635.673.81 - Protecting Critical Infrastructure Against Cyber Attacks

Information Systems Engineering
Spring 2024

Description

Cybersecurity is one of the most critical national issues of our time. The trend for cyber-attacks is rapidly increasing in enterprise networks and is extending into other domains like the Internet of Things (IoT) and Industrial Control Systems (ICS). Our 16 Critical Infrastructures are the powerhouses for our military might and our huge economy, and thus protecting these assets is paramount. This class will: (1) introduce students to the history of the problem of Cybersecurity, (2) introduce students to the 16 Critical Infrastructures, and (3) provide students hands-on experience with developing Cybersecurity technology to assess, defend, and monitor enterprise, IoT, and ICS networks.

Expanded Course Description

This course focuses on understanding the history, the vulnerability, and the need to protect our Critical Infrastructure and Key Resources (CIKR). We will start by briefly surveying the policies which define the issues surrounding CIKR and the strategies that have been identified to protect them. Most importantly, we will take a comprehensive approach to evaluating the technical vulnerabilities of the 16 identified sectors, and we will discuss the tactics that are necessary to mitigate the risks associated with each sector. These vulnerabilities will be discussed from the perspective of technical journals/articles which detail recent and relevant network-level CIKR exploits. We will cover well known vulnerable systems such the Internet, SCADA, and lesser known systems such as E911 and industrial robots. Students will be challenged with hacker-type home works inspired by current SANS NewsBites and the instructor's research, and will work on a team-based semester long project.

Instructor

Profile photo of Lanier Watkins.

Lanier Watkins

Lanier.Watkins@jhuapl.edu

Course Structure

Module #

Module Title

Module Description

1

Why Is There A Cyber Security Problem?

Cyber Security Introduction

  • Critical Infrastructure Protection Course
  • Overview
  • Anatomy of A Technical Paper
  • Group Project Discussion
    • Students choose topic
    • Identify team lead
    • Project plan discussion
  • Cyber War Related Vocabulary
  • Cyber War as explained by Richard Clark
  • Introduction to Critical Infrastructure Protection Solutions
  • Cyber Related Presidential Directives
Introduction to 16 CI Sectors:
  1. Banking and Finance
  2. Chemical
  3. Information Technology
  4. Critical Manufacturing
  5. Defense Industrial Base
  6. Food and Agriculture
  7. Commercial Facilities
  8. Communications
  9. Dams
  10. Emergency Services
  11. Energy
  12. Government Facilities
  13. Healthcare and Public Health
  14. Nuclear Reactors, Materials and Waste
  15. Transportation Systems
  16. Water and Wastewater Systems

2

  • TCP/IP Networks and Security
  • Highlighted CI Sectors
  • Communications Sector
  • IT Sector
  • Healthcare Sector
  • Defense Industrial Base Sector
  • TCP/IP Computer Networks Lecture
  • Homework #1 Hacker Assignment
  • Students respond to questions from lecture and each other (at least two)

3

TCP/IP Networks and Security
  • Student presentations on current research on proposed CI protection methods from highlighted sectors
  • Student presentation on Amoroso’s Book Chapter 5: Commonality
  • Student presentation on Amoroso’s Book Chapter 6: Depth
  • Students critique presented information and each other (at least two)

4

  • Compute Node Security
    • Cyber physical devices
    • Mobile devices
    • Wireless sensor devices
  • Highlighted CI Sectors
    • Chemical Sector
    • Critical Manufacturing Sector
    • Energy Sector
    • Emergency Services Sector
  • Compute Node Lecture
  • Review answers to Homework #1
  • Homework #2 Hacker Assignment
  • Exam 1
  • Students respond to questions from lecture and each other (at least two) 

5

Compute Node Security
  • Student presentations on current research on proposed CI protection methods from highlighted sectors
  • Student presentation on Amoroso’s Book Chapter 2: Deception
  • Student presentation on Amoroso’s Book Chapter 3: Separation
  • Students critique presented information and each other (at least two)
  • Team leads provides project executive summary (5% of total 30%)

6

  • Vulnerability Monitoring and Analysis
  • Highlighted CI Sectors
    • o Commercial Facilities Sector
    • o Food and Agriculture Sector
    • Banking and Finance Sector
  • Vulnerability Monitoring and Analysis Lecture
  • Review answers to Homework #2
  • Homework #3 Hacker Assignment
  • Students respond to questions from lecture and each other (at least two)

7

Vulnerability Monitoring and Analysis
Vulnerability Monitoring and Analysis
  • Student presentations on current research on proposed CI protection methods
  • Student presentation on Amoroso’s Book Chapter 8: Collection
  • Student presentation on Amoroso’s Book Chapter 4: Diversity
  • Students critique presented information and each other (at least two)

