Home
Course description
Lecture notes
Assignments
Reference
CS 378 - Network Security and Privacy (56721)
Fall 2007
Time and place
Tue and Thu, 3:30-5pm, PAI 3.14
Instructor
Vitaly Shmatikov
Email:
shmat AT cs
Office: TAY 4.115C
Phone: 471-9530
Office hours: Tue 5-6pm
TA
Amit Aiyer
Email:
amitanand.s AT gmail.com
Office: ENS 31NQ, desk 1
Office hours: Mon 11:30am-12:30pm and Thu 5-6pm
Newsgroup
utexas.class.cs378-shmat
Textbook
Network Security
(2nd edition) by Kaufman, Perlman, and Speciner.
ISBN 0130460192.
Grading
Homeworks: 30%
Projects: 25%
Midterm: 20%
Final: 25%
Course schedule
Aug 30.
Course logistics. Introduction to network security.
[slides]
Read Kaufman 1.5.
Start reading
Smashing the stack for fun and profit
.
Sep 4.
Cryptographic hash functions.
[slides]
Read Kaufman 5.1-2 and 5.6-7.
Sep 6.
User authentication: passwords.
Read Kaufman 9.1-2 and 10.
Sep 11.
User authentication: biometrics, challenge-response.
[slides]
Read Kaufman 11.1-2 and 12.2.
Sep 13.
Web security: cookies and authentication.
[slides]
Read Kaufman 25 and
Dos and don'ts of client authentication
.
Sep 18.
Web security: cross-site scripting and SQL injection.
[slides]
Sep 20.
Symmetric encryption.
[slides]
Homework 1
assigned.
Read Kaufman 2.1-4 and 4.2.
Sep 25.
Kerberos
[slides]
Read Kaufman 13 and 14, and
Designing an authentication system
.
Sep 27.
Attacks on TCP/IP and DNS. Denial of service.
[slides]
Homework 1 due.
Read
SYN cookies
and
IP spoofing demystified
.
Oct 2.
Botnets and spam.
[slides]
Project 1
assigned.
Oct 4.
Anti-spam. Phishing and anti-phishing.
[slides]
Oct 9.
Stream ciphers. Attacks on CSS.
[slides]
Oct 11.
Wi-Fi security: 802.11b and attacks on WEP.
[slides]
Oct 16.
Wi-Fi security: 802.11i.
[slides]
Project 1 due.
Oct 18.
RFID security and privacy.
[slides]
Voice-over-IP security.
[slides]
Oct 23.
Midterm
.
Oct 25.
Buffer overflow attacks.
[slides]
Project 2
assigned.
Read
Smashing the stack
,
Blended attacks
, and
Exploiting format string vulnerabilities
.
Oct 30.
Malware: viruses.
[slides]
Read Kaufman 1.12.
Nov 1.
"I know what you did (on the Internet) last summer" - guest lecture by Arvind Narayanan.
Nov 6.
Malware: worms and rootkits.
[slides]
Read
Worm FAQ
and
Slammed!
Nov 8.
Firewalls.
[slides]
Read Kaufman 23.
Nov 13.
Intrusion detection.
[slides]
Project 2 due.
Nov 15.
Network telescopes, IP traceback.
[slides]
Nov 20.
Public-key cryptography.
[slides]
Homework 2
assigned.
Read Kaufman 6.1-6.
Nov 22. No class (Thanksgiving).
Nov 27.
PKI and certificates. Public-key authentication.
[slides]
Homework 2 due.
Read Kaufman 15.1-7.
Nov 29.
IPsec and IKE.
[slides]
Homework 3
assigned.
Read Kaufman 17 and 18.
Dec 4.
Web security: TLS.
[slides]
Read Kaufman 19.
Dec 6.
Anonymity networks.
[slides]
Homework 3 due.
Dec 13 (2-5pm).
Final
.
Course
syllabus
can be found
here
.
In the news
Beyond the firewall
- Dec 11 (WSJ)
Hackers hijack web search results
- Nov 29 (BBC)
Web scammer targets senior U.S. executives
- Nov 9 (WSJ)
Analysis of the Storm (Peacomm) worm
- Oct 10 (SRI)
Battle to beat fake Ebay e-mails
- Oct 3 (BBC)
Web-address theft is everyday event
- Sep 25 (WSJ)
We have come for your passwords
- Aug 24 (WSJ)
Hackers: Social networking sites flawed
- Aug 6 (AP)
Net criminals shun virus attacks
- Jul 20 (BBC)
Hackers can now deliver viruses via Web ads
- Jul 19 (WSJ)
Hackers bypass iPhone limits
- Jul 6 (WSJ)
Online auction for security bugs
- Jul 6 (BBC)
FBI tries to fight zombie hordes
- Jun 14 (BBC)
Code of Conduct
UTCS
Code of Conduct
will be strictly enforced.