CSE 508 – Network Security

 

Instructor: Long Lu
Location: PSYCHOLOGY A 137
Meeting Times: Mon Wed 2:30 p.m. – 3:50 p.m. (Spring 2014)
Prerequisites: Fundamentals of computer networks, distributed systems, and security.
Office Hours: Wed 3:50 p.m. – 4:50 p.m.
TA and Office Hours: Amogh Akshintala
2110 Computer Science (TA room)
Thu 5:00 p.m. to 6:30 p.m.

 

  • Course Description

    This is a newly re-designed course that covers a series of important topics in computer and network security. The first half of the course starts with the basic cryptography and soon delves into to the classic security problems and solutions at different layers of computer network. It then proceeds to the recent developments in network security and ends with the mid-term exam. The second half shifts the focus to operating systems and distributed networks, as it reveals the software security issues targeted by cyber attacks and studies the host-based prevention/detection mechanisms. Finally, the course touches on some latest advances in cloud and mobile security.

    Students should expect an average reading load of 2-3 papers (or equivalent) per week, bi-weekly assignments, two exams, and a group project that requires a LARGE amount of system-level programming.

    Reading Materials and Text Books

    Pre-class readings consist of academic papers and online book chapters or articles, whose digital copies will be provided before class. After each lecture, a handout will be posted for reviewing content covered in class. These materials, as they become available, will be linked from the course schedule (SBU NetID login needed for access). Materials provided in this course should be used for educational purposes only and not be distributed without permissions. 

    The following text books are recommended, but NOT required:

    • [NS] Network Security: Private Communication in a Public World (by Charlie Kaufman et al.)
      ISBN-10: 0130460192 | ISBN-13: 978-0130460196
    • [ICS] Introduction to Computer Security (by Michael Goodrich and Roberto Tamassia)
      ISBN-10: 0321512944 | ISBN-13: 978-0321512949
    • [HAC] Handbook of Applied Cryptography (by Alfred J. Menezes et al.)
      Available for download at http://cacr.uwaterloo.ca/hac/

    Learning and Teaching

    For effective in-class learning, students must finish the required readings before coming to classes. This course is taught primarily using whiteboard with occasional uses of slides for demonstrations. Note-taking is strongly encouraged, so is active participation in discussions. In addition to the standard lecturing, this course contains several hands-on sessions, where students are given opportunities to present real-world case studies, demonstrate coding assignments, and conduct live experiments.

    For assigned paper readings, students are asked to write and submit short paper summaries before class. Please use this form to format and submit paper summaries (SBU NetID login required).

    Lecture notes taken by students are available on this page.

    Grading

    • Paper summaries, assignments, and presentations – 20%
    • Mid-term exam – 20%
    • Final exam – 20%
    • Projects – 40%

    Honor Code

    Students are required to follow the university honor code and guidelines on academic conduct at all times. Failing to do so will result in instant reports to the university.

  • Schedule (tentative)

    Students must check this schedule regularly as new materials are frequently added without separate announcements. 

    Date Topic Content
    (readings & handouts)
    Note
    Basic Crypto
    1/27 Symmetric-key cryptography Chapter 1.1-1.5, 6.1, and 7.1-7.3 in [HAC];
    Chapter 3 and 4 in [NS] (optional);
    1/29 Asymmetric-key cryptography Chapter 1.6-1.11 and 8.1-8.2 in [HAC];
    Chapter 2.5 and 2.6 in [NS] (optional);
    Hands-on assignment 1 is posted.
    2/3 Passwords and
    authentication
    Password security: A case history;
    Chapter 9 and 10 in [NS] (optional);
    Class is cancelled due to winter storm.
    2/5 Hands-on: Crypto tools and libraries Class is cancelled due to inclement weather.
    Classic Network Security
    2/10 TCP/IP security A Look Back at “Security Problems in the TCP/IP Protocol Suite”;
    2/12 DNS Security DNS VulnerabilitySecurity Issues with DNS Hands-on assignment 2 is posted
    2/17 Hands-on:
    BGP security
    BGP security;
    2/19 Botnet and malware BotHunter; Botnet takeover
    2/24 Firewall and IDS Distributed firewall; Data mining-based IDS
    2/26 HTTPS, SSL, and
    TLS
    Security of RC4 in TLS; Chapter 19 in [NS] (optional); Attacks on SSL (optional)
    Recent Developments in Network Security
    3/3 Web security (I) Web-based attacksChrome browser; Term Project posted
    3/5 Web security (II) BLADE; SURF
    3/10 Hands-on:
    Project demo & discussion
    3/12 Anonymity Tor; I2P
    3/17 NO CLASS Spring Recess
    3/19 NO CLASS Spring Recess
    3/24 Software defined network and security Road to SDNEthane
    Host-based Security
    3/26 Legacy code and
    memory errors
    Memory corruption errors
    3/31 Mid-term exam Covering materials taught up to 3/24
    4/2 Exploitation
    techniques and penetration testing
    Recent Advances in Exploiting Buffer Overruns (optional)
    4/7 Exploitation mitigations Eternal War in Memory
    4/9 OS-level security mechanisms Guest lecture by Prof. Ferdman
    4/14 Virtual machine
    introspection
    VMI for intrusion detectionIn-VM monitoring
    Cloud and Mobile Security
    4/16 Distributed
    systems and security
    Trust management
    4/21 Security of cloud infrastructures and services Controlling data in cloud; Data security in cloud
    4/23 Cellular network security Cellular botnet
    4/28 Mobile security Android app security; iOS security (optional); Develop secure apps (optional)
    4/30 Hands-on:
    malicious apps
    Android malware
    Wrap-up
    5/5 Project
    presentation (I)
     Project Due 5/4 11:59 p.m.
    5/7 Project
    presentation (II)
     
    5/13 Final Exam 5:30p – 8:00p, same lecture room, covering all materials.