CPSC 4620 Computer Network Security
A study of key security issues and procedures in computer and mobile communication networks. Among the issues to be discussed are: the security of LANs, WANs, databases, and network operating systems; threats to computer networks through exploitation of network infrastructure design weaknesses; security flaws in the network infrastructure protocols; security of content in computer network services; risk assessment and security policies; and security in mobile communication networks. Procedures will include: network intrusion detection and forensics technologies, cryptographic and authentication systems, capability and access control mechanisms, and new developments in Internet routing and transport protocols, secure mail, directory, and multimedia multicast services. Current trends and research in security policies and technologies will also be discussed.
Prerequisite: CPSC 4550 or 5550 or approval of department head.
- Provide students with a high‐level understanding of how information security functions in an organization.
- To master understanding external and internal threats to an organization,
- To be familiar with information security awareness and a clear understanding of its importance,
- To be familiar with how threats to an organization are discovered, analyzed, and dealt with,
- To master fundamentals of secret and public cryptography,
- To master protocols for security services,
- To be familiar with network security threats and countermeasures,
- To be familiar with network security designs using available secure solutions (such as PGP, SSL, IPSec, etc),
- To be familiar with advanced security issues and technologies (such as DDoS attack detection and containment, and anonymous communications,),
- To be exposed to original research in network security,
- To be exposed to the importance of integrating people, processes and technology
- Michael T. Goodrich & Roberto Tamassia, Introduction to Computer Security, ISBN-13: 978-0-321-51294-9, ISBN-10: 0-321-51294-4, Pearson, 2011.
- Vincent Nestler, Gregory White, wm. Arthur Conklin, Principles of Computer Security: CompTIA Security+ and Beyond – Lab Manual, ISBN: 978-0-07-174856-8, MHID: 0-07-174856-3, McGraw Hill, 2011.
Topic 1: Introduction
CIA, Security goals, Assurance, Authenticity, Trust management, Anonymity, Threats and attacks (Eavesdropping, Alteration, Denial-of-service, Masquerading, Repudiation, Correlation and traceback), Security principles, Economy of mechanism, Fail-safe defaults, Complete mediation, Open design, Separation of privilege, Least privilege, Least common mechanism, Psychological acceptability, Work factor, Compromise recording, Access Control, Role-based access control, Symmetric cryptosystems, Symmetric key distribution, Public-key cryptography, Digital signatures, Hash functions, Message authentication codes, Digital certificates, Passwords, Password complexity, Social Engineering
Topic 2: Physical Security: Authentication, TEMPEST, RFID, Biometrics
Topic 3: Operating System Security: Process Security, Memory and File System security
Topic 4: Operating System Security Application Program Security
Topic 6: Malware: Insider Attacks, Malware, Privacy-Invasive Software, Countermeasures
Topic 7: Network Security: ARP, ICMP, Sniffing, IP Spoofing
Topic 8: Network Security: TCP, UDP, NAT, TCP Session Hijacking, DoS
Topic 9: Network Security: DNS, Firewall, SSH, IPsec, VPN
Topic 10: Network Security: IDS, Honeypots, Wireless security
Topic 11: Web Security
Topic 12: Cryptography
Topic 13: Security Models and Practice
Topic 14: Distributed-Applications Security
- Introduction to Disaster Recovery
- Preparing for the Disaster Recovery Plan
- Assessing Risk in the Enterprise
- Prioritizing System Functions for Recovery
- Developing Plans and Procedures
- Organizational Relationships in Disaster Recovery
- Procedures for Responding to Attacks on Computers
- Developing Procedures for Special Circumstances
- Implementing Disaster Recovery Plans