Instructor: Allan Rorth, email: aroth1@uis.edu

Purpose of and rationale for the course: Intrusion Detections Systems (IDS) are becoming an integral element in many Information System Security designs. Even though they are being routinely implemented, these systems are often not well understood. This course will deal with methods that ID systems use to detect attacks against Information Networks. These methods will include auditing systems, monitoring techniques, and various Intrusion Detection Processes and technologies that can be used for discovery of Hackers and Attacks that could threaten the Confidentiality, Integrity, or Availability of an Information System. The two basic types of Intrusion Detection: Anomaly and Misuse detection will be discussed. Case Reports will be used to discuss the various types of threats, how they can be detected, and administrative controls to reduce the likelihood of their occurrence.

Educational Objectives: To properly prepare our graduates with the fundamentals, background, and knowledge base required to setup and manage an intrusion detection system on a networked system of computers.

Topics to be Covered:

• Intrusion Detection History and Overview
• Host based systems
• Network based systems
• IDS as part of the overall Security System
• Analysis Schemes for Intrusion Detection Systems
• Anomaly detection
• Expert Systems
• Tools for packet analysis and intrusion detection
• Windump
• Ethereal
• Snort
• Case Reports of various attack strategies
• Implementation Issues
• Future directions

Course Materials: Materials for the course are posted on the UIS Blackboard . The materials include PowerPoint slides, class announcements, a student discussion area, the course syllabus, test dates, labs, projects and other information relevant to the course

Textbook: Network Intrusion Detection (3rd Edition) by Stephen Northcutt and Judy Novak ISBN 0735712654

Description of the type of instruction and learning activities: Material will be presented first in Lecture format. Students will participate in class discussions on topics from journal articles and assigned reading from text. The various tools will be used in the classroom via demonstration and exercises and as assigned for of-campus installation. The results of assigned tool implementation will be discussed in class.

Number and type of assignments: Students will be assigned weekly readings and homework assignments or a regular schedule

Grading Criteria:

1. A brief statement describing the objective of the project;
2. Quizzes and Homework Assignments 30%
3. Final Project 40%