[Class Schedule]  [Bibliography]   [Optional Labs]   [Homeworks]

Instructor: Angelos Stavrou <astavrou at gmu.edu>
Lecture*: Monday 7:20 pm - 10:00pm
Room: Robinson Hall B, room B205
Laboratory: Lab times will be determined at the first meeting
Laboratory Location: TBD
PRE/CO-REQUISITES: ISA 562 and CS 555 or permission of the instructor
Office Hours: Wednesday 5:00 - 7:00 pm, in Science and Technology II, Room 441 and by appointment

Teaching Assistant: Nour Wasif Aulabi <naulabi at gmu.edu>
TA Office: Adjunct office, Science & Technology I I
TA Hours: Thursday 5:00 - 7:00 pm
*The first class meeting will be on Monday, January 28th, 7:20pm at Robinson Hall B, B205

Course Description:

In this course, students will learn the current state of network security including attack and defenses enabled by the use of communication networks. The use of networked devices in both everyday and critical tasks comes great potential for service disruption because of unauthorized access and use.
The traditional physical security mechanisms (locked doors, security guards, etc.) fail to address the problem. On the other hand, a wide variety of security measures may be employed in countering such threats. It is important to understand the concepts and tools available in order to assume an appropriate security posture.

The course will provide the necessary foundation on network security and an in-depth review of commonly-used security mechanisms and techniques. Specific topics that will be covered include network attacks, firewalls, intrusion detection and response, security protocols (in particular, IPsec, SSL, and Kerberos), Denial of Service (DoS) attacks/ detection/prevention, viruses and worms, DNS, email & Voice Over IP (VoIP) security, wireless infrastructure security, web security, and privacy.

Class Objectives:

1. Comprehend fundamental design principles of and the network security (or lack of )
Internet Protocols, and IP networks, including the name system, routing and Internet services.

2. Comprehend advanced security technologies and defenses including firewalls,
honey pots, virtual private networks, anonymity networks and denial of service defenses.

3. Apply understanding of Network Security by analyzing, evaluating, and
improving actual network & system configurations.


Bibliography:

TextBook:
Kaufman, Perlman, and Speciner. Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192. (Required).

Optional:
Cheswick, Bellovin, and Rubin. Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition, Addison-Wesley Professional, 2003, ISBN 020163466X. (Recommended)

On-Line Java Book by Bruce Eckel [zip]

Grading:

Midterm/Project: 20%
Final: 30%
Homeworks: 45%
Class Participation: 5%

Homeworks

Homeworks received later that day lose 5%, the next day 10%,
two days late 20%, three days late 30%, after that, 50% credit.
All homeworks should be submitted via email to the instructor.

Homework 0 during Lab, extra credit on your own
Homework 1 during Lab, extra credit on your own
Homework 2 due March 19th, March 22nd 11:59pm via email
[PDF with Solutions] [sample solution 1] [sample solution 2]
Homework 3 due April 27th, 11:59pm via email [PDF with Solutions] [sample code]
[TCPDump File] [Worm File]
Homework 4 due May 11th, 11:59pm via email [PDF with Solutions]

Code to generate Certificates and Keys (added storage to keystore), and just Keys.

Client and Server using public-key encryption.
(including transfer of the client's public key to the server, encryption of the server
certificate using the public key, secure transfer and storage to the client's keystore)

Multi-threaded Secure Socket establishment using the transfered
and saved server self-signed certificate: SSLClient and SSLServer

Extra Labs

Class Schedule

Acknowledgements: I would like to thank Prof. Steven M. Bellovin and Prof. Angelos D. Keromytis for allowing me to borrow some of the material from their classes at Columbia University.