EEC 693/793 Network Security & Privacy II

 

Spring 2008

 

Instructor:          Dr. Ye Zhu

Office:                SH 433

Phone:                216-687-9749

Email:                 y.zhu61@csuohio.edu

TA:                      Anil Vikram (anil_123vikram@yahoo.co.in)

                            Yuanchao Lu (betsyyuan@gmail.com)

Class Hours:       Monday/Wednesday 6:00pm -7:50pm

Office Hours:     Monday/Wednesday 3pm-5pm or by appointment

Class Room:       SH309

Class Website:   http://academic.csuohio.edu/webct/

Prerequsite:       EEC584, EEC 693Network Security and Privacy I

 

 

         The course is a continuation of the foundation course Network Security and Privacy I. We will first discuss message authetication, hash functions, digital signatures to finish theorectical aspect of the course. In the second part of the course we will focus on system security. We will review security protocols to protect security of IP, common security attacks and defense mechanisns. We will also discuss advanced topics in network security and privacy area such as anonymous communication and security of wireless sensor networks.

         No textbook is required. However it is highly recommended to purchase a copy of the reference book listed below by William Stallings. We will follow the reference book for the first half of the course. A set of research papers will be assigned for the second half of the course. There will be four homework assignments and one term project. The assignments are due on the designated due dates at midnight. No late submissions will be accepted. Please discuss unusual circumstances in advance with the instructor.

         An open-book midterm examination will be scheduled in the middle of semester. There is no final examination.

 

Textbook:

No textbook is required.

 

Reference book:

Cryptography and Network Security, Fourth Edition by William Stallings

Network Security - Private Communication in a Public World by Charlie Kaufman, Radia Perlman, Mike Speciner

 

 

Grading:

30% Homework, 30% Midterm, 40% class project (10% for presentation)

 

Scholastic Dishonesty:  Scholastic dishonesty will not be tolerated. Examinations are meant to measure the knowledge or skill of each individual, so giving or receiving unauthorized assistance during tests and quizzes is cheating. It is assumed that college students know what is honest and what is not. Any identified instances of scholastic dishonesty will be dealt with in accordance with the procedures outlined in the university student rules.

 

Students with Disabilities: The Americans with Disabilities Act is a federal anti-discrimination statute that provides comprehensive civil rights protection for persons with disabilities. Among other things, this legislation requires that all students with disabilities be guaranteed a learning environment that provides for reasonable accommodation of their disabilities. If you believe you have a disability requiring an accommodation, please contact the Department of Student Life or call 687-2048.


What am I supposed to know before taking this course

 

EEC 484/584 Computer Networks or equivalent.

EEC 693 Network Security and Privacy I

 

I will be assuming that you have knowledge on the following subjects. If you feel unfamiliar with the following topics, please refresh your memory. Some of the following topics will be briefly reviewed in class.

 

Ÿ        computer networks (TCP/IP, UDP, FTP, Telnet бн)

Ÿ        distributed systems (RPC, NIS, NFS бн)

Ÿ        basic knowledge of statistical analysis (common distributions, mean, variance бн)

Ÿ        system administration (Windows and Linux/Unix)

Ÿ        classical cipher

Ÿ        symetric cipher (DES, AES)

Ÿ        asymetric cipher (RSA)

Ÿ        key management


Course Goals

 

By the end of this course, students will be able to

 

Ÿ        List the common threats and vulnerabilities of networked systems

Ÿ        Describe the network security goals, existing network security mechanisms and services

Ÿ        Design defense systems to protect different services

Ÿ        Understand fundamentals of contemporary cryptography and its application to network services, such as confidentiality, integrity, authentication, and non-repudiation

Ÿ        Identify flaws in cryptographic protocols

Ÿ        Design firewall configurations and rules to protect a given network

Ÿ        Explain the basic concepts and general techniques in security auditing and intrusion detection

Ÿ        List common security attacks and correspondent countermeasures