DEPARTMENT OF COMPUTER SCIENCE
91.661.201
Advanced Topics in Network Security
Fall 2009
|
Instructor: |
Dr. Xinwen Fu |
|
Office: |
203 Olson Hall |
|
Phone:
|
(978) 934-3623 |
|
E-Mail:
|
xinwenfu@cs.uml.edu
|
|
Homepage: |
|
|
Office Hours: |
MW 2:30PM ~ 4:00PM |
|
Course Name: |
91.661.201
Advanced Topics in Network Security |
|
Credits: |
3.00 |
|
Duration: |
9/2/2009 ~ 12/23/2009 |
|
Time: |
W 5:30 PM ~ 8:20 PM |
|
Location: |
OS 404 |
COURSE DESCRIPTION
Applied computer security topics
such as computer and network forensics, virtual private networks, denial of
service, viruses and worms, intrusion
detection systems, smart cards, biometrics,
programming language security, web security and privacy, e-commerce; case
studies of deployed systems; policy and legal considerations.
COURSE
PREREQUISITES:
1. Prerequisite
courses: 91.561.201 Computer & Network Security I
2. Linux (Fedora Core) and Windows - basic use
and software installation.
3. Knowledge of networks
4. Creative thoughts
DESCRIPTION OF INSTRUCTIONAL METHODS:
, The course web site is located within Blackboard Vista. Follow this instruction to log into Blackboard.
, Announcements, questions (and answers, etc. will be available through Blackboard Vista 4.
, Lecturing is based on the textbook with learning materials provided.
, Programming may be practiced in the lab.
, Discussions and questions/answers take place through Blackboard Vista 4, which should be checked approximately once every 48-hours.
, A Chat room is also likely to be used from time to time.
, You will be expected to be prepared for class, and you must complete the assignments by the dates due.
COURSE
REQUIREMENTS
Textbooks
, Andrew Vladimirov, Konstantin V. Gavrilenko, and Andrei A. Mikhailovsky, Wi-Foo: The Secrets of Wireless Hacking (Paperback), Addison-Wesley Professional, ISBN: 0321202171, July 8, 2004
, Dafydd Stuttard, Marcus Pinto, The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Paperback), Wiley, ISBN: 0470170778, October 22, 2007
o
Textbooks
may be purchased at the bookstore or electronically through: http://www.amazon.com or some other bookseller
o
Note: The class follows the books very
loosely.
References
,
Jie Wang, Theory and Practice (Hardcover), Springer; 1 edition (February 1, 2009),
ISBN: 3540796975
Class Attendance Policy
Students should attend the class in the
classroom.
Cheating and Plagiarism Policy
All forms of academic dishonesty will result in an F for the course and notification of the Academic Dishonesty Committee. Academic dishonesty includes (but is not limited to) plagiarism, copying answers or work done by another student (either on an exam or assignment), allowing another student to copy from you, and using unauthorized materials during an exam.
Make-up Exams
, Make-up exams will only be given in case of serious need and only when the instructor is notified prior to the exam time. If this is not done, the grade is automatically zero for that exam/quiz.
, Written verification for the student¨s inability to take an exam will be required.
, The make-up exams will be different from those given to the class.
COURSE GOALS
,
Master
basic network security protocols and systems
Defense: firewall,
SSH, SSL, etc.
Attacks: Man in the
middle, session hijacking, etc.
,
Master
wireless network defense and attack techniques
Defense: WEP, WPA,
etc.
Attacks: Cracking
keys, Frame injection, man in the middle, etc.
,
Master
web defense and attack techniques
Defense: SSL,
authentication, etc.
Attack: Cross-site Scripting
Attack (XSS), Cross-site Request Forgery Attack, SQL-Injection Attack, etc.
EVALUATION PROCEDURES
Components
of Course Grade:
|
Assignments (5~10) |
25% |
|
Midterm Exam |
25% |
|
Final Exam |
25% |
|
Final Project |
25% |
Grade
Scale: A+(4.0), A(4.0), A-(3.7), B+(3.3), B(3.0), B-(2.7), C+(2.3), C(2.0), and
F (0.0)
|
|
|
|
A |
85 ~ 100 |
|
B |
70 ~ 84.9 |
|
C |
60 ~ 69.9 |
|
D |
50 ~ 59.9 |
|
F |
below 50 |
Homework Assignments
,
All assignments
are to be turned in on or before the due date and time. If you try and cannot
turn in an assignment electronically because the campus network is down, you
will not be penalized.
, An assignment turned in up to 24-hours late will be reduced by 10% of the assignment¨s worth, more than 24 hours late will be reduced 100%.
,
The due
date and time for each assignment will be specified on assignment postings.
,
All
assignments are expected to be individually and independently completed. Should
two or more students turn in substantially the same solution or program, in the
judgment of the instructor, the assignment will be given a grade of zero. A
second such incident will result in an F grade for the course.
Exams
,
Exams
are based on textbooks, web sites, and assignments.
Projects
, There will be
individual or group projects.
, Each member of this
class is required to join a team of 3 persons. A team must have a team leader
coordinating the communication with members and the instructor.
, Each team must be
formed within 2 weeks from the semester start and the team leader will report
the list of members to the instructor once the team is formed.
, Team work is
encouraged since all members of a team will receive the same score based on the
entire team¨s performance for team projects.
, Some of the
projects will be performed within a closed laboratory.
TENTATIVE CLASS SCHEDULE
The schedule may be adjusted based on the actual progress in the semester.
|
Order |
Topics |
Chapter |
Assignment |
Data |
|
Module 1 |
Basic network security: protocols and systems
(firewall, SSL, SSH, etc.) |
|
|
|
|
Module 2 |
Wireless security (WEP, WPA,
WPA2, etc.) |
|
|
|
|
Module 3 |
Web security (XSS, SQL
injection, etc.) |
|
|
|
|
|
|
|
|
|
|
Holidays |
|
|
|
|
|
11/11 Wednesday |
Veterans Day Observed (University closed) |
|
|
|
|
11/26 ~ 11/29 |
Thanksgiving Recess |
|
|
|
|
12/14 Monday |
Last Day of Fall Semester Classes |
|
|
|
|
11/11 Wednesday |
Veterans Day Observed (University closed) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|