May 2002
Going to Battle at SEAS
Students Develop Skills Necessary to Thwart Hackers
in Real Time
By John
Carroll
The perimeter has been violated and the enemy is steadily encroaching.
You have one last chance to thwart the threat and emerge victorious.
Your weapons of choice are not guns and ammunition, but technical knowledge.
Your enemy: computer hackers.
Professionals responsible for maintaining the security of computer systems
are vulnerable to attack at any time. Hackers using technical ingenuity
and special software can gain remote access to local computer networks
and Web sites. Once inside, hackers can do great damage. Aside from
causing mischief and a disruption of business, hackers also can browse
confidential or proprietary files and extract vital information or even
change the appearance of a Web site.
In GWs Computer Security Battle Lab at the Virginia Campus, students
learn how to establish and maintain a secure cyber environment. In this
simulated cyber-battlefield, the student can attack a system
in a controlled environment to identify and correct weaknesses. The
lab can simulate a broad range of real-world cyber threats and experiment
with computer security and intrusion detection technologies that can
identify and prevent invasion.
The program is directed by Lance Hoffman, professor of computer science
at the School of Engineering and Applied Science (SEAS). Hoffman has
written several books on the subject, including his most recent, Building
Big Brother, the first book devoted to the use of cryptography
to protect data.
These hands-on exercises provide an in the trenches
perspective and understanding of how the various technologies work beyond
the textbooks, says Hoffman. Its portable, its
wireless, and we are building a set of graduated exercises to teach
students about hardware and software architecture as it relates to computer
security.
Battle Lab exercises are part of a new graduate certificate program
in Computer Security and Information Assurance. The program was created,
in part, as a response to the growing market demand for professionals
who are highly trained in computer security. Julie Ryan, professor of
engineering management and systems engineering, explains, Traditionally,
the big consumers for security professionals were governments and extremely
large corporations involved primarily in finance/banking or in intellectually
intensive R&D efforts. Now the demand is everywhere.
The 22-week accelerated program comprises four graduate-level courses:
Introduction to Computer Security; Information Policy;
Viruses, Worms and Network Security; and E-Commerce
Security.
Hoffman emphasizes the practical knowledge students gain from the program
are immediately applicable on the job. He says The course curriculum
is targeted for those concerned with identifying, detecting, and responding
to intrusions against the systems which they protect. Individuals will
leave the program with the skills to interpret the output of intrusion
detection sensors, identify whether a system has been compromised, steps
to take to contain the intrusion, and necessary actions to eradicate
the source of the intrusion and return affected systems to normal operations.
SEAS recently has been designated by the National Security Agency (NSA)
as one of 36 institutions nationwide recognized as Centers for Academic
Excellence in Information Assurance Education. In June, the University
will be officially recognized by the NSA at the Sixth National Colloquium
for Information System Security Education. Designated universities are
eligible to apply for scholarships and grants through the federal and
Department of Defense Information Assurance Scholarship Programs.
Send feedback to: bygeorge@gwu.edu