CS 427 Intrusion Detection

This course presents technical knowledge, insight, and hands-on training necessary to analyze network traffic for signs of intrusion. Students will gain hands-on experience to configure and master open-source tools such as Wireshark and Snort.

Upon completion of this course student should be able to:

1. students will learn about the underlying theory of networks such as TCP/IP and the most used application protocols, such as DNS and HTTP so that they can intelligently examine network traffic for signs of an intrusion.
2. Students will be familiar with network intrusion signatures.
3. students will get plenty of practice learning to master different open source intrusion detection tools such as Wireshark and Snort.
4. students should get knowledge about techniques and systems of intrusion detection