UNIVERSITY OF MASSACHUSETTS LOWELL

DEPARTMENT OF COMPUTER SCIENCE

 

91.661.201 Advanced Topics in Network Security

Fall 2009

 

Instructor:

Dr. Xinwen Fu

Office: 

203 Olson Hall

Phone: 

(978) 934-3623

E-Mail: 

xinwenfu@cs.uml.edu         

Homepage: 

http://www.cs.uml.edu/~xinwenfu

Office Hours: 

MW 2:30PM ~ 4:00PM

 

Course Name:

91.661.201 Advanced Topics in Network Security

Credits:

3.00

Duration:

9/2/2009 ~ 12/23/2009

Time:

W 5:30 PM ~ 8:20 PM

Location:

OS 404

 

 

COURSE DESCRIPTION

Applied computer security topics such as computer and network forensics, virtual private networks, denial of service, viruses and worms, intrusion

detection systems, smart cards, biometrics, programming language security, web security and privacy, e-commerce; case studies of deployed systems; policy and legal considerations.

 

COURSE PREREQUISITES:

1.      Prerequisite courses: 91.561.201 Computer & Network Security I   

2.      Linux (Fedora Core) and Windows - basic use and software installation.

3.      Knowledge of networks

4.      Creative thoughts

 

DESCRIPTION OF INSTRUCTIONAL METHODS:

         The course web site is located within Blackboard Vista. Follow this instruction to log into Blackboard.

         Announcements, questions (and answers, etc. will be available through Blackboard Vista 4.

         Lecturing is based on the textbook with learning materials provided.

         Programming may be practiced in the lab.

         Discussions and questions/answers take place through Blackboard Vista 4, which should be checked approximately once every 48-hours. 

         A Chat room is also likely to be used from time to time.

         You will be expected to be prepared for class, and you must complete the assignments by the dates due.

 

COURSE REQUIREMENTS

Textbooks

      Andrew Vladimirov, Konstantin V. Gavrilenko, and Andrei A. Mikhailovsky, Wi-Foo: The Secrets of Wireless Hacking (Paperback), Addison-Wesley Professional, ISBN: 0321202171, July 8, 2004

      Dafydd Stuttard, Marcus Pinto, The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws (Paperback), Wiley, ISBN: 0470170778, October 22, 2007

o        Textbooks may be purchased at the bookstore or electronically through: http://www.amazon.com or some other bookseller

o        Note: The class follows the books very loosely.

References

         Jie Wang, Theory and Practice (Hardcover), Springer; 1 edition (February 1, 2009), ISBN: 3540796975

 

 

Class Attendance Policy

Students should attend the class in the classroom.

 

Cheating and Plagiarism Policy

All forms of academic dishonesty will result in an F for the course and notification of the Academic Dishonesty Committee.  Academic dishonesty includes (but is not limited to) plagiarism, copying answers or work done by another student (either on an exam or assignment), allowing another student to copy from you, and using unauthorized materials during an exam.

 

Make-up Exams

      Make-up exams will only be given in case of serious need and only when the instructor is notified prior to the exam time. If this is not done, the grade is automatically zero for that exam/quiz.

      Written verification for the student¨s inability to take an exam will be required.

      The make-up exams will be different from those given to the class.

 

COURSE GOALS

         Master basic network security protocols and systems

Defense: firewall, SSH, SSL, etc.

Attacks: Man in the middle, session hijacking, etc.

         Master wireless network defense and attack techniques

Defense: WEP, WPA, etc.

Attacks: Cracking keys, Frame injection, man in the middle, etc.

         Master web defense and attack techniques

Defense: SSL, authentication, etc.

Attack: Cross-site Scripting Attack (XSS), Cross-site Request Forgery Attack, SQL-Injection Attack, etc.

 

 EVALUATION PROCEDURES

 Components of Course Grade:

Assignments (5~10)

25%

Midterm Exam

25%

Final Exam

25%

Final Project

25%

 

Grade Scale: A+(4.0), A(4.0), A-(3.7), B+(3.3), B(3.0), B-(2.7), C+(2.3), C(2.0), and F (0.0)

 

 

A

85 ~ 100

B

70 ~ 84.9

C

60 ~ 69.9

D

50 ~ 59.9

F

below 50

 

Homework Assignments

      All assignments are to be turned in on or before the due date and time. If you try and cannot turn in an assignment electronically because the campus network is down, you will not be penalized.

      An assignment turned in up to 24-hours late will be reduced by 10% of the assignment¨s worth, more than 24 hours late will be reduced 100%.

      The due date and time for each assignment will be specified on assignment postings.

      All assignments are expected to be individually and independently completed. Should two or more students turn in substantially the same solution or program, in the judgment of the instructor, the assignment will be given a grade of zero. A second such incident will result in an F grade for the course.

 

Exams

      Exams are based on textbooks, web sites, and assignments.

 

Projects

      There will be individual or group projects.

      Each member of this class is required to join a team of 3 persons. A team must have a team leader coordinating the communication with members and the instructor.

      Each team must be formed within 2 weeks from the semester start and the team leader will report the list of members to the instructor once the team is formed.

      Team work is encouraged since all members of a team will receive the same score based on the entire team¨s performance for team projects.

      Some of the projects will be performed within a closed laboratory.

 

TENTATIVE CLASS SCHEDULE

The schedule may be adjusted based on the actual progress in the semester.

 

Order

Topics

Chapter

Readings

Assignment

Data

Module 1

Basic network security: protocols and systems (firewall, SSL, SSH, etc.)

 

 

 

Module 2

Wireless security (WEP, WPA, WPA2, etc.)

 

 

 

Module 3

Web security (XSS, SQL injection, etc.)

 

 

 

 

 

 

 

 

Holidays

 

 

 

 

11/11 Wednesday

Veterans Day Observed (University closed)

 

 

 

11/26 ~ 11/29

Thanksgiving Recess

 

 

 

12/14 Monday

Last Day of Fall Semester Classes

 

 

 

11/11 Wednesday

Veterans Day Observed (University closed)