ISA656: Network Security 
George Mason University, Computer Science, Fall 2016

Instructor: Prof. Foteini Baldimtsi (foteini@gmu.edu)
Office Hours: Mondays 2:00PM-4:00PM, Engineering 5333 (also by appointment)
Lectures: Mondays 4:30PM-7:10PM, Location: Innovation Hall 136 

Course Summary

An in-depth introduction to the theory and practice of network security. It assumes basic knowledge of cryptography and its applications in modern network protocols. This course will train you how to "think like an adversary"---thinking about how adversary might attack a system by subverting and exploiting assumptions made during system design---and will discuss threat modeling and formal cryptographic approaches to defining and proving security or privacy.

The class studies firewalls architectures and virtual private networks and provides deep coverage of widely used network security protocols such as SSL, TLS, SSH, Kerberos, IPSec, IKE, and LDAP. It covers countermeasures to distributed denial of service attacks, security of routing protocols and the Domain Name System, e-mail security and spam countermeasures, wireless security, multicast security, trust negotiation and decentralized payment systems (Bitcoin like).

Prerequisites: ISA 562 and ISA 612 or CS 555; or permission of instructor. There will be substantial programming involved in the assignments, and students should be familiar with programming in C, Java or another language.


Required Materials

Text Book: Kaufman, Perlman, and Speciner. Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192. (Required). 

There will also be on-line news articles and research publications that will be required reading before some of the lectures.


Grading

Midterm: 25%
Labs: 5% (There will 2-3 in class labs)
Assignments: 40% (4 assignments that will require both programming and problem solving)
Final Project: 25% (You will work on project in network security with a writeup/presentation due at the end)
Class/Forum Participation: 5% 

Assignments received later that day lose 5%, the next day 20%, two days late 40%, after that no credit will be given.


Communications: We will use piazza to communicate with you. You are welcome to use Piazza to set up study groups, to post interesting security incidents you read about (please tag these as "interesting incident in the news"), or to discuss the course with other students. If you have a question about the course you should: (a) Come to office hours, OR (b) Post to Piazza. You are welcome to post to Piazza anonymously, but please don't use private posts to ask technical questions. The rest of the class is probably also interested in your question, so make it public! 


Ethics: To defend a system you need to be able to think like an attacker, and that includes understanding techniques that can be used to compromise security. However, using those techniques in the real world may violate the law or the university's rules, and it may be unethical. Under some circumstances, even probing for weaknesses may result in severe penalties, up to and including expulsion, civil fines, and jail time. Our policy is that you must respect the privacy and property rights of others at all times, or else you will fail the course

Acting lawfully and ethically is your responsibility. Carefully read the Computer Fraud and Abuse Act (CFAA), a federal statute that broadly criminalizes computer intrusion. This is one of several laws that govern "hacking".  Understand what this law prohibits. 

Class Schedule:

 Lecture  Topic  Suggested Readings  HWS
08/29 Lec. 1

Introduction & Class logistics and
Cryptography Toolbox

Chapters 1.1-1.6 and 2.1-2.4
Security for encryption schemes: Ciphertext Only Attack (COA), Known Plaintext Attack (KPA), Chosen Plaintext Attack (CPA), Chosen Ciphertext Attack (CCA). 
 HW0
 09/13 Lec. 2  Cryptography Toolbox II Chapters 3.1-3.3, 3.5, 3.6, 4.1-4.5
Misuse of RC4 in Microsoft Excel, RC4 attack on SSL/TLS, SSL Beast attack (reusing IV in CBC mode)
 HW1
 09/20 Lec. 3    Public Crypto, PKIs, CAsChapters 5.1, 5.2, 5.5, 5.7, 6.1, 6.4, 9.1, 15.1-15.5
Padding oracle attack (LuckyThirteen attack on TLS, POODLE attack on SSL) 
 
 09/27 Lec. 4 SSL/TLSChapter 19
TLS 1.3 Specification
 HW2
 10/03 Lec. 5 KerberosChapters 11.4, 13
MIT kerberos
 
 10/11 Lec. 6     DNS, DNESSEC A DNSSEC tutorial, Kaminsky attach on DNS, DNSviz tool
 
 10/17 Lec. 7     IPSec, PGP, S/MIMEChapters 17,19,21,22
IPSec by Cisco, More on IPSecOpenPGP
HW3
 10/24 Lec. 8   Email Spam, Firewalls Chapter 23

 
 10/31 Lec. 9   Firewalls, IDS, Review  
 11/07  MIDTERM  
 11/14 Lec. 10 Web security  HW4
 11/21 Lec 11 Web security II  
 11/28 Lec 12 Bitcoin Princeton Bitcoin Book Final Project