Network Security, Fall 2006

1. Preliminaries

• 1.1 -- 08/28: Introduction and Security Basics
  Intro slides
  Chapter 1
  

2. Symmetric Key Cryptography

• 2.1 -- 08/30: Symmetric Encryption Basics
  reading: 1, 2
  Chapter 2 slides
  Cryptanalysis Example
  Homework 1 assigned
• 2.2 -- 09/06: SDES and Feistel Ciphers
  Chapter 3 slides
  reading: 3.1-3.2
  I also strongly recommend The Code Book by Simon Singh
• 2.3 -- 09/11: DES and Cipher Modes
  reading: 3.3, 3.4, and skim 3.6
  Homework 1 due, Homework 2 assigned
• 2.4 -- 09/13: Adv. Ciphers and Key Management 1
  Chapters 5 and 6 slides
  Chapter 7 slides
  reading: 5.1, 6.1, 6.4, 6.5, 7.1-7.3 (not controlling key usage)
  and skim 6.2 and 6.3

3. Public Key Cryptography and Authentication

• 3.1 -- 09/18: Math Quiz
  reading: 4.2 and 4.3
• 3.1 -- 09/20: Number Theory Review
  reading: 8.1, 8.2, 8.3, and 8.5
• 3.2 -- 09/25: Public Key Cryptography and RSA
  reading: 9
• 3.3 -- 09/27: Key Management 2
  reading: 10
  Homework 2 due, Homework 3 assigned
• 3.4 -- 10/02: Authentication Primitives
  reading: 11
• 3.5 -- 10/04: Use of Authentication
  reading: 11

4. Protocols

• 4.1 -- 10/09: Certificates and CAs
  Homework 3 due, Homework 4 assigned
• 4.2 -- 10/11: Kerberos
• 4.3 -- 10/16: Web and Email Security
• 4.4 -- 10/18: SSH and VPN
  Homework 4 due
• 10/23: Midterm

5. Threats

• 5.1 -- 10/25: Malware Basics
• 5.2 -- 10/30: Botnets and DDoS
• 5.3 -- 11/01: TCP Attacks
• 5.4 -- 11/06: Network Attacks
• 5.5 -- 11/08: Web Attacks

6. Securing a Network

• 6.1 -- 11/13: Firewalls
• 6.2 -- 11/15: IDS
• 6.3 -- 11/20: Forensics
• 6.4 -- 11/22: Social Engineering and People Issues
• 6.5 -- 11/27: TEMPEST and COMSEC
• 6.6 -- 11/29: Physical Security
• 6.7 -- 12/04: Wireless Security
  
• 12/06: Prep. for Capture the Flag

Finishing Up

• 12/08: CTF Day!
• 12/11: Final

Your grade will be composed of:

• 30% Assignments
• 20% Lab Work
• 20% Online Participation
• 10% Midterm
• 20% Final

Grading

Grading will be on a curve. I will do my best to let you know where you stand as we go through the course, but no guarantees.

Late Policy

I will accept one late assignment or lab write-up per student, up to one week late. All online participation must be ontime.

Programming

There will be some programming in this class for which you must use Java or C++. Document and comment your code well.

Working Together

• Write the answers up by yourself.
• Don't give out final answers (e.g. numerical answers or decrpytions).

Tests

Tests will be timed, closed notes, closed book, and closed neighbor. If you have problems with time pressure or memorization, you are welcome to come in for additional assistance prior to the tests -- I will make extra time for you for both the material and test taking techniques.

Cheating

If you cheat on an assignment or test, you get 0 points for that assignment or test AND you lose an addition -200% in your grade. For example, if, by the end of the class, you have 100% on everything but you cheated on a midterm worth 10% of your overall grade, you will get a 70% in the class. This includes both the "looker" and the "lookee." Also, cheaters will not be allowed to do final projects for credit. There will be additional penalties from the department or the university.

If you must do well in the class, then you had better master the material by doing the assignments and studying for the tests. Failing to understand the principles and practices of security in the real world can lead to consequences far more serious than getting a bad grade.