Network Security
CIT 55510/ 3 Cr.
This course focuses on in-depth conceptual and technological aspects of network security for data networks. A wide range of technical issues and topics including a study of network and distributed systems security; cryptanalysis; web security; network threats, vulnerabilities and risks, computer crime, encryption and virtual private networks, and current network security technologies such as firewalls and intrusion detection systems are discussed in this course. Many emerging challenges and solutions in network security architectures, multilevel systems, and security management and monitoring will also be included.
- Available Online: No
- Credit by Exam: No
- Laptop Required: Yes
Prerequisites/Co-requisites:
Graduate Status. Basic network security course (CIT 35600 or CIT 40200 or equivalent).
Textbooks
No required text book. Handouts will be distributed through canvas and in class. Handouts are mainly based on recent research papers from prominent conferences and journals in network security, such as ACM CCS, NDSS, INFOCOM, ICDCS.
Reference Books:
- Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, "Cryptography Engineering: Design Principles and Practical Applications", ISBN 9780470474242, 2010, Course Technology
- Levente Buttyan & Jean-Pierre Hubaux, "Security and Cooperation in Wireless Networks", ISBN: 9780521873710, 2007, Cambridge University Press
Software
- Kali Linux
Outcomes
CIT Student Outcomes (What are these?)
(i) Design and develop security systems, and how it relates to networking systems;
(ii) Model risks and vulnerabilities in the system designs from a networking perspective;
(iii) Analyze good cyber security practices, and techniques to secure networks;
(iv) Implement administration policies for networks;
(v) Design based on the various network security models; and
(vi) Explore an interesting research topic of the student's choice related to network security.
Topics
Network Security Primitives (5 lectures)
Secret key cryptosystems: DES (Data Encryption Standard) and AES (Advanced Encryption Standard)
Public key cryptosystems: RSA, Elgamal system, etc.
One-way hash function
Digital signature
DiffieHellman key exchange
One-way key chain, Merkle hash tree
Key distribution (Key distribution center, Certificate based key distribution
Network Security Techniques (5 lectures)
Network security protocols (IPsec, SSL, SSH, PGP, X.509 certificate, etc.)
Client puzzles
Zero-knowledge proof
Bloom filter
Secret sharing
ID-based cryptography
Secret handshake
Rabin’s information dispersal algorithm
Security in ad-hoc wireless networks (4 lectures)
Secure ad-hoc routing protocols
Detecting selfish or malicious nodes
Broadcast authentication
Key management
Secure location verification
Traditional Threats and Defense (7 lectures)
Buffer-overflow exploits
Worm, Virus, Spam, Trojan Horse
DDoS and defense techniques
Attacks on wireless newtorks
Electronic payment systems
Group key management
Network intrusion detection
New Challenges and Developments (4 lectures)
Smartphone-based mobile network security
Social network service security and privacy
Security in cloud computing