Skip to content

Syllabus

sethnielson edited this page Apr 29, 2019 · 45 revisions

Syllabus

  • Computer Science 601.444/644
  • Network Security
  • Spring 2019
  • (3 credits)

Description

From ISIS

This course focuses on communication security in computer systems and networks. The course is intended to provide students with an introduction to the field of network security. The course covers network security services such as authentication and access control, integrity and confidentiality of data, firewalls and related technologies, Web security and privacy. Course work involves implementing various security techniques. A course project is required.

From the Instructor

The ISIS description is generic. Here is a more detailed description of what we will cover:

  • Secure network protocols in network stacks
  • Applied cryptography in network communications
  • Network architecture, including firewalls
  • Attacks on "secure" networks

Moreover, because so many students do not have a significant engineering background, the first several weeks of the class will cover client-server programming using the Python language.

Schedule

Date and Topic Classroom Assignments
1/28 - Welcome Slides: 01 Welcome to the Class READ: Intro to Python3
Assignment: Getting Started
Help Section: Setting up GitHub
1/30 - Python3 In-Class Escape Room Exercises READ: Intro to Sockets in Python
Exercise: Escape Room
Help Section: Using the auto-grader
2/4 - Sockets, TCP/IP Slides: 02 Client-Server Architecture DUE: Escape Room
In-Class Sockets Exercises READ: Intro to Python3's Asyncio
Exercise: Escape Room with Sockets
2/6 - Asyncio/Protocols In-class Protocols Exercises DUE: Escape Room with Sockets
READ: Intro to Co-routines
Exercise: Escape Room with Asyncio
2/11 - Python Co-routines In-class yield and async exercises DUE: Escape room with Asyncio
READ: Intro to HTTP
Exercise: Escape room with asynchronous user input
2/13 - Intro to HTTP Slides: 03 The HTTP Protocol DUE: Escape Room with asynchronous user input
In-class HTTP demo READ: HTTP proxying
Exercise:Basic HTTP server
2/18 - Serialization In-class exercises with serialization READ: Overlay networks, Intro to Playground
2/20 - Intro to Playground In-class demo of playground DUE: Basic HTTP Server
READ: Playground Bank Docs
Exercise: Playground Conversion
Help Section: Setting-up Playground
2/25 - Me Inc In-class activity: Form Playground Start-up's DUE: Playground Conversion
In-class activity: Form PETF DUE: Dr Nielon's last day to drop
READ: Intro to Protocol Stacks
READ: Intro to Layer 2
Help Section: Team bank accounts
Lab0: Team Product Milestone 1 (Contract)
PETF: Addresses and Ports
ATTACKING LEVEL 1: Eavesdropping
2/27 - Network Stacks and Ethernet Slides: 04 Network Stacks DUE: Team Product Milestone 1 (Contract)
Slides: 05 Layer 1,2: Ethernet READ: Intro to technical specifications
In-class Quiz 1: 7-layer OSI Model READ: Internet Protocol (IPv4) Specs
La0b: Team Product Milestone 2 (PRFC)
Help Section: PRFC
3/4 - Internet Protocol (v4 and v6) Slides: 06 Layer 3: IP READ: TCP Specs
In-class Quiz 2: IPv4
3/6 - Transmission Control Protocol Slides: 07 Layer 4: TCP DUE: Team Product Milestone 2 (PRFC)
In-class Quiz 3: TCP READ: Intro to Firewalls
Lab 0: Team Product Milestone 3 (Technical functionality 1)
Lab 1: Reliable Transport PRFC
3/11 - TCP/IP, Firewalls, and Eavesdropping Slides: 08 Gateways, Firewalls, and Proxies READ: L7 Firewalls
In-class Quiz 4: Firewalls
Attacking Level 2: Password Cracking
3/13 - Advanced Firewalls and Network Architecture Slides: 08 Gateways, Firewalls, and Proxies DUE: Reliable Transport PRFC
READ: Crypto Review 1
PETF: Pick PRFC, establish update protocol
Lab 1: Reliable Transport Milestone 1 (handshake)
Help Section: Inserting a "stack" into playground, logging, debugging
3/18 - SPRING BREAK
3/20 - SPRING BREAK
3/25 - Cryptography 1 Slides: 09: Hashing and Symmetric Encryption DUE: Company Product Milestone 3 (Technical functionality 1)
In-class Quiz 5: Symmetric Encryption READ: Crypto Review 2
Lab 0: Team Product Milestone 4 (Technical functionality 2)
Help Section: VM Access, Class Switch
3/27 - Cryptography 2 Slides: 10: Asymmetric Encryption and Authentication DUE: Reliable Transport Milestone 1 (handshake)
In-class Quiz 6: Asymmetric Encryption READ: the MACSec protocol [CANCELED]
Lab 1: Reliable Transport Milestone 2 (Ideal Conditions)
4/1 - Catch Up Day Slides: 05 Layer 1,2: Ethernet READ: the IPSec protocol
4/3 - IPSec Slides: 06 Layer 3: IP DUE: Reliable Transport Milestone 2
In-class Quiz 7: IPSec READ: Early TLS (and SSL) Design
Lab 1: Reliable Transport Milestone 3 (Error conditions)
ATTACKING LEVEL 2: Session Hijacking
4/8 - TLS through version 1.1 Slides: 11 TLS [DELAYED to 4/13]: Company Product Milestone 4 (Technical functionality 2)
In-class Quiz 8: TLS version 1.0 READ: Contemporary TLS Design
4/10 - TLS versions 1.2/1.3 Slides: 11 TLS [DELAYED to 4/13]: Reliable Transport Milestone 3 (Error conditions)
In-class Quiz 9: TLS versions 1.1 and 1.2 READ: Intro to Certificates and Verification
Lab 2: Secure PRFC
4/13 - Extended Due Date NO CLASS (obviously) New Due Date: Reliable Transport Milestone 3
New Due Date: Company Product Milestone 4 (Technical functionality 2)
4/15 - Kerberos Slides: 13 Kerberos [DELAYED to 4/15] DUE: Secure PRFC
[CANCELED] READ: Intro to Kerberos
[DELAYED to 4/15] PRFC: Choose Secure PRFC
[DELAYED to 4/15] Lab 2: Secure Transport Milestone 1 (Key Exchange and Authentication)
4/17 - Catch UP DUE: Secure PRFC
PETF: Choose Secure PRFC
START Lab 2: Secure Transport Milestone 1 (Key Exchange and Authentication)
4/22 - Certificates Slides: 12 Certificates DUE: Secure Transport Milestone 1 (Key Exchange and Authentication)
START Secure Transport Milestone 2 (Confidentiality)
4/24 - Zero Trust Networks Slides: 14 Contemporary Network Architecture DUE: Company Product Milestone 5 (technical functionality 3)
READ: Advanced Persistent Threats
4/29 - Lab Day POSTPONED: Secure Transport Milestone 2
ATTACKING LEVEL 4+: ANYTHING GOES!
5/1 - Lab Day DUE: All Lab Work for labs 0, 1, and 2
TBD - Final DUE: Stealing Bitpoints
DUE: Final Exam Report

