ISA 656, Network Security

[Class Schedule]  [Bibliography]   [Optional Labs]   [Homeworks]

Instructor: Angelos Stavrou
Class Time: Wednesday 7:20 pm - 10:00pm
Location: Science and Technology I 128
Textbook: Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192.
Course PRE/CO-REQUISITES: ISA 562 and CS 555 or permission of the instructor

Office Hours: Wednesday 5:00 - 7:00 pm, room 441, Science and Technology II and by appointment

Teaching Assistant: Rhandi Martin <>
TA Office:
TA office, Science & Technology II
TA Hours:
Tuesday 5:00 pm - 8:00 pm

Course Description:

In this course, students will learn the current state of network security including attack and defenses enabled by the use of communication networks. The use of networked devices in both everyday and critical tasks comes great potential for service disruption because of unauthorized access and use.
The traditional physical security mechanisms (locked doors, security guards, etc.) fail to address the problem. On the other hand, a wide variety of security measures may be employed in countering such threats. It is important to understand the concepts and tools available in order to assume an appropriate security posture.

The course will provide the necessary foundation on network security and an in-depth review of commonly-used security mechanisms and techniques. Specific topics that will be covered include network attacks, firewalls, intrusion detection and response, security protocols (in particular, IPsec, SSL, and Kerberos), Denial of Service (DoS) attacks/ detection/prevention, viruses and worms, DNS, email & Voice Over IP (VoIP) security, wireless infrastructure security, web security, and privacy.

Course Outcomes:

1. Comprehend fundamental design principles of and the network security (or lack of )
Internet Protocols, and IP networks, including the name system, routing and Internet services.

2. Comprehend advanced security technologies and defenses including firewalls,
honey pots, virtual private networks, anonymity networks and denial of service defenses.

3. Apply understanding of Network Security by analyzing, evaluating, and
improving actual network & system configurations.


Kaufman, Perlman, and Speciner. Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192. (Required).

Cheswick, Bellovin, and Rubin. Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition, Addison-Wesley Professional, 2003, ISBN 020163466X. (Rehttcommended)

On-Line Java Book by Bruce Eckel [zip]

Midterm/Project: 20%
Final: 25%
Homeworks: 50%
Class Participation: 5%

Homework Policy

Homeworks received later that day lose 5%, the next day 10%,
two days late 20%, three days late 30%, after that, 50% credit.
All homeworks should be submitted via blackboard to the instructor.

Homework 0 during Lab, extra credit on your own
[sample code in Java for Client & Server and in C for Client & Server]
Homework 1 during Lab, extra credit on your own [Check Lab 2 for sample code]
Homework 2 due Oct 8th, Oct 9th, midnight via Blackboard [Solutions]
Homework 3 due Oct 27th, Nov 3rd, midnight via Blackboard
Homework 4 due Nov 18th, Nov 25th, midnight via Blackboard
Homework 5 due Dec 8th, Dec 16th, midnight via Blackboard

Extra Labs

Optional Laboratories

Friday, September 12,
7:00pm - 8:30pm
Science and Technology I 128

Introduction to Java & C Network Programming [pdf]
[Linux VMWare Image]

Friday, October 3,
7:00pm - 8:30pm
Science and Technology I 128

Networking with multi-processing
Java [pdf] [Sample programs] & C [pdf] [Sample programs]


Class Schedule

Week & Date
Course Lectures & Readings

Week 1, Aug. 27

Course Introduction [pdf][4 slides in1 pdf]
Firewalls: Design goals, basic firewall architectures [pdf][4 slides in 1 pdf]

- Kaufman et al., chapter 23
- Chapman, "Network (In)Security Through IP Packet Filtering"

Week 2, Sept. 3

Firewalls: Packet filtering routers, NATs [pdf][4 slides in 1 pdf]

"Using the Domain Name System for System Break-Ins"
Steve Bellovin, Proceedings of the Fifth Usenix Unix Security Symposium.

"A DNS Filter and Switch for Packet-filtering Gateways",
Cheswick and Bellovin, Proceedings of the Sixth Usenix Unix Security Symposium.

