T. Andrew Yang: CSCI 5235

T. Andrew Yang

Email: yang@uhcl.edu

Web:

https://cse.uhcl.edu/yang/

Tel.:

(281) 2833835

Last updated:

8/26: errors of slides URLs fixed

8/21/2024: first posted

CSCI 5235 Network Security

fall 2024 (8/19 – 11/26 + final exam week)

- Instruction Mode:

- This class will be held as a face-to-face class with supplemental services using Canvas, Zoom, and UHCL websites.

Normally, students are expected to attend the class in person in the assigned classroom. However, when necessary (e.g., as announced by the university or the professor), the class may be taught as a remote class via Zoom. When a class session is conducted as an online class, click https://uhcl.zoom.us/j/93285948037?pwd=U3NJMmhMaWVjZy9INUxwbS9ENDBvZz09 to join the class online.

- Using Canvas:

- Class-related announcements and discussions are posted in the Canvas. Be sure to check the posted messages before each of the class meetings.

- For those who are new to Canvas, visit the UHCL's Canvas Student Support page (at https://www.uhcl.edu/computing/course-development/canvas-student-support) to become familiar with the app.

Class Notes, Topics & Schedule

Grading policy

Time (Classroom)

Thursdays, 1:00pm – 3:50pm (Delta 201)

Course Description: Topics to be covered include review of basic concepts and principles related to network defense (networking protocols and cryptography, mission assurance, network policy development and enforcement, etc.), secure network development (network access control, DMZs / proxy servers, network hardening, implementing firewalls, VPNs, etc.), and advanced network defense techniques (honeypots, honeynets, network monitoring, implementing IDS/IPS, etc.)

Prerequisite: Basic understanding of networking technologies (e.g., CSCI 5132 Internet Protocols, CSCI 4312 Network Protocols, or ITEC 3365 Network Fundamentals) and introduction to cybersecurity (e.g., CSCI 5233 Computer Security & Cryptography, CSCI 3341 Cyber Attacks and Defense, ITEC 3388 Cyber Security I), or instructor’s approval

Course Objectives: This course provides an essential study of network defense, related vulnerability and security issues, and common tools available for network packet analysis and exploitations.

Learning Outcome:

After having successfully completed the class, one should be able to

1. Understand fundamental security issues in computer networks

2. Understand the common mechanisms used in securing a network

3. Design a TCP/IP network with IP Security

4. Design and deploy firewalls to secure a private network

5. Design and deploy a virtual private network to secure remote connections

6. Select appropriate methods to detect and counter intrusions to a network

7. Understand other advanced issues related to network security

Class Format: Lectures are combined with discussions. Students are expected to be active participants, by studying the relevant chapters and/or research papers, and participating at in-class discussions.

Lifelong learning

“Education is not something you can finish.” (Isaac Asimov)

A note about Bloom's Taxonomy and your learning …

(source: https://tips.uark.edu/usingbloomstaxonomy/ )

Instructor: Dr. T. Andrew Yang

- Email address: yang@uhcl.edu

- Web site: https://sceweb.uhcl.edu/yang

- Office: Delta 174

- Phone: (281) 283-3835 (Please leave a message if not available.)

- Drop-in Office Hours:

Tuesdays: 10:00am-11:30am

Wednesdays: 12:00-1:00pm

Thursdays: 10:00am-11:30am

o In-person: D174

o via Zoom meetings, click this link: https://uhcl.zoom.us/j/93285948037?pwd=U3NJMmhMaWVjZy9INUxwbS9ENDBvZz09

- To communicate with the professor, you are encouraged to email your questions or issues to yang@uhcl.edu and, if necessary, set up a time with the professor to have an online meeting. Emails are typically replied within 24 hours. If you have not received a response within 24 hours, either send a reminder email or leave a message at (281) 283-3835.

- Using emails effectively:

Emailing has become an indispensable tool in most work places.

Emails without a subject line or the signature line will be considered as potentially malicious and be discarded. Here is a sample subject line: "CSCI 1320 assignment #1, question 3". The signature line should have your full name and the name of the class.

Although email messages tend to be informal, please check the grammar and spelling of your messages to ensure their legibility.

Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you have tried, and the outcome you have got from these solution(s).

Teaching assistant info and office hours

Jaknalli, Shriya

Email: JAKNALLIS0447@UHCL.edu

Office hours:

Monday: 10 AM to 11 AM (1 hour)

Tuesday: 1 PM to 6 PM ( 5 hours)
Wednesday: 12 PM to 4 PM (4 hours)

Thursday: 3 PM to 7 PM (4 hours)

Zoom meet: https://uhcl.zoom.us/j/8969663039

TA’s office hours are conducted in Delta PC Lab (2^nd floor) and as Zoom meetings as well.

