CS 285 Network Security
Fall 2007
[Overview] [Schedule & Lecture Note] [Assignment]
[Policy] [Resources]
Course
Information
Time:
Tuesday/Thursday 11am-12:15pm, Room: 244 Featheringill
Hall
Instructor: Yuan Xue (
), Office: 383 Jacobs
Hall, Phone: 615-322-2926
Office hours:
Tuesday/Thursday 2pm-3pm; or by appointment.
Web: http://vanets.vuse.vanderbilt.edu/~xue/cs285fall07/index.html
Course
description:
This course provides an introduction to the principles and practice of network security. Topics include: security threats in networks, principles for providing security mechanisms (cryptography, key management, message authentication), practice of securing systems (PGP, IPsec, SSL), and recent research topics in security.
Credit: 3 credit
hours
Prerequisite:
The course requires a background in computer networks (e.g. cs283 or equivalent) and programming experience (e.g., cs201 or cs270 or equivalent).
Text book:
[WS] Cryptography and Network Security: Principles and Practice (3nd Edition) by William Stallings
Reference books:
[KPS] Network Security: Private Communication in a Public World (2nd Edition), by Charlie Kaufman, Radia Perlman, Mike Speciner
[CSP] Security in Computing (3rd Edition), by Charles P. Pfleeger, Shari Lawrence Pfleeger
[MB] Computer Security: Art and Science, by Matthew A. Bishop
Schedule
|
Date |
Topic |
Lecture Note/Handout |
Reading/Assignment |
|
08/30/07 |
Course Overview |
See the course website offered in Fall 2008 |
|
|
09/04/07 |
Computer Network Review (I) |
|
|
|
09/06/07 |
Computer Network Review (II) |
|
|
|
09/11/07 |
Security Mechanisms Overview |
|
Chapter 1 |
|
09/13/07 |
Secret-key Cryptography (Basics) |
|
Section 2.1 |
|
09/18/07 |
Secret-key Cryptography (Block Cipher
Principle) |
|
HW 1 release Section 2.2, 2.3, 3.2, 3.6 |
|
09/20/07 |
Secret-key
Cryptography (DES) |
|
Section 3.3, 3.4, 3.5 |
|
09/25/07 |
Block Cipher Mode |
|
Section 3.7 |
|
09/27/07 |
Secret Key Management |
|
Section 7.1, 7.3 |
|
10/02/07 |
Public-key Cryptography (Overview) |
|
Section 9.1 |
|
10/04/07 |
Public-key Cryptography (RSA) |
|
HW 2 release Section 9.2 |
|
10/09/07 |
Message Authentication Code (1) |
|
Section 11.1, 11.2, 11.3 |
|
10/11/07 |
Message Authentication Code (2) |
||
|
10/16/07 |
Hash Functions |
|
Project release Section 11.4, 12.1, 12.4 |
|
10/18/07 |
Digital Signature |
|
HW 2 due, HW 3 release Section 13.1, 13.3 |
|
10/23/07 |
Fall Break |
|
|
|
10/25/07 |
Public Key Management |
|
Section 10.1, 10.2 |
|
10/30/07 |
Cryptography Review |
|
Project Proposal due |
|
11/01/07 |
Midterm Exam |
|
|
|
11/06/07 |
Authentication Protocol (1) |
|
HW 3 due |
|
11/08/07 |
Authentication Protocol (2) |
HW 4 release |
|
|
11/13/07 |
Web Security (1) |
|
|
|
11/15/07 |
Web Security (2) |
HW4 due (Nov 16) |
|
|
11/20/07 |
Thanksgiving
holidays |
|
|
|
11/22/07 |
Thanksgiving holidays |
|
|
|
11/27/07 |
Project Design Presentation |
|
Design Report due |
|
11/29/07 |
Email Security |
|
HW 5 release |
|
12/04/07 |
IP Security |
|
|
|
12/06/07 |
Worm/DoS attack |
|
|
|
12/11/07 |
Intrusion Detection System/Firewall Beyond Network
Security |
|
HW 5 due |
|
12/13/07 |
Project Presentation (last day of
class) |
|
|
|
12/18/07 |
Project Demo |
|
Project Final Report due |
Assignment
|
|
Homework 1 |
|
|
Homework 2 |
|
|
Homework 3 |
|
|
Homework 4 |
|
|
Homework 5 |
|
|
Project |
Policy
Grading
Policy
Class participation: 10%
Homework: 35%
Midterm: 25%
Project: 30%
Homework
There will be five homework assignments throughout the semester. The homework assignments and their due dates will be listed on the Assignment. Homework assignments are due at the beginning of the class on the day due. Late assignments are not accepted.
Academic Integrity
Students are
encouraged to discuss homework assignments and projects with each other but
only in a general manner (to help understand the nature of the problem).
Specific solutions cannot be discussed. And all the work you submit must be
your own work. All students are required to acquaint themselves with the
provisions of the University's
Honor System.
In addition to the usual expectations regarding
academic honesty, this course presents some particular ethical and even legal
problems. First, while this is not a course in how to crack systems, it is
practically impossible for us to avoid discussing concrete security weaknesses
in existing systems. Any attempt to use such information to gain unauthorized
access to any system is a violation of the Vanderbilt Policy on Computer Privileges and
Responsibilities. Please also refer to Vanderbilt Computing And
Networking Policies for more information.
Resources
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
"Communication Theory of Secrecy
Systems", by Claude
Shannon |
Survey
As
a student of this course, your opinion is particularly valued. Please fill in
the online
survey form, so that I can better understand your background and your need.
?
2007, Yuan Xue (
)