CSE+468+-+Network+Security

Practical network security exposure and hands-on experience about basic concepts, case studies, and useful tools.
 * Course Overview:**

1. Setting up network servers and DNS servers 2. Learn how to setup firewalls to manage network traffic and implement in your network 3. Implementing basic authentication and SSL implementations on a web server 4. Intrusion detection and penetration testing using Snort, Syslog, & Openvas
 * Types of Projects in this Course:**


 * Example Syllabus:**

** Course Objectives ** This course helps students learn network security techniques through various network analytic and diagnostic tools. At the end of the semester, student will learn security techniques in three fields:

1) How to use network analytic and diagnostic tools to monitor network services, inspect network vulnerabilities, and detect intrusions,

2) To understand attack techniques and to learn how to build secure network infrastructure and provide defensive services to counter attacks, and

3) How to use secure network applications and learn security philosophies behind them.  **Course Outcomes**  After completin this course, students are expected to have the following backgroup and capabilites:  1. Understand basic security terminologies, models, architectures, and techniques.

2. Learn attack techniques and corresponding countermeasures.

3. Demonstrate an awareness of network security standards and cryptography algorithms.

4. Elicit and document the processes in countering attacks.

5. Build a security system to given counter attacks.

6. Follow the computer security ethics.

7. Plan and track a network security establishment effort.

8. Conduct a security penetration test.

9. Present security system setup and process results in oral and written form. **General Course Description**

This course is developed to meet the high demands for practical network security exposure at advanced undergraduate level, and to help students get hands-on experience with network security issues. The course is broadly divided by three portions:

1) network foundation and applied cryptography foundation,

2) cases studies: attack techniques and corresponding countermeasures,

3) network tools (ping, traceroute, wireshark, nmap, etc.) and secure network applications (iptables, OpenSSL, etc.).  **Course Coverage**  The course will cover three areas: network attacks, anti-attack technologies and secure network applications. **The following topics are tentative and may be changed during the semester.**  Network Foundation  Network infrastructure  Network protocol  Network equipment  Network interconnection. Introduction of applied cryptography.  Confidentiality  Symmetric key scheme: DES, 3DES, AES, etc.  Asymmetric key scheme: RSA, Elgmal, Elliptical curve cryptography  Authenticity
 * Keyed hash function (HMAC)
 * DSA

Applications
 * Public Key Infrastructure (PKI)
 * X509 Certificates, Certificate Authorities (CA)
 * SSL/TLS
 * System Hardening

Privileges
 * Password/Authentication Tokens
 * File Permissions
 * Antivirus

Protect Against: Buffer Overflow Attacks & Password attack Reconnaissance
 * Social Engineering
 * Network Mapping
 * Network Scanning

Access Control
 * ACL
 * Radius/Kerberos Server
 * Firewall technology

Denial of Service (DoS) attack and Distribute Denial of Service (DDoS) attack Auditing
 * Syslog
 * Network intrusion detection (snort, tripwire)

Virtual private network (VPN)
 * IPSec
 * ssh

Wireless security (Optional) **Text Book**: No. However, lecture notes will be provided.

**Recommended Reading**: "Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)", by Edward Skoudis (Author), Tom Liston, Prentice Hall, 2006.

ISBN:0131481045 "Cryptography and Network Security0", 4th Edition, by William Stallings, Prentice Hall.

ISBN:0131873164 **Grading Policy**: The grading schema is broken down as follows:


 * ~ Item ||~ Number of Items ||~ Point Value ||~ Percent of Grade ||
 * Exam and Final || 2 || 100 || 30% ||
 * Assignments and quizes || 6-8 || 20 || 10% ||
 * Projects || 5-6 || 100 || 60% ||
 * Attendance || * || * || 5% ||
 * Extra Project (CSE598 only) || 1 || 20 || (20% of Overall projects) ||
 * Total || 105% ||
 * * Attendance will be counted by ramdom exercises or quizes distributed in class without in advance notice. ||