Required Text:

· William Stallings, Network Security Essentials: Applications and Standards, 6th edition, Pearson, 2017. Print ISBN: 9780134527338, 013452733X; eText ISBN: 9780134527598, 0134527593.

+ Instructor's handouts in the class and/or on the Web

Recommended Text:

· Chris Sander, Practical Packet Analysis, 3E: Using Wireshark to Solve Real-World Network Problems, 3rd Edition, No Starch Press, 2017. ISBN-10: 1593278020; ISBN-13: 978-1593278021

· Nainar, Ramdoss, and Orzach, Network Analysis Using Wireshark 2 Cookbook: Practical recipes to analyze and secure your network using Wireshark 2, 2nd Edition, Packt Publishing, 2018. ISBN-10: 1786461676; ISBN-13: 978-1786461674

· Matthew Monte, Network Attacks and Exploitation: A Framework, Wiley, 2015. ISBN-10: 1118987128; ISBN-13: 978-1118987124

· Michael Gregg, The Network Security Test Lab: a step-by-step guide, Wiley, 2015. ISBN-10: 1118987055; ISBN-13: 978-1118987056

· James Forshaw, Attacking Network Protocols: A Hacker's Guide to Capture, Analysis, and Exploitation, No Starch Press, 2017. ISBN-10: 1593277504; ISBN-13: 978-1593277505

Topics and Notes
NOTE: The following schedule will be adhered to as closely as possible, although changes are probable. Always check with your instructor if you are not sure what would be covered next week.

week (dates)	Topics & Slides (Book: Chapters)	Due Dates
1 (8/22)	- Syllabus § Canvas: Discussion Board, Labs, Exams, etc. § Zoom: Online sessions § Web: syllabus & schedule § Emails - Research topic: GAI and Network Security § video: GAI in a Nutshell § video: Intro. to AI and Leveraging it in Cybersecurity § video: AI Security: Understanding the Threat Landscape	Follow the instructions in Lab 1 to send your self intro to the discussion board (as part of the lab).
2 (8/29)	- Review of OSI model and Computer Security Concepts (ch 1) § Networking fundamentals (OSI model, etc.)
3 (9/5)	- Review of Security Services vs Security Mechanisms (ch 1, 2, 3)
4 (9/12)	- Authentication, Key Distribution, and Digital Certificates (ch 4)
5 (9/19)	Quiz - Firewalls (ch 12)	Quiz 1:00-1:30pm
6 (9/26)	- Transport-Level Security (ch 6)	Lab 1
7 (10/3)	- Review for Test 1
8 (10/10)	- Test 1	Test 1 1:00-2:30pm
9 (10/17)	- Network-Level Security (ch 9)	Paper draft
10 (10/24)	- Electronic Mail Security (ch 8)	Reviews of others’ drafts
11 (10/31)	- Network Access Control and Cloud Security (ch 5)
12 (11/7)	- Intrusion Detection (ch 11)	Lab 2
13 (11/14)	- SNMP (ch 13)	Final paper
14 (11/21)	- Review for Test 2
15 (~~11/28~~)	- Take your online course evaluations at https://apps.uhcl.edu/OnlineEvals (before the last teaching day).
16	- Final exam week Test 2: Thursday 12/5, 1:00-2:30pm	Test 2

Attendance Policy: You are expected to attend all classes. If you have ever missed a class, be sure to watch the recorded session to learn what had been covered. It is your responsibility to get hold of whatever may have been discussed in the class.

Evaluation:

Category

Percentage

Take-home labs (10% each X 2)
Quiz

20%

Tests (20% and 25%)

45%

Paper draft

10%

Final paper

15%

Participation⁺

Total:

100%

⁺ Class Participation: Participating in the class is expected. You should ask or answer questions during the in-class or online discussions.

Grading Scale:

The accumulated points from all the categories determine a person's final grade. There will be no extra-credit projects.

Percentile	Grade	Percentile	Grade
90% or above	A	70% - 73%	C
87% - 89%	A-	67% - 69%	C-
84% - 86%	B+	64% - 66%	D+
80% - 83%	B	60% - 63%	D
77% - 79%	B-	57% - 59%	D-
74% - 76%	C+	Less than 57%	F

Grading policy:

- All students are graded the same way according to the grading scale posted above.

