IST 402: Network Security

University Park

Spring 2004

 

Tentative Syllabus

Class Time

M W F 9:05 am – 9:55 am

Class Room

069 Willard Building

 

Instructor

Professor Peng Liu

Office

 313G IST Building

Office Hours

Monday and Wednesday 12:00 to 1:00 PM or by appointment

Phone / Fax

(814) 863-0641 / 865-6426

E-mail

pliu@ist.psu.edu

 

 

TA

Siddharth Ray

Office

NA

Office Hours

During lab hours

Phone

NA

E-mail

sur123@psu.edu

 

Course Overview:
 

IST 402 is a comprehensive course on network security. Besides addressing emerging technologies in network security, its objective is to provide the students with a comprehensive understanding of the fundamental issues and concepts of network security, and the mainstream network security technologies and protocols that are widely used in the real world. The course will cover the following topics:

  • Emerging technologies in network security.
  • Threats and attacks: Showing how hackers attack computer and network systems, i.e., web servers. Famous attacks such as Internet Worms (1989) and the distributed denial-of-service attack (Feb, 00) will be discussed.
  • Applied cryptography: Covering such issues as private key and public key algorithms, digital signature, and hash functions. Famous algorithms such as DES and RSA will be introduced.
  • Network security: Covering such issues as identification, authentication, and key management. Several famous network security protocols, such as Kerberos, will be introduced.
  • Internet security: Covering such issues as Firewalls, PGP, IPSEC, TLS, SSL, DDoS, and Network Intrusion Detection.
  • E-commerce security: Covering such issues as digital cash, secure online payment systems, and Java security.

These topics will not only be covered by lectures, but also by several hands-on attack-defense projects, which will be performed by each group of students at the IST Network Security Teaching Lab. Each project has two phases: the attack phase, and the defense phase. A group may be asked to defend against the attacks enforced by another group. More details about the course projects can be found in the Course-Project page.

The prerequisite for the course is: Students taking this course should already have a good understanding about data communications and computer networks, and they have to finish at least 70 credits.

Course Objectives:  

The learning objectives of this course are:

(1) To know the emerging technologies in network security.

(2) To understand the fundamental concepts and issues of network security.

(3) To understand the mainstream network security technologies and protocols.

(4) To understand how real world networks are attacked.

(5) To be able to apply the learned network security technologies and protocols to defend against a set of widely known network attacks.

 

Course Materials:

Required Textbook:

  • William Stallings, Cryptography and Network Security: Principles and Practice (3rd Edition), Prentice-Hall, 2002. ISBN 0-13-091429-0.

Other Materials:

  • C. Kaufman, R. Perlman, M. Speciner, Network Security: Private Communication in a Public World, Prentice Hall, 1995.
  • Schneier, B., Applied Cryptography, 2nd Edition, John Wiley & Sons Ltd., 1996.
  • S. Goldwasser and M. Bellare, Lecture Notes on Cryptography
  • William R. Cheswick and Steven M. Bellovin, Firewalls and Internet Security, Addison-Wesley, 1994. ISBN 0-201-63357-4.
  • Chapman, D.B., Zwicky, E. D., Building Internet Firewalls, O'Reilly & Associates, 1995.
  • S. L. Garfinkel, E. H. Spafford, Practical Unix & Internet Security, O'Reilly and Associates Inc., 1996.
  • Dieter Gollmann, Computer Security, John Wiley & Sons Ltd., 1999, ISBN 0-471-97844-2.

Examinations and Assignments:

 

This course will have:

  • 1 Closed Book In-Class Midterm Exam. The exam will take 90 minutes. It will include three types of questions: multiple choices, true or false, and short answers. A tentative schedule for this exam can be found in the Course Schedule.  
  • 1 Open Book Final Exam. The exam is open book, open notes. The final exam will be performed in the exam week. About 48 hours will be given to finish the final exam.
  • 1 Conceptual Home-work. The home-work includes several questions. Each question is of three possible types: multiple choices, true or false, and short answers. The release and due dates for the home-works are marked in the Course Schedule.
  • 1 Programming Home-work. The students will be provided with the source code to build, test, apply, and evaluate several crypto primitives. A report for the whole experience is required. The submission due date for the report is marked in the Course Schedule.
  • 4 Group Projects. Each group should submit a report at the end of each project. Moreover, each group should make a presentation about the last project at the end of the semester. The presentation dates are marked in the Course Schedule. More details about the group projects can be found in the Course-Project page.

Grading:

Midterm Examination

20%

Final Examination

24%

Conceptual Home-work

8%

Programming Home-Work

8%

Group Projects (4)

40%

Total

100%

 

Course Policies:

 

Classes, Exams, and Assignments:

 

·         Exams: There will be NO make-up examinations unless an official excuse (document) is submitted and pre-approved by the instructor. The final exam is accumulative.

·         Submissions: Email submissions will NOT be accepted. They will be discarded when received. Hard copy submissions are required.   

·         Late Policy: Starting right after the required submission date of every assignment, 20% of the grade will be deducted per day up to two days. NO points will be given to submissions more than two days late. A documented chronic condition which could affect this policy must be immediately brought to the attention of the instructor.

·         Attendance: Attendance of students to all classes is highly recommended. Each student is responsible for his/her missed classes.

·         Readings: Some sections in the textbook will be assigned as reading materials. Students are expected to read the materials that will be discussed in the class before the class meeting.

Academic Integrity: 

·         According to the Penn State Principles and University Code of Conduct: Academic integrity is a basic guiding principle for all academic activity at Penn State University, allowing the pursuit of scholarly activity in an open, honest, and responsible manner.  In according with the University’s Code of Conduct, you must not engage in or tolerate academic dishonesty.  This includes, but is not limited to cheating, plagiarism, fabrication of information or citations, facilitating acts of academic dishonesty by others, unauthorized possession of examinations, submitting work of another person, or work previously used without informing the instructor, or tampering with the academic work of other students.

·         Any violation of academic integrity will be investigated, and where warranted, punitive action will be taken.  For every incident when a penalty of any kind is assessed, a report must be filed.  This form is used for both undergraduate and graduate courses.  This report must be signed by both the instructor and the student, and then submitted to the senior associate dean, Joe Lambert.

Affirmative Action & Sexual Harassment: 

·         The Pennsylvania State University is committed to a policy that all persons shall have equal access to programs, facilities, admission, and employment without regard to personal characteristics not related to ability, performance, or qualifications as determined by University policy or by Commonwealth or Federal authorities.  Penn State does not discriminate against any person because of age, ancestry, color, disability or handicap, national origin, race, religious creed, gender, sexual orientation, or veteran status.  Direct all inquiries to the Affirmative Action Office, 211 Willard Building.

Americans with Disabilities Act:

·         IST welcomes persons with disabilities to all of its classes, programs, and events.  If you need accommodations, or have questions about access to buildings where IST activities are held, please contact us in advance of your participation or visit.  If you need assistance during a class, program, or event, please contact the member of our staff or faculty in charge.

An Invitation to Students with Learning Disabilities: 

·         It is Penn State’s policy to not discriminate against qualified students with documented disabilities in its educational programs.  If you have a disability-related need for modifications in your testing or learning situation, your instructor should be notified during the first week of classes so that your needs can be accommodated.  You will be asked to present documentation from the Office of Disability Services (located in 116 Bouclé Building, 863-1807) that describes the nature of your disability and the recommended remedy.  You may refer to the Nondiscrimination Policy in the Student Guide to University Policies and Rules.

 The End