Network Security (ISA 656) Spring 2012
Instructor: Damon McCoy (mccoy(at)cs.gmu.edu)
Time: Tuesday 4:30 pm - 7:10 pm
Room: Nguyen Engineering Building 4457 [map]
Office Hours: Tuesday 2:00 pm - 4:00 pm also by appointment
Office: 5328 Engineering Building
Course Website: http://www.cs.gmu.edu/~mccoy/ISA656_S12.html
Course Forum: piazza
We will be using piazza for discussions on current security topics, and if you have a question this is the best place to ask it. We will check the page regularly and other students will be able to help as well.
GMU catalog: This course is an in-depth introduction to the theory and practice of Network Security. It assumes basic knowledge of cryptography and its applications in modern network protocols. The course studies firewalls architectures and virtual private networks and provides deep coverage of widely used network security protocols such as SSL, TLS, SSH, Kerberos, IPSec, IKE, and LDAP. It covers countermeasures to distributed denial of service attacks, security of routing protocols and the Domain Name System, Email security and spam countermeasures, wireless security, multicast security and trust negotiation.
This course will present current attacks and and defenses against networked computers. As a growing number of everyday things not typically thought as computer gain computational ability and in turn are connected to networks traditional security methods, such as locks and physical security mechanisms are no longer sufficient to protect them. This course will delve into the concepts and tools defenders have at their disposal and which threats they can mitigate.
ISA 562 and CS 555; or permission of instructor. There will be substantial programming involved in the assignments, and students should be familiar with programming in C, Java or another language.
Midterm: 25% (Open book)
Labs: 5% (There will 2-3 in class labs)
Assignments: 30% (I will assign 2-3 that will be mostly programming)
Final Project: 30% (You will work in groups of 2-3 on a class project in network security with a writeup/presentation due at the end)
Class/Forum Participation: 10%
Assignments received later that day lose 5%, the next day 20%, two days late 40%, after that no credit will be given. Please email or come and talk with me if cannot turn in an assignment on time for some unforeseeable reason.
Kaufman, Perlman, and Speciner. Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192. (Required).
There will also be on-line news articles and research publications that will be required reading before some of the lectures.
HW1 due Feb. 7 before class
HW2 due Mar. 7 11:59pm
HW3 due Apr. 17 before class
Feb. 21 IDS/Network Sniffers VM image for Lab please download this and install VMware. (Location Engineering Center 1505, during class)
Feb. 24 Java network programming (Location Engineering Center 1505, 7pm-9pm Not graded Optional)
Mar. 20 Firewalls, and Network Vulnerability Scanners VM image for Lab please download this and install VMware. (Location Engineering Center 1505, during class)
Lab: Firewalls, and Network Vulnerability Scanners
The topic and list of required readings are below.
|week and date
||Topic and Required Reading
|week 1, Jan 24th
||Course Overview and Introduction to Network Security [slides on blackboard]
|week 2, Jan 31st
||Firewalls [slides on blackboard]
Chapman, "Network (In)Security Through IP Packet Filtering"
|week 3, Feb 7th
||Malware [slides on blackboard]
The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond, DHS, SRI, APWG Report, October 2006
THE PARTNERKA . WHAT IS IT, AND WHY SHOULD YOU CARE?, Dmitry Samosseiko, SophosLabs tech report 2009
The Underground Economy of Spam: A Botmaster.s Perspective
of Coordinating Large-Scale Spam Campaigns, Brett Stone-Grossx, Thorsten Holzz, Gianluca Stringhinix, and Giovanni Vigna, LEET 2011
Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Usenix Security 2011
|week 4, Feb 14th
||Guest Lecuter: Professor Angelos Stavrou
|week 5, Feb 21st
||Intrusion Detection Systems [slides on blackboard]
Lab: IDS/Network Sniffers [instructions on blackboard under assignments]
|week 6, Feb 28th
||Virtual Private Networks (IPsec/IKE)
SSL, TLS, SSH
|week 7, Mar 6th
Routing Protocol Security (BGP)
|week 8, Mar 13th
|week 9, Mar 20th
||DDoS Attacks and Mitigation Lab:Firewalls/Network Scanners
|week 10, Mar 27th
||Email SecurityMidterm Review
|week 11, Apr 3rd
|week 12, Apr 10th
||Wireless SecurityEmbedded Device Security
|week 13, Apr 17th
|week 14, Apr 24th
|week 15, May 1st
||TBD (Possible topics Browser Security Models, HCI and Network Security, Cellular Network Security)
|Final May 15th 4:30-7:15
||Final Project Presentations
Please read and adhere to the University's Academic Honesty Page, GMU Honor Code, CS Department Honor Code
If you have a documented learning disability or other condition that may affect academic performance you should:
1) Make sure this documentation is on file with the Office of Disability Services.
All academic accommodations must be arranged through the ODS. http://ods.gmu.edu
2) Talk with me to discuss your accommodation needs.
Other Usefull Resources:
Writing Center: A114 Robinson Hall; (703) 993-1200; http://writingcenter.gmu.edu
University Libraries: .Ask a Librarian. http://library.gmu.edu/mudge/IM/IMRef.html
Counseling and Phychological Services (CAPS): (703) 993-2380; http://caps.gmu.edu
University Policies: The University Catalog, http://catalog.gmu.edu, is the central resource
for university policies affecting student, faculty, and staff conduct in university affairs.