- Unless a grading error is found in an exam or assignment, a student’s grade will NEVER be changed once it is assigned.

- No extra projects or assignments would be given to an individual student to help improve his/her grades.

Advices:

- Your grades will be continually updated in the Canvas. It is your obligation to monitor your grade-in-progress regularly, and immediately ask questions or seek help if you are concerned.

- Once a grade is assigned and posted (in the Canvas), a student may appeal for correction of the assigned grade (if a grading error is found) within a week. After that, the grade is finalized.

- Never bother to appeal for a change of your grade once it is finalized; the best and proper time of improving your chance of earning a good grade is before it is finalized.

Quizzes, Tests, and Exams:

Both analytic and synthetic abilities are emphasized. Being able to apply the learned knowledge toward problem solving is also highly emphasized in the tests.

Unless due to unexpected, documented emergency, no makeup tests or quizzes will be given.

Assignments and Late Penalty:

Assignments will be posted on the class web site as well as in the Canvas. The due date and time of each assignment is specified when it is published in the Canvas.

A late assignment will not be graded. No extension will be granted except for documented emergency. Starting to work on the assignments as early as possible is always the best strategy.

Assignments Guidelines:

1) Identification page: All assignments must have your name, and course name/number/section number (e.g., CSCI 5235) at the top of the first page.

2) Proper organization of submitted material: If your submission include multiple documents, combine all of them into a single document (for example, a single PDF or ZIP).

3) Order! Order! Arrange the solutions following the sequence of the questions. Write the question number at the top-right corner of each page.

4) Word processing: It is required that you type your reports (e.g., print them using a printer). Use a word processor and appropriate typesetting and/or drawing tools to do the assignments. Spellcheck the whole document before printing it. You may lose points due to spelling or grammatical errors.

NOTE: When a grade is assigned, the grade can only be appealed within a week after the grade has been posted. Always review a graded lab or test immediately and, if needed, talk to the instructor within a week.

A note about problem-solving:

An important part of problem solving is correct understanding of the given problem.

- Try to have a good grasp of the problem before starting the process of finding the solution(s).

- Use any resources, including the instructor, the TA, your classmates/friends, and online resources to ensure that you have correctly understood the given problem.

- While trying to figure out the solution(s), continue to verify your understanding of the problem.

- Read the given instructions carefully before taking any action; while preparing your solutions, be sure to follow the given instructions.

Academic Honesty Policy:

NOTE: Unless otherwise specified, all assignments, projects, quizzes, tests and exams are individual work.

Students should take caution not to violate the academic honesty policy specified by the university.

Per the UHCL academic honesty policy, plagiarism is defined as follow.

Plagiarism:

a. Incorporating the work or idea of another person into one’s own work without acknowledging the source of that work or idea.

b. Attempting to receive credit for work performed by another person, including papers obtained in whole or part from individuals or other sources.

c. Copying copyrighted computer programs or data files belonging to someone else.

Visit http://cse.uhcl.edu/yang/citing.htm for more information about cited references.

Instructor's Notes:

- Important: If you think you have lost some points due to grading errors, make sure you approach the instructor within a week after the assignment, project, or test has been graded.

- To get the most out of this class, you need to read the textbooks and spend time using computers regularly. Be prepared for a class by previewing the material to be covered in that class and participate in discussions and problem-solving exercises, if applicable, in the class.

- Taking notes and understanding what are covered in classes are essential for successfully passing the exams.

- As a student being trained to become a professional person, you are expected to behave according to the professional codes of conduct (e.g., the IEEE Code of Conduct) or code of ethics (e.g., the ACM Code of Ethics).

As a starting point, listed below are some of the common behaviors that do not conform to the codes of ethics:

- Being regularly late for the class.

- Chatting with another person while the instructor or someone is giving a speech in class.

- Being regularly late when submitting assignments.

- Asking the instructor or the TA for a favor when submitting a late assignment.

- Checking out others’ answers during an exam.

- Continuing to write when an exam’s time is up, or submitting an online exam past the due time.

- Violating academic honesty when working on the assignments or exams.

- Using others’ write-up without proper citing when writing a paper or report.