Grading and Grading Policies

This is going to be a heavy projects class.

Total Points: 1000

  • Lab Work (750)

    • Programming Exercises (150):
      • Escape Room (25)
      • Escape Room with Sockets (25)
      • Escape Room with Asyncio Protocols (25)
      • Escape room with asynchronous user input (25)
      • Basic Web Server and Proxy (25)
      • Playground Conversion (25)
    • Reliable Delivery Protocol (250):
      • Milestone 1: Handshake (75)
      • Milestone 2: Delivery under ideal (no error) conditions (100)
      • Milestone 3: Delivery under error conditions (75)
    • Secure Delivery Protocol (200):
      • Milestone 1: Authentication and Key agreement (100)
      • Milestone 2: Confidentiality (100)
    • Company Product (150):
      • Milestone 1: Contract (25)
      • Milestone 2: PRFC (25)
      • Milestone 3: Technical functionality 1 (25)
      • Milestone 4: Technical functionality 2 (25)
      • Milestone 5: Technical functionality 3 (25)
      • Use by others (25)
  • Communications (100)

    • PRFC Reliable (30)
    • PRFC Secure (70)
  • Tests (150)

A letter grade will be assigned according to this formula:

  • 93% and above: A
  • < 93%: A-
  • < 90%: B+
  • < 87%: B
  • < 83%: B-
  • < 80%: C+
  • < 77%: C
  • < 73%: C-
  • < 70%: D
  • < 60%: E

Materials

There is no assigned textbook for this course. Throughout the course, you will read significant amounts of material from various online sources.

In fact, you should get comfortable learning to use Google, or your favorite search engine, to learn about a topic. A search engine is considered one of your textbooks. For some assignments, we will give you specific readings. For others, you will have to learn something by finding your own sources.

Either way, all readings will be linked to this Wiki.

We will also be using GitHub for both distributing class materials, example code, and resources to you and for you to submit your labwork and other assignments to us. Please follow the instructions on your class GitHub repository.

You will also need to write your source code to work in a *nix style environment. You may, for example, use the Windows Subsystem for Linux, a Linux virtual machine, or so forth. In the past, we've had trouble with Mac's, so use at your own risk. It is highly recommended to use Python virtual environments for some of the configuration.

Professor

  • Seth James Nielson
  • Email: [email protected]
  • GitHub: sethnielson
  • Office: Malone 303, 410-497-7384
  • Office hours: MW 1300-1500 and by appointment

TA