Attacks on computer systems have become part of everyday life. It is the goal of this class to teach a basic understanding of the possible security failures, as well as the protection mechanism. The class will cover an introduction to network and host security concepts and mechanisms; basic cryptographic algorithms and protocols; authentication and authorization protocols; access control models; common network (wired and wireless) attacks; typical protection approaches, including firewalls and intrustion detection systems; and operating systems and application vulnerabilites, exploits, and countermeasures. The class is designed for undergraduate, master's, and Ph.D. students. Those who take the class are expected to be able to program in C, have some basic knowledge of assembly language, and be familiar with network programming, as well as Unix-like operating systems.
Cybersecurity Laboratory Theoretical foundations in cryptographic algorithms, cryptographic protocols, access control models, formal methods, security policy, etc. provide the necessary background to understand the real-world implications of cryptography and network security. This laboratory course is designed to provide students with a hands-on experience based on the theoretical knowledge they have acquired by taking other securityoriented courses. This hands-on experience is of great importance for future jobs in industry. The course will accomplish its goals through a number of in-lab programming exercises. Topics covered include: basic cryptographic algorithms and protocols; authentication and authorization protocols; access control models; common network (wired and wireless) attacks; typical protection approaches including firewalls and intrustion detection systems; and operating systems and application vulnerabilites, exploits, and countermeasures.
CS 600:Advanced Algorithm Design and Implementation
Design, implementation, and asymptotic time and space analysis of advanced algorithms, as well as analyzing worst-case and average-case complexity of algorithms. Students will be expected to run experiments to test the actual performance of the algorithms on sample inputs. Introduction to NP-complete problems and approximation algorithms.
Network forensics involves the identification, preservation, and analysis of evidence of attacks in order to identify the attackers and document their activity with sufficient reliability to justify appropriate technological, business, and legal responses. This course, however, only focuses on the technological and not on the legal components of the topic. The emphasis is on the network traffic analysis aspect, not on the host aspect. The technical aspect addresses analysis of intruder types and the intrusion process, review of network traffic logs (pcap, flow records) and profiles and their types, identification of attack signatures and fingerprints, application of data mining techniques, study of various traceback methods, and the extraction of information (e.g. from malware, including botnet traffic) acquired through the use of network analysis tools and techniques. The class will not only cover the subjects in theory but instead also provide the students with an extensive hands-on experience. The class will involve a fair amount of programming.
The class will cover advanced network and host security concepts and mechanisms. The class will cover the subjects in theory and provide the students with an extensive hands-on experience: assessing vulnerabilities, writing real working exploits for existing systems in a closed and controlled environment, and developing countermeasures to these perceived and real threats, also in the form of projects. The class will involve a fair amount of programming. Those who take the class are expected to be able to program in C/C++, have some a solid knowledge of assembly language, and be familiar with network basics and programming, as well as modern operating systems (Windows, MacOS, Unix).
Schaefer School of Engineering & Science
Department:
Computer Science
Program:
Cybersecurity / Computer Science
Research Center:
Center for the Advancement of Secure Systems and Information Assurance
Research & Education
Education
1989, B.S. in Computer Science and Mathematics, Adelphi University.
1991, M.S. in Mathematics, Adelphi University.
1997, Doctor of Arts in Mathematics, Adelphi University.
Research
My interests are in computer and network security, cryptography, anonymity, and privacy. In network security, my areas are in denial of service and malware (DDoS, botnets), and I have some interests in anti-phishing. For cryptography, I look at cryptographic aspects of malware, and have interests in verification of cryptographic protocols.
Achievements & Professional Societies
Professional Societies
ACM, IACR, IEEE, NYAS
Selected Publications
Conference Proceedings
Baris Coskun, Sven Dietrich, Nasir Memon. (Dec 2010). "Friends of An Enemy: Identifying Local Members of Peer-to-Peer Botnets Using Mutual Contacts", 26th Annual Computer Security Applications Conference, Austin, TX.
David Dittrich, Michael D. Bailey, and Sven Dietrich. (Nov 2009). "Have we Crossed the Line? The Growing Ethical Debate in Modern Computer Security Research.", In (Poster at) Proceedings of the 16th ACM Conference on Computer and Communication Security (CCS-09), Chicago, Illinois, USA.. Download (110 kb PDF).
David Dittrich and Sven Dietrich. (Oct 2008). "P2P as botnet command and control: a deeper insight", 3rd International Conference on Malicious and Unwanted Software (Malware'08). IEEE Computer Society. (Best Paper Award). Malware 2008 .
Books
Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher. (Dec 2004). Internet Denial of Service: Attack and Defense Mechanisms, Pearson Education. Look closer! .
