Network Security Spring 2021


Network Security explores practical elements of securing networked systems and services. The course goals are the following:

  • Provide a solid understanding of the design and analysis of network security architectures, protocols, and services
  • Provide an in-depth examination of contemporary network security standards and their limitations
  • Provide hands-on experience in attacking and defending network services

Topics covered by this course include:

  • Security foundations
  • Low-level network attacks
  • Wireless security
  • Naming and routing
  • Privacy and anonymity
  • Web security
  • Cloud applications

Meetings

  • Class will be remote and asynchronous this semester due to the pandemic
  • Lectures will be posted Tuesdays and Thursdays to Canvas
  • Office hours are Wednesdays and Fridays 13:00-14:00 ET
  • TA hours are Tuesdays 14:00-15:00 ET

Grading

Grades will be assigned based on the completion of labs, assignments, quizzes, and a final project. Points will also be awarded for participation in discussions. Final grades may be subject to a curve.

Labs will consist of programming-based exercises that reinforce lecture material. These can be completed in groups, and this is in fact encouraged. Points will be awarded for completion of lab objectives.

Assignments will consist of programming problems. Students will have ~1-2 weeks to complete each assignment. Assignments are expected to be completed individually by each student. Late assignments will be accepted, with the caveat that grading will be penalized by a full letter grade for each 24-hour period following the submission deadline that an assignment is late. Re-grades of assignments may be permitted, with an associated penalty. The assignment with the lowest score will be dropped from the final grade calculation.

Quizzes will be held on a weekly basis. Questions will be multiple choice and based on material from prior weeks. No make-up quizzes will be held without prior coordination with the instructor. However, the lowest two quiz scores will be dropped from the final grade calculation.

The final project will be a group effort to develop a network security-related software program or library. Groups will consist of ~4 people. Grading will be performed on the basis of project proposals, the project itself, and project presentations. Students will also have the opportunity to submit feedback on their fellow group members.

Component Contribution
Assignments 50%
Final Project 30%
Labs 10%
Quizzes 5%
Participation 5%

Prerequisites

This course requires programming maturity, and a solid background in computer networking. You can expect that the assignments will involve non-trivial programming, in some cases against low-level OS or library APIs. Moreover, you must have passed a networking course covering design concepts and programming APIs for IP, TCP, and UDP, at a minimum. It is very difficult for most students to learn networking concepts on the fly and simultaneously pass this class. If you don’t satisfy this prerequisite, you should only take this class after you have done so.

In addition, practical familiarity with the following or the ability to refer to other references and documentation for the following is also required:

  • Programming languages: Shell scripting (Bash), a systems language (C, C++, Rust), a scripting language (Python, Ruby), JavaScript
  • Container stacks (OCI, Docker)

If you aren’t familiar with these technologies or are uncomfortable referring to available documentation on your own, you will likely have significant difficulty with this course.

As a concrete example for calibration purposes: If asked to write a TCP client that connects to a remote endpoint and engages in a simple binary proof-of-work protocol from a grammar-based specification, this should take on the order of a couple of hours rather than a week.

Policies

Cheating. Work submitted for grading must represent your own effort. Group work is not allowed unless specifically stated otherwise. Similarly, use of third-party content (for code, whether as a library, service, or in source form) is only permissible in the context of the allowances explicitly made as part of a problem statement. “Use” in this context refers not only to copying in the cut-and-paste sense, but any content derived from third-party work. A non-exhaustive list of plagiarism examples include:

  • Copying third-party code verbatim that was published in an online source code repository, forum, or other reference site such as GitHub, GitLab, Stack Overflow, Wikipedia, or similar
  • Adapting an algorithm found in third-party code published online
  • Collaborating on code with other students, such as adapting code written by another student or working together on a shared code base at any point

While referring to third-party code can be helpful in devising your own solution, it is also extremely dangerous as it is all too easy to plagiarize without realizing it. (It is for exactly this reason that viewing source code published online that may be relevant to a product is almost always strictly forbidden in corporate settings due to intellectual property concerns.) While discussing course material with other students is encouraged, it is strongly recommended that students refrain from viewing any third-party source code.