Week 3, Sept. 10

LAB I: (Unix, Firewalls & Scanners) [pdf]

Application-level gateways, circuit-level gateways [pdf][4 slides in 1 pdf]

"The Internet Worm Program: An Analysis", Purdue Technical Report CSD-TR-823.
Eugene H. Spafford. Department of Computer Sciences. Purdue University

Week 4, Sept. 17

Worms, Virus, Trojans and other Malfease [pdf][4 slides in 1 pdf]
Guest Lecture: Professor Michael E. Locasto

"All Your iFRAMEs Point to Us",
Provos et. al. Proceedings of the USENIX Security '08

Week 5, Sept. 24

Introduction to Cryptography (Block Ciphers) [pdf][4 slides in 1 pdf]

LAB II: (Advanced Network Programming) [pdf]

- Kaufman et al., Chapters 4-6
- Appendix A of Cheswick et al. or section 13.1 of that part of the first edition

Week 6, Oct. 1

Cryptography cont. (Stream Ciphers, Public key, hash functions, MACs) [pdf][4 slides in 1 pdf]

Chapter 17 and 18 (parts) of Kaufman et al.

Quiz 1[pdf] Solutions [pdf]

Week 7, Oct. 8

In depth study of IPSEC and IKE [pdf][4 slides in 1 pdf]

LAB III: (Snort & Wireshark) [pdf]

Chapter 17 and 18 (parts) of Kaufman et al.

Week 8, Oct. 15
Web Security: SSL, TLS and other secure protocols
[pdf] [4 slides in 1 pdf]

Midterm Discussion
Week 9, Oct. 22

Midterm [sample] Solutions [pdf],
Programming (Client) (Server

Week 10, Oct. 29

LAB IV: (IDS & Penetration Testing)
[Defender] [Attacker]

Writting Snort Rules [PPT]

Week 11, Nov. 5

Security Mechanisms for Email
[pdf] [4 slides in 1 pdf]
Chapter 20-22 of Kaufman et al.

Domain Name System (DNS)
DNS Root Attack on 6th Feb 2007 - End User View
Matsuzaki 'maz' Yoshinobu, NANOG-40 Meeting, Jun 2007
DNS Distributed Denial of Service (DDoS) Attacks,
SSAC Advisory SAC008, March 2006
Anatomy of Recent DNS Reflector Attacks from the Victim and Reflector Points of View
Frank Scalzo, NANOG-37 Meeting, Jun 2006

Week 12, Nov. 12

Wireless security
[pdf][4 slides in 1 pdf]

"Intercepting Mobile Communications: The Insecurity of 802.11",
Nikita Borisov, Ian Goldberg, and David Wagner. MOBICOM 2001
"The Final Nail in WEPs Coffin",
Andrea Bittau, Mark Handley and Joshua Lackey, IEEE Symposium on Security and Privacy, 2006

Voice Over IP (VoIP) Security
[pdf][4 slides in 1 pdf]

Security Considerations for Voice Over IP Systems (January 2005)
National Institute of Standards and Technology (NIST)

Week 13, Nov 19

Denial of Service (DoS) attacks and mitigation
[pdf] [4 slides in 1 pdf]

A cyber-riot
, Economist (May 10th 2007)
Distributed Reflection Denial of Service (2002)
by Steve Gibson, Gibson Research Corporation

Week 14, Nov 26
No class

Thanksgiving recess

Week 15, Dec 3

Routing security
[pdf] [4 slides in 1 pdf

Review & Final Exam Information

[pdf] [4 slides in 1 pdf]

Week 16, Dec 10

Final Exam [Sample] [Tcpdump file]

Please read the University's Academic Honesty Page and GMU Honor Code.

Disability Statement

If you have a documented learning disability or other condition that may affect academic performance you should:
1) make sure this documentation is on file with the Office of Disability Services:
(SUB I, Rm. 222; 993-2474; to determine the accommodations you need;
2) talk with me to discuss your accommodation needs.

Acknowledgements: I would like to thank Prof. Steven M. Bellovin and Prof. Angelos D. Keromytis for allowing me to borrow some of the material from their classes at Columbia University.

Home -  Publications - Teaching - CV - Contact

Last updated: Tue, August 31, 2010
Please feel free to send your comments and suggestions to Angelos Stavrou.
© 2010 Angelos Stavrou, Computer Science Department, George Mason University.