8

  • Malware Monitoring and Analysis
  • Highlighted CI Sectors
    • Nuclear Reactors Materials and Waste
    • Water and Waste Water Sector
    • Dams Sector
  • Malware Monitoring and Analysis Lecture
  • Review answers to Homework #3
  • Homework #4 Hacker Assignment
  • Students respond to questions from lecture and each other (at least two)

9

Team Project Question and Answer Session
  • Students directly ask instructor questions to instructor regarding their team projects
  • Team leads provide project plan for their projects (5% of total 30%)

10

Malware Monitoring and Analysis

Technical Discussion:

Malware Monitoring and Analysis

  • Student presentations on current research on proposed CI protection methods
  • Student presentation on Amoroso’s Book Chapter 7: Discretion
  • Student presentations on Amoroso’s Book Chapter 9: Correlation
  • Students critique presented information and each other (at least two)

11

  • Data Analytics and Machine Learning
  • Highlighted CI Sectors
    • o Government Facilities
    • Transportation Sector
  • Data Analytics and Machine Learning Lecture
  • Review answers to Homework #4
  • Homework #5 Hacker Assignment
  • Students respond to questions from lecture and each other (at least two)

12

Data Analytics and Machine Learning
  • Student presentations on current research on proposed CI protection methods
  • Student presentations on Amoroso’s Book Chapter 10: Awareness
  • Exam 2
  • Students critique presented information and each other (at least two)

13

Cloud Security
  • Cloud Security Lecture
  • Student presentations on current research on proposed CI protection methods
  • Students critique presented information and each other (at least two)

14

Team Project Poster Session
  • Students critique presented information and each other (at least two)
  • Each team gives technical presentation and hands in technical paper

Course Goals

The goals for this class are to: (1) introduce the 16 CIs, (2) introduce the existing and novel protection schemes for CI, (3) but more importantly, challenge students to become cyber researchers and to develop new protection schemes.

Course Learning Outcomes (CLOs)

Textbooks

Amoroso, Edward. (2011). Cyber Attacks: Protecting National Infrastructure, Elsevier Inc.

Clarke, Richard and Knake, Robert (2010). Cyber War: The Next Threat To National Security And What To Do About It, HarperCollins Publishers.

DHS Website: Critical Infrastructure Sectors Website. (2017). Available at: http://www.dhs.gov/critical-infrastructure-sectors

Required Software

MATLAB

You will need access to a recent version of MATLAB with the Signal Processing Toolkit. The MATLAB Total Academic Headcount (TAH) license is now in effect. This license is provided at no cost to you. Send an email to software@jhu.edu to request your license file/code. Please indicate that you need a standalone file/code. You will need to provide your first and last name, as well as your Hopkins email address. You will receive an email from Mathworks with instructions to create a Mathworks account. The MATLAB software will be available for download from the Mathworks site.

Student Coursework Requirements

There will be weekly class discussions (in the class discussion area) covering topics from areas 1-3 mentioned above. This will be assessed under class participation (10%). Every other week, a student will serve as the class leader for the week and will choose CI protection solutions from areas 4 and 5 mentioned above, and will deliver voice track slide presentations to the class. This will be assessed under class leader presentation (10%). Each student not presenting will be responsible for critiquing the solution (not the presentation) in the class discussion area. This will be included under class participation (See above).

There will be two exams, Exam 1 will cover the topics mentioned in area 1 above and Exam 2 will cover the topics mentioned in areas 2-5. These will be assessed under Exam 1 and Exam 2 respectively (15% each, total of 30%). There will be 4 or 5 home works covering topics in areas 1-5 mentioned above. This will be assessed under Hacker Assignments (20%). For the semester long project, the team must produce a double column 5-6 page research paper with the following elements: title, abstract, introduction, related works, experimental evaluation (setup, experiments, results and discussion), conclusions and future work, and properly formatted IEEE formatted references. Also, a technical presentation will be due along with the paper.

The semester long project will be assessed like a peer reviewed conference paper and presentation (30%). Of this 30%, an executive summary will be due in Week 5 worth 5%, in Week 9 a project plan will be due worth 5%, and in Week 14 the technical paper and presentation will be due worth 20%.

Grading Policy

Assignments are due according to the dates posted in your Canvas course site. You may check these due dates in the Course Calendar or the Assignments in the corresponding modules. I/We will post grades one week after assignment due dates.

We generally do not directly grade spelling and grammar. However, egregious violations of the rules of the English language will be noted without comment. Consistently poor performance in either spelling or grammar is taken as an indication of poor written communication ability that may detract from your grade.

