Network Security

CIT 55510/ 3 Cr.

This course focuses on in-depth conceptual and technological aspects of network security for data networks. A wide range of technical issues and topics including a study of network and distributed systems security; cryptanalysis; web security; network threats, vulnerabilities and risks, computer crime, encryption and virtual private networks, and current network security technologies such as firewalls and intrusion detection systems are discussed in this course. Many emerging challenges and solutions in network security architectures, multilevel systems, and security management and monitoring will also be included.

• Available Online: No
• Credit by Exam: No
• Laptop Required: Yes

Prerequisites/Co-requisites:

Graduate Status. Basic network security course (CIT 35600 or CIT 40200 or equivalent).

Textbooks

No required text book.  Handouts will be distributed through canvas and in class. Handouts are mainly based on recent research papers from prominent conferences and journals in network security, such as ACM CCS, NDSS, INFOCOM, ICDCS.

       Reference Books:

• Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, "Cryptography Engineering: Design Principles and Practical Applications", ISBN 9780470474242, 2010, Course Technology
• Levente Buttyan & Jean-Pierre Hubaux, "Security and Cooperation in Wireless Networks", ISBN: 9780521873710, 2007, Cambridge University Press

Software

• Kali Linux

Outcomes

CIT Student Outcomes (What are these?)

(i) Design and develop security systems, and how it relates to networking systems;

(ii) Model risks and vulnerabilities in the system designs from a networking perspective;

(iii) Analyze good cyber security practices, and techniques to secure networks;

(iv) Implement administration policies for networks;

(v) Design based on the various network security models; and

(vi) Explore an interesting research topic of the student's choice related to network security.

Topics

Network Security Primitives (5 lectures)

Secret key cryptosystems: DES (Data Encryption Standard) and AES (Advanced Encryption Standard)

Public key cryptosystems: RSA, Elgamal system, etc.

One-way hash function

Digital signature

DiffieHellman key exchange

One-way key chain, Merkle hash tree

Key distribution (Key distribution center, Certificate based key distribution

Network Security Techniques (5 lectures)

Network security protocols (IPsec, SSL, SSH, PGP, X.509 certificate, etc.)

Client puzzles

Zero-knowledge proof

Bloom filter

Secret sharing

ID-based cryptography

Secret handshake

Rabin’s information dispersal algorithm

Security in ad-hoc wireless networks (4 lectures)

Secure ad-hoc routing protocols

Detecting selfish or malicious nodes

Broadcast authentication

Key management

Secure location verification

Traditional Threats and Defense (7 lectures)

Buffer-overflow exploits

Worm, Virus, Spam, Trojan Horse

DDoS and defense techniques

Attacks on wireless newtorks

Electronic payment systems

Group key management

Network intrusion detection

New Challenges and Developments (4 lectures)

Smartphone-based mobile network security

Social network service security and privacy

Security in cloud computing