\setcounter{numTAs}{0} \setcounter{totalSections}{2} \def\secNum{{"001","DL1",""}} \def\tenSchFileName{{"","",""}} \def\classTime{{"T from 06:15 pm to 08:45 pm in Drosdick Hall 212.","T from 06:15 pm to 08:45 pm in Online SYN.",""}} \def\classRm{{"212","Zoom session",""}} \def\classLive{{"","",""}} \def\classInstructor{{"Hasshi L. Sudler","Hasshi L. Sudler",""}} \def\classInstrContact{{"www.hasshisudler.com","www.hasshisudler.com",""}} \def\classInstrOffHrs{{"As arranged between Student and Instructor","As arranged between Student and Instructor",""}} \def\classInstrLive{{"","",""}} \def\TA{{{""},{""},{""}}} \def\TAEmail{{{""},{""},{""}}} \def\TAOffHrs{{{""},{""},{""}}} \def\TARoom{{{""},{""},{""}}} \newcommand\semester{Fall 2024} \newcommand\rsemester{202520} \newcommand\courseNum{ECE 8486} \newcommand\courseName{Ethical Hacking} \newcommand\courseCoordinator{Hasshi L. Sudler} \newcommand\credits{3} \newcommand\contactHrs{3} \newcommand\lecture{1} \newcommand\lab{0} \newcommand\undergradCourse{0} \newcommand\isFreshmanCourse{0} \newcommand\isCustomElecPolicy{0} \newcommand\AIPolicyExists{0} \newcommand\isClassLive{0} \newcommand\isLabLive{0} \newcommand\meetingMiscExists{0} \newcommand\isClassInstrLive{0} \newcommand\isLabInstrLive{0} \newcommand\instrMiscExists{0} \newcommand\hasTARoom{0} \newcommand\meetingDesc{Example: (Two 75-minute lectures)} \newcommand\meetingMisc{Special notes on meeting info go here, if specified} \newcommand\instructorMisc{Special notes on instructor(s), TA(s) go here, if specified} \newcommand\textBookExists{1} \newcommand\textBookReqd{0} \newcommand\textBookMiscExists{0} \newcommand\referencesExist{0} \newcommand\txtBkAuthExists{0} \newcommand\txtBkPublExists{0} \newcommand\txtBkYrExists{0} \newcommand\txtBkISBNExists{0} \newcommand\textBookTitle{} \newcommand\textBookAuth{} \newcommand\textBookPub{} \newcommand\textBookYr{} \newcommand\textBookISBN{} \newcommand\supplMaterials{The course will require you to either download or access web tools for exercises. Readings will be provided and should be read prior to class discussions.} \newcommand\refPapers{References go here, if specified} \newcommand\textBookMisc{Special notes on textbook(s) go here, if specified} \newcommand\catalogDesc{Quantifying security in an unambiguous way using the Trusted System Evaluation Criteria. "Hacking" a system, developing and implementing countermeasures and threat removal, techniques for Access control, confidentiality, etc. Secure the network, web, enterprise and database, the Cloud and the Semantic Web.} \newcommand\preReqs{None} \newcommand\coReqs{None} \newcommand\coreRequirement{} \newcommand\courseExpectation{Provides a basic understanding of cybersecurity practices and standards. Teaches essential hacking techniques to identify and recognize vulnerabilities in systems, people, and processes. To enhance the ability to quantify risks, model organizational process vulnerabilities, evaluate privacy risks, and assess financial, legal and compliance concerns. The course also provides a forward looking assessment of Quantum Computing, Blockchain Security, and AI threats in a rapid emerging threat landscape. All students engage in hands on semester design projects to deepen their critical thinking around ethical hacking techniques.} \newcommand\ABETOutOneA{0} \newcommand\ABETOutOneB{0} \newcommand\ABETOutTwoA{0} \newcommand\ABETOutTwoB{0} \newcommand\ABETOutTwoC{0} \newcommand\ABETOutTwoD{0} \newcommand\ABETOutThree{0} \newcommand\ABETOutFourA{0} \newcommand\ABETOutFourB{0} \newcommand\ABETOutFourC{0} \newcommand\ABETOutFive{0} \newcommand\ABETOutSixA{0} \newcommand\ABETOutSixB{0} \newcommand\ABETOutSevenA{0} \newcommand\ABETOutSevenB{0} \newcommand\covTopics{\item Class Introduction \item Cybersecurity Basics \item Bug Bounty \item Red/Blue/Purple Team Exercises \item XSS Attacks \item SQL Injection \item Password Cracking \item DOS \& DDOS Attacks \item DNS Attacks \item Cookie Stealing \item WiFi Attacks \item War Driving \item Jamming/Interference \item Priviledged Escalation \item Data Exfiltration \item Packet Sniffing \item Insider/Outsider Attacks \item Pen Testing \item Threat Modeling \item Endpioint Scanning \item Fraud \item Juice Jacking \item Malware Writing \item Key Loggers \item Code Management \item Secure Design Practices \item Key Rotation \item WAF (Cloud Security) \item Social Engineering \item Phishing Attacks \item Leakage \item Privacy \& PII Disclosure \item System Dynamics Modeling \item Process Vulnerabilities \item Security Compliance \item Vendor Systems \item Designing Test Environments \item Staging Attacks \item Quantum Computing \item Blockchain Security \item AI Secutity Threats} \newcommand\isScheduleExternal{0} \newcommand\isScheduleCommon{1} \newcommand\scheduleRows{17} \newcommand\scheduleCols{3} \newcommand\scheduleHeight{1} \newcommand\schedule{\begin{table}[h!] \centering \caption*{Tentative Schedule for \textbf{All Sections}} \vspace{0.05in} {\renewcommand{\arraystretch}{1.5} \small \begin{tabularx}{\linewidth}{l|X|l} \toprule \large \textbf{Week or Date} & \large \textbf{Topic} & \large \textbf{Assignments}\\ \midrule \midrule Aug 27 & Class Intro, Cybersecurity Basics, Bug Bounty, Red/Blue/Purple Team Exercises & Essay\\ Sep 3 & XSS Attacks, SQL Injection, Password Cracking & P-Set1\\ Sept 10 & DOS and DDOS Attacks, DNS Attacks, Cookie Stealing & \\ Sept 17 & WiFi Attacks, War Driving, Jamming and Interference & P-Set2\\ Sept 24 & Privilege Escalation, Data Exfiltration, Packet Sniffing & \\ Oct 1 & Insider and Outsider Attacks, Pen Testing, Midterm Review & \\ Oct 8 & MIDTERM & EXAM\\ Oct 15 & SEMESTER RECESS & \\ Oct 22 & Threat Modeling, Endpoint Scanning, Fraud & \\ Oct 29 & Juice Jacking, Malware Writing, Key Loggers & P-Set3\\ Nov 5 & Code Management, Secure Design Practices, Key Rotation, WAF (Cloud Security) & \\ Nov 12 & Social Engineering, Phishing Attacks, Leakage, Privacy and PII Disclosure & P-Set4\\ Nov 19 & System Dynamics Modeling, Process Vulnerabilities & \\ Nov 26 & Security Compliance, Vendor Systems, Designing Test Environments, Staging Attacks & \\ Dec 3 & Quantum Computing, Blockchain Security, AI Security Threats & \\ Dec 10 & SEMESTER DESIGN PROJECTS & Design\\ \bottomrule \end{tabularx} } \end{table}} \newcommand\gradingPolicy{ Letter grade scale: A(94--100), A--(90--93), B+(87--89), B(83--86), B--(80--82) } \newcommand\HWandLabPolicy{Homework and reading policies All homework should be completed and uploaded to Blackboard prior to the deadline. Unexcused late submissions will come with deductions. Complete all assigned readings prior to attending class and arrive prepared to discuss in detail with original thoughts and analyses.} \newcommand\AIPolicy{\textcolor{red}{ Since you opted for an AI Policy, you should edit this part, choosing one of the following statements, modifying as desired:\\ \\ The use of AI-generated content is not permitted in this course. Its use will result in an academic integrity violation and a zero on the assignment.\\ \\ OR\\ \\ The use of AI-generated content is allowed in this course.\\ \\ OR\\ \\ The use of AI-generated content is permitted as follows: (a) for generating a first draft or (b) for generating an outline or (c) for generating XXX.\\ \\ AND, if AI is allowed:\\ \\ Even if you have significantly edited AI-generated material, you must identify the AI tool used to assist in generating your work. You are required to provide the name of the tool, date used, and prompts used to generate the output. As you may be required to submit the original AI output, you must keep a copy of the original output and provide it when requested. If questions arise about the authorship of submitted work, you are responsible for authenticating your authorship. You should save evidence of your authorial process, such as drafts, notes, version histories, and complete transcripts of AI assistance. }} \newcommand\AttendancePolicy{\textcolor{red}{Attendance is mandatory for the Midterm exam and for the Semester Design Presentation on the final day of the course. Both Midterm and Semester Presentations will be conducted fully online. All students should sign on 15 minutes before start of class to perform audio and video/screen sharing tests. }} \newcommand\ElectronicsPolicy{\textcolor{red}{Since you opted for a customize electronics policy, you should edit this part. Your policy should address your general stance on recording of class sessions and the circumstances under which recording will be allowed or prohibited. If you generally prohibit recording, yet allow recording of certain classes for some reason, then ypu should notify all students that those classes will be recorded. If recording is permitted as an ADA accommodation for a student, you obviously should not identify that student(s).)}}