry Pi and its programming with various sensors, interconnecting Raspberry Pi with AWS IoT, smart home with IoT, sensor networks with IoT, smart grid with IoT, smart city with IoT and other IoT application scenarios; (b) advanced topics including secure bootstrapping, TPM, TrustZone, Intel SGX. Students will present related wok and papers in class, and are encouraged to preform creative research work in this class.

 

COURSE PREREQUISITES

 

DESCRIPTION OF INSTRUCTIONAL METHODS

 

COURSE REQUIREMENTS

No textbook. Handouts will be offered if necessary.

 

Class Attendance Policy

Students should attend the class in the classroom.

 

Cheating and Plagiarism Policy

All forms of academic dishonesty will result in an F for the course and notification of the Academic Dishonesty Committee.  Academic dishonesty includes (but is not limited to) plagiarism, copying answers or work done by another student (either on an exam or assignment), allowing another student to copy from you, and using unauthorized materials during an exam.

 

Make-up Exams

 

COURSE OBJECTIVES

·      Understand IoT frameworks, applications, security and privacy concerns.

·      Familiar with IoT hardware security

·      Master IoT system security

·      Master IoT software security

·      Master IoT network security

 

EVALUATION PROCEDURES (tentative)

Components of Course Grade:

Assignments

20%

Midterm Exam

50%

Term Project

30%

 

Grade Scale: A (4.00), A- (3.75), B+ (3.25), B (3.00), B- (2.75), C+ (2.25), C (2.00), C- (1.75), D+ (1.25), D (1.00), D- (0.75), F (0.00)

 

 

A

90 ~ 100

A-

85 ~ 89.9

B+

80 ~ 84.9

B

75 ~ 80

B-

70 ~ 74.9

C+

65 ~ 69.9

C

60 ~ 64.9

D

50 ~ 59.9

F

below 50

 

Homework Assignments

 

Exams

 

Projects

 

UNIVERSITY DEADLINES: Refer to Academic Calendar

 

EARLY ALERT STATEMENT

Academic Success Support

As your professor, I am personally committed to supporting YOUR academic success in this course.  For that reason, if you demonstrate any academic performance or behavioral problems which may impede your success, I will personally discuss and attempt to resolve the issue with you.  If the situation persists, I will forward my concern to the Student Development Office and your academic advisor to seek their support and assistance in the matter.  My goal is to make your learning experience in this course as meaningful and successful as possible.

 

Americans with Disabilities Act (ADA) Statement

 

TENTATIVE CLASS SCHEDULE

The schedule may be adjusted based on the actual progress in the semester. The instructor reserves the right to change the topics.

 

 

Module

Week

Topics

Slides

Description

Module 1

 

Introduction to the class 

 

 Syllabus

Module 2

 

Introduction to computer security and privacy

Cryptography (symmetric crypto, hash, asymmetric crypto, SSL), firewall, IDS

Module 3

 

IoT survey and frameworks

 pptx

Different visions of IoT, enabling technologies, IoT architecture, end-to-end view of IoT security and privacy

Module 4

 

IoT application: secure smart home

 pptx

 Home automation, risk assessment of home networks and devices, security requirement of home automation

Module 5

 

IoT device by Raspberry Pi

 pptx

Raspberry PI architecture, components, circuits with breadboard, programming (Python)

Module 6

 

IoT protocol - MQTT

 pptx

 MQTT, SSL for MQTT, authentication with MQTT

Module 7

 

Amazon AWS IoT

 pptx

AWS IoT Architecture, programming

Module 8

 

IoT hardware security

 TBD

Secure firmware distribution for ATmega1284p

Module 9

 

IoT system security with TrustZone

 TBD

Secure boot, secure storage, secure program execution

Module 10

 

IoT big data analytics

 TBD

Privacy

Module 11

 

 Student presentations

 

Paper presentation, project presentation