- …

Related Links:

· UHCL General Program Requirements: https://catalog.uhcl.edu/current/

· Withdrawals, Appeals, GPA, Repeated Courses, and the 6 Drop Rule: https://www.uhcl.edu/registrar/enrollment/six-drop-rule

· ASSESSMENT FOR ACCREDITATION:

The School of Science and Computer Engineering may use assessment tools in this course and other courses for curriculum evaluation. Educational assessment is defined as the systematic collection, interpretation, and use of information about student characteristics, educational environments, learning outcomes, and client satisfaction to improve program effectiveness, student performance, and professional success. This assessment will be related to the learning objectives for each course and individual student performance will be disaggregated relative to these objectives. This disaggregated analysis will not impact student grades, but will provide faculty with detailed information that will be used to improve courses, curriculum, and student performance.

· UHCL Disability Policy:

If you believe that you have a disability requiring an academic adjustment/auxiliary aid, please contact the Accessibility Support Center by phone at 281-283-2648, or email disability@uhcl.edu, or go to the office in the Student Services Building (SSCB), Room 1.302.

The University of Houston System complies with Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990, pertaining to the provision of reasonable academic adjustments/auxiliary aids for students with a disability. In accordance with Section 504 and ADA guidelines, each University within the System strives to provide reasonable academic adjustments/auxiliary aids to students who request and require them.

Go to the Index

UHCL Covid-related Policies and Information (Fall 2021)

The documentation below contains language approved by the Office of General Council from UH System for inclusion in all syllabi.

Face Covering Policy
To reduce the spread of COVID-19, the University strongly encourages everyone (vaccinated or not) to wear face coverings indoors on campus including classrooms for both faculty and students. In addition, please respect each other’s personal space in the classroom to help reduce viral spread.

Presence in Class
Your presence in class each session means that you:

· Are NOT exhibiting any Coronavirus Symptoms that makes you think that you may have COVID-19

· Have NOT tested positive or been diagnosed for COVID-19

· Have NOT knowingly been exposed to someone with COVID-19 or suspected/presumed COVID-19

If you are experiencing any COVID-19 symptoms that are not clearly related to a pre-existing medical condition, do not come to class. Please see Student Protocols for what to do if you experience symptoms and potential exposure for what to do if you have potentially been exposed to COVID-19. The Covid-19 Reporting Forms for students are easily accessible and you are encouraged to report a diagnosis or an exposure.

COVID-19 Information
Students are encouraged to visit the University’s COVID-19 website for important information including on-campus testing, vaccines, diagnosis and symptom protocols, campus cleaning and safety practices, report forms, and positive cases on campus. Please check the website throughout the semester for updates.

Vaccinations
Data suggests that vaccination remains the best intervention for reliable protection against COVID-19. Students are asked to familiarize themselves with pertinent vaccine information, consult with their health care provider. The University strongly encourages all students, faculty and staff to be vaccinated.

Reasonable Academic Adjustments/Auxiliary Aids
The University of Houston-Clear Lake complies with Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990, pertaining to the provision of reasonable academic adjustments/auxiliary aids for disabled students. In accordance with Section 504 and ADA guidelines, UHCL strives to provide reasonable academic adjustments/auxiliary aids to students who request and require them. If you believe that you have a disability requiring an academic adjustments/auxiliary aid, please contact the Accessibility Support Center.

Recording of Class
Students may not record all or part of class, livestream all or part of class, or make/distribute screen captures, without advanced written consent of the instructor. If you have or think you may have a disability such that you need to record class-related activities, please contact the Accessibility Support Center. If you have an accommodation to record class-related activities, those recordings may not be shared with any other student, whether in this course or not, or with any other person or on any other platform. Classes may be recorded by the instructor. Students may use instructor’s recordings for their own studying and notetaking. Instructor’s recordings are not authorized to be shared with anyone without the prior written approval of the instructor. Failure to comply with requirements regarding recordings will result in a disciplinary referral to the Dean of Students Office and may result in disciplinary action.

Syllabus Changes
Due to the changing nature of the COVID-19 pandemic, please note that the instructor may need to make modifications to the course syllabus and may do so at any time. Notice of such changes will be announced as quickly as possible through BlackBoard.

Resources for Online Learning
The University of Houston-Clear Lake is committed to student success, and provides information to optimize the online learning experience through our Office of Information Technology website and the special Covid-19 Computing Resources website. Please visit this website for a comprehensive set of resources, tools, and tips including: obtaining access to the internet, E-Services, and Blackboard; requesting a laptop through the Online Learning Assistance Program (OLARP); using your smartphone as a webcam; and downloading Microsoft Office 365 at no cost. For questions or assistance contact supportcenter@uhcl.edu.

UHCL Email
Please check and use your UHCL email for communications related to this course.

Go to the Index