Network Security and Privacy

Course description

CS 378 - Network Security and Privacy (56721)

Fall 2007

Course description

This course focuses on basic concepts in network security. It aims to introduce students to the fundamental techniques used in implementing secure network communications, and to give them an understanding of common threats and attacks, as well as some practical experience in attacking and defending networked systems.

This is not a course in cryptography, nor a comprehensive course in systems security.

Syllabus

Basics of cryptography:
cryptographic hash functions, symmetric and public-key encryption
Authentication and key establishment
Buffer overflow attacks
Web security
Internet worms, viruses, spyware
Spam and phishing
Denial of service
TCP/IP security
Firewalls and intrusion detection systems
Wireless security

Late submission policy for take-home assignments is here.

Course materials

Kaufman, Perlman, and Speciner's Network Security (2nd edition) is required. ISBN for this book is 0130460192.
Ross Anderson's Security Engineering (ISBN 0471389226) and The Shellcoder's Handbook (ISBN 0764544683) are recommended. The Art of Intrusion (ISBN 0471782661) is another fun read.
Selected reading materials will be made available as the course progresses.

Prerequisites

CS 310/336 is required.
CS 375 (Compilers), CS 356 (Computer Networks), CS 346 (Cryptography) and CS 361 (Intro to Computer Security) are recommended, but not required.
Projects will involve implementing attack code to exploit buffer overflows in C programs and scripting vulnerabilities in Web applications. Working knowledge of C and JavaScript is strongly recommended.