CS 410 Top: Network Security
| Credit Hours: | 4 |
| Course Coordinator: | N/A |
| Course Description: | This is an advanced study of network security. Topics include historical and recent network-based attacks including denial of service attacks, a study of network security monitoring procedures including anomaly and signature-based detection, firewalls, and an in-depth study of defensive techniques at various layers of the ISO stack, including modern cryptographic protocols like IPSEC, SSL, and other application-layer security protocols. |
| Prerequisites: | CS 494 Internetworking protocols. |
| Goals: | Upon the successful completion of this course students will be able
to:
- Program cryptographic network protocol.
- Explain crypto protocols like ssh, kerberos, ssl, IPSEC.
- Compare L3/L7 firewalls.
- Describe/analyze various network attacks.
- Determine pros/cons of network security tools.
- Analyze network security design.
- Analyze tradeoffs in crypto including trust assumptions at L2, L3, L4, L7.
- Understand security ethical challenges.
- Secure 1 host against attack.
|
| Textbooks: | 1. Network Security. Private Communication in a Public World. Second Edition. Kaufman, Perlman, Speciner. Prentice-Hall, 2002.
2. Hacking Exposed. McClure, Scambray, Kurtz, McGraw-Hill. Osborne. Fourth Edition. 2003. |
| References: | None. |
| Major Topics: |
- Historic and recent network attacks including the architecture of
those attacks.
- Cryptographic function review (symmetric, asymmetric,
key-management, message-digest, authentication principles, network
security policy)
- Firewall functionality at layer 3, layer 7, mixed hybrid
schemes.
- Security at layer 1 and layer 2 in the ISO stack.
- Wireless security
- IPSEC and layer 3 security issues.
- Layer 7 security issues including email and secure protocols
including kerberos, SSH, SSL.
- Network monitoring including anomaly-based and signature-based
detection systems.
|
| Laboratory Exercises: | 4 week tiger team "attack-defend" exercise. Students are assigned a host and instructed in its defense. |
| CAC Category Credits |
Core | | Advanced |
| Data Structures |
| 0.5 |
| Algorithms |
| 0.5 |
| Software Design |
| 0.5 |
| Computer Architecture |
| 2.5 |
| Programming Languages |
| |
| Oral and Written Communications: | Every tiger team is expected to produce a written report on the order of 10-20 pages. This is a report of attacks detected and analysed and defensive measures taken during the tiger team exercise period. |
| Social and Ethical Issues: | Some time (although it is hard to estimate how much time) is spent on ethnical issues related to network and computer hacking, as we learn in the class how to protect networks (sets of hosts) from widespread and very common attacks prevalent on the Internet today. |
| Theoretical Content: | Theoretical content includes the dissection of various network protocols either in terms of their existing security flaws, or in terms of specific protocols designed to be more secure due to the use of strong cryptography or other measures. We also present the theory of signature and anomaly-based intrusion detection systems. Probably at least %50 of the time in the class is spent on theoretical content. |
| Problem Analysis: | This class is more or less focused on the hard problem of how we protect networks at all levels from overt and passive attacks. Specific problems include: tradeoffs between different protocols and different layers of the ISO stack, how specific attacks may be defended against, and how hosts and networks may be made less insecure. |
| Solution Design: | This class has typically asked students to create a cryptographic-based "secure" protocol that uses symmetric encryption and authentication algorithms. The goal of this exercise is not to study cryptography, but to study design issues associated with cryptographic protocols and in particular study the use of keys and gain more comprehension of common key management problems as they exist in secure network protocols. In addtion we ask a team of students to work together to secure a host from attackers elsewhere on the network. Students must try and determine the nature of the attacks and design a methodology for making their host more secure. |
|
