CSC 433 - Intrusion Detection
Intrusion Detections Systems (IDS) are an integral element in Information System Security designs. IDS require continuing development in both the manual and automated network traffic analysis techniques used to create signatures for identifying malicious traffic. This course discusses an overview of current network protocols and how misuse of these protocols can be systematically identified. This course also discusses tools to aid in the capture and analysis of network traffic (Windump/Wireshark), tools used to test an IDS (NMAP), as well as a popular open-source IDS (Snort).
CSC 570H - Advanced Topics in Computer Science
Topic: Threat / Management
Recent world events have brought to the forefront the challenge to discover situations that may threaten an organization’s future, and to prepare for the eventuality of computer system disruptions. Today’s threats require the creation of an on-going process to access and deal with Risks and Threats and plan for the protection or replacement of computer system assets. This course will examine overall risk assessment methodologies to identify risks and the decision process involved in choosing to avoid, transfer, mitigate, or accept those risks to computer systems. Of course all risks cannot be reduced to zero, so it important that an organization have a plan to deal with the inevitable minor disruptions and the rare major disasters that might occur. That is where a comprehensive process described as threat management, contingency planning, and disaster recovery is important. The course will examine the various techniques and tools to maximize the likelihood of continued business operation in the case of either a minor computer system disruption or a major disaster.