|
|
91.561
Computer & Network Security I Spring 2008
|
Project 1 (due March 31 midnight)
Project 2 (due May 8
midnight)
Final Exam (due May 21 9pm online or 4:30pm hard copy)
FAQ: Programming Assignments
and Projects Submissions
FAQ: How to use gdb to
debug segmentation faults
Table of Contents
Finding This
Document
Course Goals
Time and Place
Course Personnel and
Office Hours
Prerequisites
Course Texts
Course Outline
Homework Assignments
Projects and Exams
Grading Policy
Finding This Document On-Line
The class Web page is http://www.cs.uml.edu/~wang/cs561. Note that this page is a ``living document'' and additional information will be added during the semester. For “official” contents please refer to this Web page.
Course Goals
This course is aimed to provide students with a solid understanding of key concepts and techniques of network security.
Time and Place
The class meets TR 3:00-4:15 in Olsen 401.
Course Personnel
|
Person |
Role |
Office |
Office Phone |
Office Hours |
Email |
Jie Wang |
Instructor |
OS 201 |
978-934-3649 |
TR 2:00-3:00 or by appointment |
|
Qiang Hou |
TA |
OS 305 |
978-934-1969 |
W 10-11:30 or by appointment |
|
Prerequisites
Prerequisites: 91.404 (Algorithms) and 91.413 (Data Communication I)
Required Text:
- J. Wang. Computer Network Security Theory and Practice (Preliminary Version). To be published by Springer.
- Handouts: Introduction to Network Programming
- Base32Encoding/Decoding C Code
Course
Outline (tentative)
|
Topic |
|
|
Week 1 (1/29, 1/31) |
Network security overview |
|
Week 2 (2/5, 2/7) |
Data encryption algorithms: DES, Feistel encryption
structures, AES |
|
Week 3 (2/12, 2/14) |
Block-cipher modes of operations, RC4, key generations |
|
|
Monday class schedule |
|
Week 4 (2/21) |
Public-key encryption and key management, Diffie-Hellman key exchange |
|
Week 5 (2/26, 2/28) |
RSA, elliptic-curve encryption, key distributions and management |
|
Week 6 (3/4, 3/6) |
Data authentication and integrity, MAC, hash functions (SHA-512, WHIRPOOL), HMAC |
|
Week 7 (3/11, 3/13) |
Offset codebook mode of operations, birthday attacks, digital signature standard, dual signatures, blind signatures |
|
|
Spring break |
|
Week 9 (3/25, 3/27) |
Crypto placements in networks, public-key infrastructure (PKI), IPsec, SSL/TLS |
|
Week 10 (4/1, 4/3) |
SSL/TLS (cont.), secure email (PGP, S/MIME), Kerberos, secure remote logins |
|
Week 11 (4/8, 4/10) |
Wireless network security: WEP, WPA, WPA2, Bluetooth security |
|
Week 12 (4/15, 4/17) |
Bluetooth security (cont.), wireless mesh network security. Network perimeter security: firewalls |
|
|
Patriot’s Day; university closed |
|
Week 13 (4/23) |
Firewall configurations and DMZ, network address translations |
|
Week 14 (4/29, 5/4) |
Viruses, worms, Trojan horses |
|
Week 15 (5/6, 5/8) |
Web security, denial of service attacks, intrusion detection |
|
Week 16 (5/13) |
Intrusion detection (cont.): network-based and host-based detections, signature detections, behavioral forensics, honeypots |
|
TBA |
Final exam |
Homework Assignments
Homework assignments are due on Mondays at
the beginning of class unless otherwise stated. Homework not handed in before
Projects and Exams
There will be two projects and two exams. No early exams will be given. Exams may be taken after a scheduled date ONLY for documented emergencies. It is students’ responsibility to obtain appropriate written documentation.
Grading Policy
|
Homework |
10% |
|
Project I |
20% |
|
Project II |
20% |
|
Midterm exam |
25% |
|
Final exam |
25% |
Attendance
Class attendance is important. You are responsible for all scheduling and announcements made in class if you miss class. The likelihood of failing the course is subsequently increased if you fail to attend class.
Honor Code
Students should be aware of and adhere to the University’s rules on academic dishonesty. These rules are printed in the Undergraduate Catalog. The basic presumption is that the work you do is your own.
Occasionally when working on difficult homework problems (but never on projects, tests, quizzes, or exams!), it may be necessary to ask someone for help, or consult other resources other than your textbooks. You are permitted to do so, provided you meet the following two conditions.
1. You acknowledge the help on the work you hand in.
2. You understand the work that you hand in, so that you could explain the reasoning behind the parts of the work done for you by another.
(Note that I will not deduct credit for small amounts of acknowledged assistance in your homework assignments. Even working as a team on one of several problems in a homework problem set may not hurt your grade, as long as all members of the group acknowledge their collaboration. Such shared interest can be beneficial to all concerned. I do reserve the right to give less than full credit in circumstances where it appears that there has been large-scale division of labor, and you are not getting as much learning out of the assignment as you should. However, as long as you acknowledge your sources, you will not get into Honor-Code trouble. Again, this policy only applies to homework assignments.)
Any
other assistance by another person (including copying some of the source code
from the Internet or from someone else’s homework sites) constitutes a violation
of the honor code and will be treated as such. You will automatically
receive a zero grade for your work on the first Honor-Code violation and
receive a zero for the entire course on the second violation.
Also a violation of the Honor-Code is an attempt to make a programming project appear to do things it cannot do. That is, output must be from the code that is handed in. In the recent past, I've noticed cases where people were careless about what version of their program they hand in. Please be sure you hand in your final version; an old version coupled with output it could not possibly generate looks to us like an Honor-Code violation and will be treated as such.
Should
you have any questions about what this policy means, please discuss the matter
with the instructor now.