Guide to Computer Network Security Syllabus .
Instructor:
Phone:
Office Hours:
Class Meetings:
Email:
COURSE DESCRIPTION:
This course is a study of key mechanisms, procedures and best practices in computer and mobile communication networks. Among the issues to be discussed are: the security of LANs, WANs, databases, and network operating systems; threats to computer networks through exploitation of network infrastructure design weaknesses; security flaws in the network infrastructure protocols; security of content in computer network services; risk assessment and security policies; and security in mobile communication networks. Procedures will include: networks intrusion detection and forensics technologies, cryptographic and authentication systems, capability and access control mechanisms, and new developments in Internet routing and transport protocols, secure mail, directory, and multimedia multicast services. Current trends and research in security policies and technologies will also be discussed.
COURSE OBJECTIVES:
To make students aware of the security perils and vulnerabilities in computing in general and in both fixed computer and mobile networks in particular
To familiarize students with the important issues pertaining to protecting computer systems against unauthorized penetration and access and denial of service to computing systems
To introduce to students current and effective procedures to deal with network security threats, including use of “best practices” software tools.
To cultivate students’ interests in the search for network security solutions with the hope that some of them, in later years, may become lead scientists in this search for durable solutions
To create and nurture an ideal atmosphere for academic dialogue, debate, and question-answer sessions among students intended to deepen the understanding of security of their computerized and networked environments
To improve, students' oral and written communication skills
To affect students' behavior by challenging them to examine the role ethical and moral deliberations play in the security of their highly networked environments.
COURSE REQUIREMENTS:
Regular class attendance.
Since there will be a good amount of class discussion, active class participation is essential. This means you must spend some quality time preparing for your next class.
One mid semester examination and a comprehensive final examination will be given. Any exam make up will be on Reading Day.
Homework assignments: absolutely no work passed through door and window holes (even if it survives our custodial staff) will be accepted. Late work is penalized 10% per day. While collaboration on labs and projects is permitted, blatant copying will not be tolerated.
Since you have been issued with one UTC computer account ( I assume), you have a responsibility and an obligation to practice what you are learning in the course by preventing abuse and misuse of the university computer resources. Please read the UTC Computer Use Code of Conduct.
Individual extra credit assignments for the purpose of propping up a bad grade will not be given.
Note taking is encouraged.
EVALUATION: Exercises 10%
Mid-exams (2) 40%
Labs and Projects 30%
Comprehensive Final Examination 20%
Grading scale: 90+ = A; 80-89 = B; 70-79 = C; 60-69 = D; below 60 = F
TOPICAL OUTLINE:
Part I: Security Awareness
Week 1: Basic Security Concepts–(Security: General, Information, Computer, and Network).
Week 2 The Status of Computer Network Security: Security Threats; How pervasive are security attacks
Week 3 Vulnerability of Computer Networks
Week 4 Cyber Crimes and Hackers & Hostile Scripts
Week 5 Security Assessment, Analysis and Assurance
Examination 1 Coverage: All covered content.
Part II: Dealing with Network Security Challenges
Week 6 Access Control and Authorization
Week 7 Disaster Management & Authentication
Week 8 Cryptography (Conventional and public-key encryption and hash
Functions)
Week 9 Cryptography (Encryption algorithms, confidentiality,
key distribution, message authentication, digital signatures)
Week 10 Firewalls & Network Security Practice (Authentication protocols: Kerberos,
X.509 Directory Authentication Service)
Examination 2 Coverage: chapters All content since exam1.
Week 11 Intrusion Detection
Week 12 Network Security Practice( IP Sec, S/Mime, PGP)
Week 13 Security Evaluations of Computer Products
Week
14
and operations
Week 15 Site security summary
Final
Examination:
TEXTBOOKS:
Required:
Kizza, J.M. Guide to Computer Network Security, Springer- 2009, ISBN 0978-1-84800-916-5.
Recommended:
Stein, L.D. Web Security: A Step-by-Step Reference Guide. Addison Wesley Longman, Inc., 1998. ISBN 0-201-63489-9
Dieter Gollmann. Computer Security, , J. Wiley & Sons.
Kaeo, Merike. Designing Network Security. Cisco Press,1999. ISBN 1-57870-043-4
(ii) Cryptographic algorithms and public key security standards, including RSA Labs PKS standards and IETF RFCs. http://williamstallings.com/Security2e.html
(iii) Security Discussion Lists ( i.e. ipsec@lists.tislabs.com, bugtraq, Ntbugtraq, and Linux-alert)
(iv) Emergency Response Centers ( i.e. CERT)
(v) Software manuals
OTHER
i. Network Security Essentials, W. Stallings, Prentice Hall.
ii.
PGP: pretty good privacy,
iii. TCP/IP Network administration, Craig Hunt, O'Reilly & Assoc.
iv. Practical UNIX security, Simson Garfinkel and Gene Spafford, O'Reilly Assoc.
v. Building Internet Firewalls, D.B. Chapman and E.D.Zwicky, O'Reilly & Assoc.
vi. Schneier, B. Applied Cryptography - Protocols, Algorithms, and Source Code in C,Second Edition. John Wiley and Sons, 1995,
vii.
Stinson, D.R. Cryptography - Theory and Practice. CRC Press,
viii. Denning, D. Information Warfare and Security. ACM Press, 1999.
ix. Denning, D., and J. Denning. Internet Besieged: Countering Cyberspace Scofflaws. ACM Press, 1998.
x. Stein, L.D. Web Security: A Step-by-Step Reference Guide. Addison Wesley Longman,
xi. Security reference, http://www.rootshell.com
AMERICANS WITH DISABILITIES ACT:.