A grade of A indicates achievement of consistent excellence and distinction throughout the course—that is, conspicuous excellence in all aspects of assignments and discussion in every week.

A grade of B indicates work that meets all course requirements on a level appropriate for graduate academic work. These criteria apply to both undergraduates and graduate students taking the course.

Score RangeLetter Grade
100-98= A+
97-94= A
93-90= A−
89-87= B+
86-83= B
82-80= B−
79-70= C
<70= F 

Grading Rubric

Assignment

Percentage

of Grade

Comments

Cyber Security Background History Exam

15%

45 minutes

CIKR Description and Protection Methods Exam

15%

60 minutes

Class Participation:

  • Technical paper posts
  • Book chapter posts
  • Responses to peers

10%

 

Hacker Assignments

20%

 

Class Leader Presentation

10%

Each student will give at least 1 presentation on a technical paper

Team Assignment
  • Executive summary (5%)
  • Project plan (5%)
  • Presentation (10%)
  • Paper (10%)

30%

Each group will give a technical presentation and hand in a technical paper

Academic Policies

Deadlines for Adding, Dropping and Withdrawing from Courses

Students may add a course up to one week after the start of the term for that particular course. Students may drop courses according to the drop deadlines outlined in the EP academic calendar (https://ep.jhu.edu/student-services/academic-calendar/). Between the 6th week of the class and prior to the final withdrawal deadline, a student may withdraw from a course with a W on their academic record. A record of the course will remain on the academic record with a W appearing in the grade column to indicate that the student registered and withdrew from the course.

Academic Misconduct Policy

All students are required to read, know, and comply with the Johns Hopkins University Krieger School of Arts and Sciences (KSAS) / Whiting School of Engineering (WSE) Procedures for Handling Allegations of Misconduct by Full-Time and Part-Time Graduate Students.

This policy prohibits academic misconduct, including but not limited to the following: cheating or facilitating cheating; plagiarism; reuse of assignments; unauthorized collaboration; alteration of graded assignments; and unfair competition. Course materials (old assignments, texts, or examinations, etc.) should not be shared unless authorized by the course instructor. Any questions related to this policy should be directed to EP’s academic integrity officer at ep-academic-integrity@jhu.edu.

Students with Disabilities - Accommodations and Accessibility

Johns Hopkins University values diversity and inclusion. We are committed to providing welcoming, equitable, and accessible educational experiences for all students. Students with disabilities (including those with psychological conditions, medical conditions and temporary disabilities) can request accommodations for this course by providing an Accommodation Letter issued by Student Disability Services (SDS). Please request accommodations for this course as early as possible to provide time for effective communication and arrangements.

For further information or to start the process of requesting accommodations, please contact Student Disability Services at Engineering for Professionals, ep-disability-svcs@jhu.edu.

Student Conduct Code

The fundamental purpose of the JHU regulation of student conduct is to promote and to protect the health, safety, welfare, property, and rights of all members of the University community as well as to promote the orderly operation of the University and to safeguard its property and facilities. As members of the University community, students accept certain responsibilities which support the educational mission and create an environment in which all students are afforded the same opportunity to succeed academically. 

For a full description of the code please visit the following website: https://studentaffairs.jhu.edu/policies-guidelines/student-code/

Classroom Climate

JHU is committed to creating a classroom environment that values the diversity of experiences and perspectives that all students bring. Everyone has the right to be treated with dignity and respect. Fostering an inclusive climate is important. Research and experience show that students who interact with peers who are different from themselves learn new things and experience tangible educational outcomes. At no time in this learning process should someone be singled out or treated unequally on the basis of any seen or unseen part of their identity. 
 
If you have concerns in this course about harassment, discrimination, or any unequal treatment, or if you seek accommodations or resources, please reach out to the course instructor directly. Reporting will never impact your course grade. You may also share concerns with your program chair, the Assistant Dean for Diversity and Inclusion, or the Office of Institutional Equity. In handling reports, people will protect your privacy as much as possible, but faculty and staff are required to officially report information for some cases (e.g. sexual harassment).

Course Auditing

When a student enrolls in an EP course with “audit” status, the student must reach an understanding with the instructor as to what is required to earn the “audit.” If the student does not meet those expectations, the instructor must notify the EP Registration Team [EP-Registration@exchange.johnshopkins.edu] in order for the student to be retroactively dropped or withdrawn from the course (depending on when the "audit" was requested and in accordance with EP registration deadlines). All lecture content will remain accessible to auditing students, but access to all other course material is left to the discretion of the instructor.