T. Andrew Yang

 

Email: yang@uhcl.edu

Web page:  http://sce.uhcl.edu/yang/

Tel.: (281) 283-3835


Last updated:

 

July 12, 2010

 

CSCI 5235 Network Security
Summer 2010   (6/7 – 8/7)

 

·         Class Notes, Topics & Schedule

·         Projects

- Before each class, print out the class notes and bring them to the class.

    • Check the discussion group for recent announcements & reminders. 
    • Feel free to send questions to the group for discussion.
    • To join the group and to post messages, you'd need to have a Google id. To be accepted into the discussion group, make sure that your Google id contains both your first and last names.

Time & Classroom

Mon. & Wedn. 6-8:30pm (Delta 242)

Course Prerequisite:  CSCI5233 Computer Security and CSCI4132 Network Protocols (or csci5132 Internet Protocols), or the instructor’s approval.

Course Objectives:  This course provides an essential study of computer security issues and methods in networking systems. Topics to be covered include review of networking, advanced cryptography, access control, distributed authentication, TCP/IP security, firewalls, IPSec, Virtual Private Networks, intrusion detection systems, and advanced topics such as wireless security, identity management, etc.

Class Format:  Lectures are combined with discussions and, if applicable, student presentations and discussions of advanced topics.  Students are expected to be active participants, by studying the relevant chapters and/or research papers, and participating at in-class discussions.

Learning Outcomes: The student, after having successfully completed the class, should be able to

1.      Understand fundamental security issues in computer networks

2.      Understand the common mechanisms used in securing a network

3.      Design a TCP/IP network with IP Security

4.      Design and deploy firewalls to secure a private network

5.      Design and deploy a virtual private network to secure remote connections

6.      Select appropriate methods to detect and counter intrusions to a network

7.      Understand other advanced issues related to network security


Instructor:   Dr. T. A. Yang

(office) Delta 106

(phone#) (281) 283-3835 (Please leave a message if not available. 

NOTE: If the suite office is locked, you may use the phone outside the office to call me (by entering the extension 3835).

(email address) yang@uhcl.edu Note: Emails without a subject line or signature will be considered as potential viruses and be discarded.  Here is a sample subject line: "CSCI5235 project #1, question 1".

(web site)  http://sce.uhcl.edu/yang NOTE: Find the assignments and/or projects at the Assignments & Projects page.

 

Office Hours : See http://sce.uhcl.edu/yang/teaching/officeHours.htm

NOTE: In addition, you are highly encouraged to send your questions to me by e-mails (yang@uhcl.edu). Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you have tried, and the outcome you have got from these solution(s).

TA info:

Name:  Vishakha Kadam

Email:  vishakhac.kadam@gmail.com

Office hours:

Monday:          06:00 PM - 09:30 PM

Tuesday:          06:00 PM - 09:30 PM

Wednesday:     06:00 PM - 09:30 PM

Thursday:        06:00 PM - 09:30 PM

 

Location: D119 or D158

 


Required Text:

Saadat Malik. Network Security Principles and Practices (CCIE Professional Development). Pearson Education. 2002. (ISBN: 1587050250) 

+ Instructor's handout and Web-based resources

  • Supplemental Materials

Safari Books Online is freely available to UH Clear Lake students. To access the Safari database, visit the UHCL library database at http://prtl.uhcl.edu/portal/page/portal/LIB/HOME/DATABASES. (Note: An UHCL account is needed if you use a computer outside the campus.)

RFC 2828 Internet Security Glossary. R. Shirey. May 2000.

To find a particular RFC, visit the RFC Search site.

  • Additional info

Symmetric cryptography (S: Ch 2): 2a, 2b, 2c, 2d, 2e

Public-key cryptography (S: Ch3): 3a, 3b, 3c

For other fundamental knowledge about computer cryptography, visit the CSCI5233 class at http://sce.uhcl.edu/yang/teaching/currentCourses.htm to review the lecture notes/slides.

Check out the research papers about WLAN security, mobile security, etc. by clicking this.


Topics and Notes

  • The following schedule will be followed as much as possible, although changes are probable.  Always check with your instructor if you are not sure what would be covered next week.
  • Lecture slides were originally created by Lawrie Brown and Henric Johnson (available from Prentice Hall's web site), with modifications by the instructor.

wk (dates)

Topics (Sections)

Due

1 (6/7)

Syllabus
I.
Review and Fundamentals

Overview of networking security

Tour of the Computer Security Lab (D158) & the Distributed Computer Security Lab (D140)

Check out a swappable hard drive and an OS CD from the instructor.

1  (6/9)

ITU's Recommendation X.800
OSI model

Email your team membership (names + email addresses) to yang@uhcl.edu.

2 (6/14)

II. Building Security into the Network

The model of network security process (M: Ch 1)

+ a refined network security development model

 

2 (6/16)

Defining security zones (M: Ch 2)

Post your research abstract in the discussion group. Note: Each person should comment on five or more of the abstracts posted by the classmates.

