Network Security

Course Composition and Objectives

• Security Fundamentals
  • Explain the importance of network security
  • Describe the different types of attacks, common attack techniques, and mitigation strategies
  • Describe different intrusion tools, penetration scenarios, and steps to conduct a penetration
  • Identify the components of a complete security policy
• Classic Cryptography
  • Describe typical encryption and decryption methods
  • Explain the principles behind these methods
  • Analyze the security of these methods
  • Devise simple encryption and decryption methods based on the knowledge learned from history
• Symmetric Key Cryptography
  • Describe typical symmetric-key cryptosystems such as A5/1 and DES
  • Apply symmetric-key crypto to an application
  • Explain the principles of symmetric-key crypto
  • Describe the basic security analysis methods for symmetric-key crypto
• Public Key Cryptography
  • Explain the principles of public-key crypto
  • Describe how public key crypto systems work
  • Explain the RSA system
  • Describe the typical applications of public key systems
• Firewall Technologies
  • Define stateful packet filtering technology and describe how the technology works.
  • Define proxying firewall technology.
  • Describe how proxy servers and clients work and their capabilities when building a firewall.
  • Describe different firewall architectures.
  • Explain the limit and applications of firewall technologies.
• Wireless Network Security
  • Describe the basics of wireless security
  • Discuss wireless network protocols such as WEP and WAP and their security
  • Connect the topic to the knowledge learned in the previous topics such as stream ciphers
• Malware
  • Explain the basics of malware including virus, worm, spyware
  • Discuss the consequence and defense of malware
  • Describe the limitations of the current malware detection techniques.
• Intrusion Detection
  • Describe intrusion detection and related concepts and terminologies.
  • Discuss the host-based intrusion detection system and illustrate how it works with examples.
  • Discuss the network-based intrusion detection system and illustrate how it works with examples.
  • Explain the limitations of the current intrusion detection techniques.
• Denial of Service
  • Understand and explain DoS and DDoS
  • Review the state of the art of DoS and DDoS
  • Recognize the need of defense tools
  • Understand the limitations of the current prevention and detection techniques.
• Botnets
  • Define and explain botnets
  • Recognize the need of defense tools.
  • Review the state of the art of botnets by examining recent botnets
• Web Security
  • Explain the basics of web security
  • Explain XSS and SQL injection
  • Describe the current defense technologies against XSS and SQL injection attacks.
• Software (In)Security
  • Explain why software is usually insecure
  • Explain why a set of programming errors can lead to security problems
  • Describe how a buffer overflow attacks
  • Describe how defense technologies protect against buffer overflow attacks.
• Instructors Choice: Instructors may choose topics and learning objectives that meet the spirit of the course as defined here. Instructors may choose to devote more time to the learning objectives listed above or to add additional, complimentary objectives. Supplementary material and objectives should not overlap with the defined content of other courses in the curriculum

Course Description

Information technology has become a key component to support critical infrastructure services in various sectors of our society. In an effort to share information and streamline operations, organizations are creating complex networked systems and opening their networks to customers, suppliers, and other business partners. Increasing network complexity, greater access, and a growing emphasis on the Internet have made information/network security a major concern for organizations.

IST 451 focuses on network security. The course will provide the students with a comprehensive understanding of the fundamental issues and concepts of network security, and the mainstream network security technologies and protocols that are widely used in the real world. The course will also address emerging technologies in network security.

A major component of the course will be several team-based hands-on attack-defense projects. Each project has two phases: the attack phase and the defense phase. A group may be asked to defend against the attacks enforced by another group. This course will incorporate collaborative and action-learning experiences wherever appropriate. Emphasis will be placed on developing and practicing writing and speaking skills through application of the concepts, theories and technologies that define the course.