Academic Requirements for Designation as a Center of Academic Excellence in Cyber Operations - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Academia Menus

Academia Menus

Academia Early Opportunities (K-12) Mathematics Education Partnership Program Concept Development Units Summer Institutes Math and Related Sciences (MARS) Camp Partners in Education Program STARTALK Language Program Advanced Opportunities (University) Information Assurance Academic Outreach National Centers of Academic Excellence - Cyber Operations Criteria for Measurement Academic Requirements for Designation Application Instructions Center of Academic Excellence - Cyber Operations Program Application	Skip Search Box Searchbox Academic Requirements for Designation as a Center of Academic Excellence in Cyber Operations Academic Content Requirements: Mandatory Program Content: (Knowledge Units) Low Level Programming (must include programming assignments to demonstrate that students are capable of the desired outcome) - C programming - Assembly Language programming (for x86, ARM, MIPS or PowerPC) Outcome: After completing these knowledge units, students will be able to develop programs that can be embedded into an OS kernel, such as a device driver, with the required complexity and sophistication to implement exploits for discovered vulnerabilities. C Language programming Outcome: Students will be able to write a program that implements a network stack to manage network communications. Assembly Language programming Outcome: Students will be able to write a functional, stand-alone assembly language program implementing a basic telnet client with no help from external libraries. Reverse Engineering (must include hands-on lab exercises) -Software -Malware Analysis -Reverse Engineering Tools and Techniques -Communications (includes Protocols) Software Outcome: Students will be able to use a tool such as IdaPro to safely perform static and dynamic analysis of software (or malware) of unknown origin. Appropriate tools, techniques and procedures must be covered. Hardware Outcome: Students will be able to understand basic fundamental procedures such as probing, measuring, and data collection to identify functionality and to affect modifications to the hardware functionality. Operating System Theory - Privileged vs. non-privileged states - Concurrency and synchronization (e.g., semaphores and locks) - Processes and threads, process/thread management, inter-process communications - Memory management/virtual memory - Uni-processor and multi-processor interface and support - File Systems - IO issues (e.g., buffering, queuing, sharing, management) - Distributed OS issues (client/server, message passing, remote procedure calls, clustering) Outcome: Students will be able to understand operating system internals to the level that they could design and implement significant architectural changes to an existing OS (e.g., make significant modifications to Windows, LINUX, etc.). Networking - TCP/IP - Protocols (routing, network, and application protocols) - Architectures - Wireless - Traffic Analysis - Protocol Analysis (examining component-to-component communication to determine the protocol that they are using and what they are doing) Outcome: Students will know how networks transfer data; how network protocols work to enable communication; and how the lower level network layers support the upper ones. Telecommunications - Mobile - Telephony - Infrastructures (e.g., fiber optic cable) - Core Network (Mobile and internet) Outcome: Students will be able to describe routing in a telecommunication network, interaction of elements within the telecommunication core, and end-to-end delivery of a packet and/or signal and what happens with the hand-off at each step along the communications path. Students will be able to explain differences in core architecture between different generations of mobile network technology. Discrete Math Outcome: Students will be introduced to 1st order logic graphs, accounting, accountability, and induction proofs. Algorithms Outcome: Students will be exposed to fundamental algorithm sorting/searching/data/manipulation or students will analyze the complexity of algorithms. Statistics Calculus I & II Outcome: Students will understand how variability affects outcomes, how to identify anomalous events, and how to identify the meaning of anomalous events. Students will be able to integrate and differentiate continuous functions of multiple variables. Automata Outcome: Students will understand how automata is used to describe computing machines and computation and the notion that some things are computable and some are not. Students will understand the connection between automata and computer languages and describe the hierarchy of language from regular expression to context file. Overview of Cyber Defense (must include hands-on lab exercises) - Network Security Techniques and Components (e.g., Firewalls, IDS, etc.) - Cryptography (include PKI Cryptography) - Malicious Activity Detection - Identification of reconnaissance operations - Anomaly/Intrusion detection - Anomaly identification - Identification of command and control operations - Identification of data exfiltration activities - Identifying malicious code based on signatures, behavior and artifacts - System Security Architectures - Defense in depth - Trust Relationships - Distributed/Cloud - Virtualization Outcome: Students will be able to describe, evaluate, and operate a defensive network architecture employing multiple layers of protection using technology appropriate for secure mission accomplishment. Security Fundamental Principles - Domain Separation - Process Isolation - Resource Encapsulation - Least Privilege - Layering/Abstraction/Data Hiding - Modularity/Minimization - Security Policies - Applied Cryptography Outcome: Students will possess a thorough understanding of the fundamental principles underlying cyber security, and how these principles inter-relate and are typically employed to achieve assured solutions. Vulnerabilities - Vulnerability Taxonomy - Root causes - Buffer Overflows - Privilege Escalation Attacks - Trojans /Backdoors/Viruses - Rootkits Outcome: Students will possess a thorough understanding of the various types of vulnerabilities, their underlying causes, and the ways in which they are exploited. Students will also know how to avoid these vulnerabilities during system design, development and implementation. Legal - Laws - Regulations - Directives - Policies Outcome: Students will possess a thorough understanding of the legal issues governing the authorized conduct of cyber operations and the use of related tools, techniques, technology and data. Summer Seminars (Government-focused Program Content): Overview of Cyber Operations - Legal & Ethical Issues and Guidance (criminal hacking) - Exploitation Techniques - Reconnaissance - Hardware, OS, Application identification - Deployed CND - Persistence - Exfiltration - Obfuscation - Privilege Escalation - Exploitation techniques for each vulnerability type - Vulnerability Discovery - Survey of most common architectural weak points - Structured analysis techniques Outcome: After finishing these knowledge units, students will understand the various phases of computer network exploitation, from target identification to data exfiltration. Cyber Operations Planning - Policies - Authorities - Legal Issues - Target Selection - Target Development Outcome: Students will be able to apply strategy to identifying targets, developing targets and a desired end-state along with the relevant policies and laws that govern these activities. National Level Cyber Resources - Systems - Technologies - Databases Outcome: After finishing these knowledge units, students will understand the systems, technologies and databases that exist and that enable the performance of offensive cyber operations. Optional Program Content (at least 60% of the following content must be available) I. Programmable Logic Languages II. FPGA Design Outcome: Students will be able to specify digital device behavior using a programmable logic language. III. Wireless Security (e.g., 2G/3G/4G/WiFi/Bluetooth/RFID) Outcome: Students will be able to describe the unique security and operational attributes in the wireless environment and their effects on network communications. Students will be able to identify the unique security implications of these effects and how to mitigate security issues associated with them. IV. Virtualization Outcome: Students will be able to discuss the advantages and disadvantages of virtualization, identify the different approaches for virtualizing computer systems and the security implications of each different approach. V. Large Scale Distributed Systems - Cloud Computing/Cloud Security Outcome: Students will be able to describe different kinds of Cloud architecture models, services, security issues, and components (logical and physical). Students will also be able to identify all associated data paths within a given cloud design. VI. Risk Management of Information Systems Outcome: Students will be able to identify classes of possible threats, what are the consequences associated with each threat, and what actions can be taken to mitigate the threat. VII. Computer Architecture (includes Logic Design) Outcome: Students will be able to define devices of electronic digital circuits and describe how these components are interconnected. Students will be able to integrate individual components into a more complex digital system and understand the data path through a CPU. VIII. Microcontroller Design Outcome: Students will be able to integrate discrete components into a single processor element and describe ways of achieving performance efficiencies through combining components. Students will be able to identify trade-offs associated with microcontroller optimization. IX. Software Analysis - System Source Code - Static and Dynamic Techniques - Testing (Black Box/White Box/Fuzz) Outcome: Students will be able to perform analysis of existing source code for functional correctness. Students will be able to apply industry standard tools that analyze software for security vulnerabilities. Through the application of testing methodologies, students should be able to build test cases that demonstrate the existence of vulnerabilities. X. Software Development (Building Software) - Secure Programming Principles and Practices - Constructive Techniques (What process might provide for "good code".) Outcome: Students should be able to demonstrate that they understand the techniques specifying program behavior, the classes of well known defects, how they manifest themselves in various languages and are capable of authoring programs that are free from defects. XI. Embedded Systems Outcome: Students will be able to define requirements which lead to the design and fabrication of an embedded system. Students will be able to program the microcontrollers to achieve an application specific design and identify the security concerns associated with resource-constrained devices. XII. Forensics (and Incident Response) (not focusing on the legal aspect) - Operating System Forensics - Network Forensics Outcome: Students will be able to determine the manner in which an operating system or application has been subverted, recover "deleted" and/or intentionally hidden information from various types of media and demonstrate proficiency with handling of a large number of different kinds of components. XIII. Systems Programming - kernel internals - device drivers - multi-threading - use of alternate processors (e.g., graphics card processors) Outcome: Students will be able to build and integrate kernel modules, understand the system call mechanism and how malicious software subverts system calls. Students will be able to demonstrate sufficient knowledge of the networking stack to be able to construct network filter components. Students will be able to discuss strengths and weaknesses of alternative processors, demonstrate familiarity of toolsets for making use of alternative processors (e.g., GPUs). XIV. Applied Cryptography Outcome: Students will be able to identify the appropriate uses of symmetric and asymmetric encryption. They will be able to assign some measure of strength to cryptographic algorithms and the associated keys. They will be able to identify what level of algorithm strength is needed for particular applications and the implementation factors related to its suitability for use. Students will understand the common pitfalls associated with the implementation of cryptography. They will understand the challenges and limitations of various key management systems. XV. SCADA Systems Outcome: Students will be able to describe how embedded systems are employed in industrial infrastructures and control systems. Students should be able to describe methods for management of distributed nodes and identify potential security vulnerabilities associated with the use of such systems and means for mitigating these vulnerabilities. XVI. HCI/Usable Security Outcome: Students will understand user interface issues that will affect the implementation of and perception of security mechanisms and the behavioral impacts of various security "policies". Students will understand the tension between user security and convenience.
	Date Posted: Jan 10, 2012 \| Last Modified: Jan 10, 2012 \| Last Reviewed: Jan 10, 2012

bottom