Cheating damages the reputation of the university as well as the grades of students who participate in the course in good faith. As such, there will be zero tolerance for cheating in this course. Students that participate in this course must acknowledge that they have read and understood the University Academic Integrity Policy. All cheating cases will be brought to the CCIS Academic Integrity Committee and to OSCCR on the first offense. Finally, all students found to be cheating will receive a failing grade on the first offense.

Reference Material. There is no official textbook for this course. Instead, we will rely on lectures and readings. If you need to brush up on background material on algorithms, architecture, systems, or networks, strongly reconsider whether you satisfy the course prerequisites.

Due to the fast pace of the field, much information is only available online and thus referring to third-party online sources is encouraged. However, keep in mind that referring to third-party source code is permissible only within the constraints of the class and university academic integrity policies.

Online Discussion. Online discussion and questions will be handled through Canvas. For private questions, feel free to contact me via Teams. A best effort attempt will be made to respond to messages within 24 hours on weekdays during normal working hours. To ensure a timely response, do not wait to ask questions until the night before a submission deadline.

Ethics. This course covers sensitive material that includes information on how to exploit vulnerable software. Attack-oriented work must be restricted to the computing resources provided. Alternatively, students can perform this work using personal resources so long as other computing resources are not affected.

In particular, attacks performed against University resources or the open Internet are expressly prohibited. Students should also be familiar with the University Appropriate Use policy.

Schedule

Note: This schedule is preliminary and subject to change
Date Module Topic
Tue Jan 19 Introduction Course Overview and Security Fundamentals
Thu Jan 21 Link, Network, and Transport Layers ARP Cache Poisoning
Tue Jan 26 Link, Network, and Transport Layers IP Spoofing and Flooding QUIZ
Thu Jan 28 Link, Network, and Transport Layers TCP Flooding and Hijacking
Tue Feb 02 Link, Network, and Transport Layers Intrusion Detection and Evasion QUIZ
Thu Feb 04 Link, Network, and Transport Layers Wireless Networking
Tue Feb 09 Authentication Passwords QUIZ
Thu Feb 11 Authentication Kerberos
Tue Feb 16 Core Internet Services DNS Spoofing and Hijacking QUIZ
Thu Feb 18 Core Internet Services Securing the DNS
Tue Feb 23 Core Internet Services Global Routing QUIZ
Thu Feb 25 Core Internet Services BGP Hijacking
Tue Mar 02 Transport Layer Security TLS and PKI QUIZ
Thu Mar 04 Transport Layer Security TLS Vulnerabilities and Attacks
Tue Mar 09 Anonymity Onion Routing QUIZ
Thu Mar 11 Anonymity Censorship
Tue Mar 16 Web Security The Web Security Model QUIZ
Thu Mar 18 Web Security TLS and HTTPS
Tue Mar 23 Web Security Revisiting the Same-Origin Policy QUIZ
Thu Mar 25 Web Security Browser Extensions
Tue Mar 30 Web Security SQL Injection QUIZ
Thu Apr 01 Web Security Web Cache Attacks
Tue Apr 06 Vulnerability Analysis Memory Corruption QUIZ
Thu Apr 08 Vulnerability Analysis Fuzz Testing
Tue Apr 13 Vulnerability Analysis Behavioral Sandboxes QUIZ
Thu Apr 15 Final Project Project Presentations
Tue Apr 20 Final Project Project Presentations

Labs

Name Submission Deadline
Containers Fri Jan 22 18:00 EST
ARP Spoofing Wed Jan 27 18:00 EST
IP Fragmentation Fri Jan 29 18:00 EST
Portscans Wed Feb 03 18:00 EST
WEP Cracking Fri Feb 12 18:00 EST
Kerberos Fri Feb 19 18:00 EST
DNS Spoofing Wed Feb 24 18:00 EST
TLS Certificate Validation Fri Mar 05 18:00 EST
HTTP Interception Fri Mar 26 18:00 EDT
Blind SQL Injection Thu Apr 01 18:00 EDT
Network Deanonymization Thu Apr 15 18:00 EDT

Assignments

Name Submission Deadline
Warm Up Tue Jan 26 18:00 EST
Spoofing Tue Feb 02 18:00 EST
Network Intrusion Detection Tue Feb 09 18:00 EST
Passwords Tue Feb 23 18:00 EST
DNS Tue Mar 09 18:00 EST
Web Application Firewall Fri Apr 16 18:00 EDT