Prof. Charles Nicholas
Office hours: MW 2-3pm,
but check this site because my schedule may change from week to week
Wednesday, 7-9:25pm, beginning August 30, 2017.
(the official time may be listed as 7:10-9:40, but we will start at 7pm!)
ROOM CHANGE: meeting in UC 302 Wednesday September 6, and PUP 206 September 13 and September 20.
(Sherman 151 on August 30 only)
Beginning September 27, we meet in PUP 105.
Interest in cyberdefense, including inter-collegiate competition. Computer Science background equivalent to Data Structures CMSC 341 is assumed.
Permission of the instrcutor is required in order to enroll. Send email to firstname.lastname@example.org from your UMBC email address, and tell me your name AND (your date of birth or your student ID). You may attend the class sessions even if you are not enrolled!
At this point, everybody who has asked for permission has been responded to. If you have not received permission, contact me again...
This is NOT an entry-level systems or security course. Students are expected to have a working knowledge of the Windows and Unix operating systems, networks, and/or software development techniques, along with interest if not experience in planning and conducting both penetration testing and countermeasures development.
- The purpose of this course is to provide a means of awarding academic credit to those who intend to participate in the UMBC CyberDefense Club weekly meetings.
- This is a HANDS ON course. Bring your laptop!
- Everybody will be required to participate in some fashion in the cyberdefense competition that the Cyberdawgs will be organizing this fall. Performance in that event may qualify you for membership in our Cyberdefense Team, which won the 2017 National Collegiate Cyber Defense Competition.
- The first day of class, August 30, will be organizational, rather than technical. You can decide then whether you want to enroll or not.
- Everybody is welcome at this and future class meetings, even if not enrolled in the class.
- August 30, 2017
This will be an introduction and orientation session. Not a Cyberdawg meeting as such, since those will begin the following week.
You are welcome to attend if that helps you decide whether to enroll in the class, or if it helps you decide if you want to be involved in the Cyberdefense club.
We discussed how grades will be assigned, what homeworks might be given, and so forth. Attendance but also active participation are important!
People who master the material to the point where they can effectively help others are likely to be awarded a good grade.
I anticipate giving many As, many Bs, and few if any lower grades.
Experienced club members will be able to talk about how to get started
Is anybody interested in the National Cyber League?
- September 6
Class and club meet in UC 302
This will be the first club meeting as such. The room has been announced over the UMBCCD email list, which you can join from the club web page UMBC CyberDefense Club.
Dr. Nicholas will be on travel this week, so no office hours. I will be in email contact.
You are welcome to look at my famous tutorial on malware analysis.
We have recently acquired a BluVector box! Does anybody know what that is?
- September 13
Introduction to (or review of) UNIX
The materials presented are available at the Cyberdawg's github site (pdf)
For fans of Red Hat, or CENTOS, here's a good overview of Linux concepts and commands
- September 20
Virtual machines are cool!
The materials presented are available at the Cyberdawg's github site (ppt)
The VMs Lab (pdf)
- September 27
Web hacking part 1 (pdf)
- October 4
Web hacking part 2 (pdf)
Dr. Alan Sherman and his research team are seeking volunteers to participate in interviews, which will last thirty minutes to an hour. Subjects will receive $10 cash to compensate for their time, and all information will be kept confidential. The web site for our project is http://cisa.umbc.edu/cats/. Students can contact Dr. Linda Oliva email@example.com to sign up for an interview slot, or visit the interview calendar. Refreshments will be made available for interviewees.
- October 11
See the Cyber Dawg site for what we did
- October 18
We'll talk about CCDC and similar competitions.
There is a VM to be downloaded, and a lab.
For students in 491/791, give me evidence that you attempted this lab!
Dr. Nicholas may have time for some discussion on these topics
- For those who are considering graduate school, here's how that works
- The BS/MS program has no downside, and could be very helpful.
- There's a BS/MS in Computer Science, and a BS/MPS linking Computer Science and the graduate program in CYBR
- October 25
- November 1
CTF 101 slides, see the Cyberdawg web site.
INJECT: Write a short paper, under 300 words, on this topic: As of today, the semester is more than half over. You have a pretty good idea of what this course is like. Is there a topic that we have NOT yet discussed that you expected, or might have expected, us to cover by this point? Describe that topic. Are there any resources on the Web that pertain to that topic? Give me at least two references (neither from Wikipedia, please) that would introduce that topic. Please send me an email with your answer. NO attachments. NO Word documents. NO pdf. Due no later than start of class next week, i.e. 7pm on November 8.
(Yes, this is a blatant attempt to figure out how to improve the course for next year, in case it is offered again.)
Not part of the inject, but it would be evidence of your participation in the class this semester. So I encourage you to consider participating in the NSA Code Breaker Challenge
- November 8
Parsons will be here to host a CTF.
Dr. Nicholas will be on travel. Class will meet as usual.
Note that next Tuesday, 11/14, is the last day to drop with a W
- November 15
Special Guest Speaker! Michael Sikorsky,aka Siko, author of Practical Malware Analysis
Siko's abstract and bio are here.
FireEye Summer 2018 Internships
- November 22
no class Wednesday before Thanksgiving
- November 29
- December 6
Last day of class
- December 13
No class today, since this is the "study day"
We will develop the reading list as we go. Students should know how to use the UMBC Library research port and other facilities to get access to papers they want. I suggest using a paper management system such as Mendeley. Suggestions for improving this list are welcome.
The following book(s) are not required, but may be helpful:
Cyberoperations, by Mike O'Leary
Windows Internals, Parts 1 and 2, by Mark Russinovich
Hacking: the art of exploitation, by Jon Erickson.
Be careful when dowloading "free" copies of this or similar books! Additional resources, varying in quality, can be found on Wikibooks and other places.
Students enrolled in CMSC 491 will be expected to attend and participate in the weekly Cyberdawg meetings, including the prep work that may be announed before or after each class session. Also, to suggest resources that could be added to this site, such as on-line tutorials, tools, YouTubes, and so forth.
Students enrolled in CMSC 791 will be subject to the same expectations as students in 491, but in addition, will be expected to prepare material that may be useful in future offerings of this or similar courses.
Abuse of Resources PAY ATTENTION TO THIS!
Abuse of the knowledge or experience you gain in this course may subject you to discipline under UMBC policy and/or criminal prosecution. Do not expect your status as a student to protect you if you break the law! Hacking into campus computers (other than systems approved for such a purpose) is a violation of UMBC policy, and may result in disciplinary action possibly including expulsion, in addition to possible criminal charges.
Academic dishonesty of any kind will be handled in accordance with University policy.
"By enrolling in this course, each student assumes the responsibilities of an active participant in UMBC's scholarly community, in which everyone's academic work and behavior are held to the highest standards of honesty. Cheating, fabrication, plagiarism, and helping others to commit these acts are all forms of academic dishonesty, and they are wrong. Academic misconduct could result in disciplinary action that may include, but is not limited to, suspension or dismissal. To read the full Student Academic Conduct Policy, consult the UMBC Student Handbook, the Faculty Handbook, or the UMBC Policies section of the UMBC Directory." [Statement adopted by UMBC's Undergraduate Council and Provost's Office.]
A collection of resources will be made available.. Suggestions are welcome!
This web site's URL should be https://www.csee.umbc.edu/courses/undergraduate/CMSC491activeCyber/