COMP 447: Intrusion Detection
Course Information
About
This course will cover techniques for detecting the unusual usage patterns that typically signal a break-in.
Description
This course will cover techniques for detecting the unusual usage patterns that typically signal a break-in. The course will also consider differences in the detection of local intruders versus intrusion over networks. Finally, issues in the prosecution of those breaking into computers, particularly evidentiary issues are explored.
Outcome
Students will learn to configure ID systems (eg., snort) and analyze their output. They will also understand both network-based and host-based monitoring techniques.
Syllabi
See the Current Course Syllabi.