3 (6/21)

Device security (M: Ch 3)

Device security (B)

3  (6/23)

Secure Routing (M: Ch 4)

 

4 (6/28)

Secure LAN switching

+ IEEE 802.1x protocol (M: Ch 5)

Demo of team project 1

Project 1

4 (6/30)

Secure LAN switching

+ IEEE 802.1x protocol (M: Ch 5)

Demo of team project 1

Project 1

5 (7/5)

No class meeting

5 (7/7)

Exam

Exam #1

6 (7/12)

Presentation of your research project’s abstract

-          Open Source Firewalls & Routers

-          WiMax Security

-          Botnet Detection Techniques

-          Honeypots

-          Defense against Web Spoofing

-          Covert Channels

-          Message Inegrity in Wireless Sensor Networks

Research project (abstract presentation)

6 (7/14)

NAT and security (M: Ch 6)

WLAN traffic graphing application using simple network management protocol. Bhargavi Hiremagalur, Dulal C. Kar. Journal of Computing Sciences in Colleges, Vol. 20, Issue 4. April 2005: 151-159. (local copy)

Project 2

7 (7/19)

Demo of team project 2 3

 

IV. System Security

Firewalls (M: Ch 7)

PIX Firewalls (M: Ch 8)

IOS Firewalls (M: Ch 9)

Project 3

 

7 (7/21)

VPN, GRE, L2TP (M: Ch 10, 11, 12)

 

8 (7/26)

Demo of project 3 2

IP Security

IPsec VPNs (M: Ch 13)

Project 3

Project 2

8 (7/28)

Report draft due. (Note: Each person should comment on five or more of the drafts posted by the classmates.)

Intrusion Detection (M: Ch 14, 15)

7/28: Research project draft – post it in the discussion group

9 (8/2)

Exam

Exam #2

9 (8/4)

Final report due. (Note: Send the final report to yang@uhcl.edu as an email attachment.)

8/4: Research project final report

 


  Computer Labs & Hours

Check http://sce.cl.uh.edu/computing.asp for lab information, open hours, FAQs, etc.

·         UNIX account information at: http://sce.uhcl.edu/UnixLabFAQ/

·         NT account information at:  http://sce.uhcl.edu/accountSearch.html

·         All the software that is available for use in the NT labs can be found at the following web pages: http://sce.uhcl.edu/NTLabIntroduction.asp.

Evaluation:

category

percentage

Participation

5%

Team projects

25%

Research project

20%

Exam #1

25%

Exam #2

25%

Grading Scale:

Percentile

Grade

93% or above

A

90% - 92%

A-

87% - 89%

B+

84% - 86%

B

80% - 83%

B-

77% - 79%

C+

74% - 76%

C

70% - 73%

C-

60%-69%

D

59% or below

F

Projects:

The projects will involve the design and implementation of networking protocols and/or application. Students are expected to employ the theories and techniques learned in the class to design the system. Network simulation environments, such as NS-2, may be used in implementing the projects.

Details of the projects will be later made available at Assignments & Projects


Tests:

Both analytic and synthetic abilities will be tested. Being able to apply the learned knowledge toward problem solving is highly emphasized in the tests. 

Assignments and Late Penalty:

Assignments and projects will be posted at the class web site. Assignments & projects are due before the beginning of the class on the due day.  See Topics and Notes for the due dates. 

Points will be deducted from late assignments: 20% for the first 24 hours after the due time, 40% for the next 24 hours, 70% for the third 24 hours, and 100% after that. No extension will be granted except for documented emergency. Starting to work on the assignments as early as possible is always the best strategy.

NOTE: Unless otherwise specified, all assignments and projects are individual work. 

Students should take caution not to violate the academic honesty policies. 

For details about the policy, click this link.

 

Assignments Guidelines:

a. Identification page: All assignments must have your name, and course name/number/section number (e.g., CSCI5235-01) at the top of the first page.

b. Proper stapling:  Staple all the pages together at the top-left corner. NOTE: Do not use paper clips.

c. Order ! Order!  Arrange the solutions following the sequence of the questions. Write the question number at the top-right corner of each page.

d. Word processing:  It is required that you type your reports (e.g., print them using a printer). Use a word processor and appropriate typesetting and drawing tools to do the assignments. Spell-check the whole document before printing it. You may lose points due to spelling or grammatical errors.


Attendance Policy:

You are expected to attend all classes. If you ever miss a class, it is your responsibility to get hold of whatever may have been discussed in the class.

Instructor's Notes:

  • Unless due to unexpected and documented emergency, no make-up exams will be given. No make-up exams will be granted once the exams have been corrected and returned to the class. 
  • Important:   If you think you have lost some points due to grading errors, make sure you approach the instructor within a week after the assignment, project, or test is returned to you.  
  • To get the most out of this class, you need to read the textbooks and spend time using computers regularly.  Be prepared for a class by preview the material to be covered in that class and participate in discussions and problem-solving exercises, if applicable, in the class.
  • Due to the intensive nature of graduate classes, 15-20 hours per week are expected of students in studying the textbook/notes and working on the assignments, in addition to class attendance.   Expect to spend more hours during summer sessions.

Go to the  Index


 

  Main Page

  Biography

  Teaching

o    Office hours

   Research

o    Active projects

o    Research interest

o    Publications

o    Presentations

o    Grants

   Services

o    Student support

o    Committees

o    Curricular development

o    Centers

   Other Links