CIS 4363: Network Security and Privacy - Spring 2007

Instructor:      Ratan Guha
                        guha@cs.ucf.edu
                        (407) 823 - 2956
Class:  TTh 4:30 – 5:45 PM, Eng 224
Office: HC (Engr III) 244
Office Hours: TTh 1:00 – 2:30 PM, W 2:00 – 3:00 PM, or by appointment
 
Assistants: Hua Zhang [HC 313] Office hours M W 3:00 – 5:00 PM, (407)-823-2524
and Some of My other Ph. D. Students (HC 301)
 
Catalog Description: Fundamentals of network security, protocols, secure applications, network intrusion detection, security policy, firewalls, and privacy issues.
 
Prerequisites: CDA 4506C or equivalent, CIS 3360, CIS 3362, and COP 3503
 
Textbook: Network Security – PRIVATE Communication in a PUBLIC World, Second Edition, Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall Inc. (2002).
 
Secondary Textbooks:
ST1      Cryptography and Network Security – Principle and Practices, Fourth Edition, William Stallings, Prentice Hall Inc. (2007)
ST2      Computer Networking – A Top-Down Approach Featuring the Internet, Third Edition, James Kurose and Keith Ross, Addison Wesley (2005)
ST3      Internetworking with TCP/IP Principles, Protocols, and Architecture, Fifth Edition, Douglas Comer, Prentice Hall Inc. (2007)
ST4      Real 802.11 Security Wi-Fi Protected Access and 802.11i, Jon Edney and William Arbaugh, Addision Wesley (2004)
ST5      Cyberethics- Morality and Law in Cyberspace, Third Edition, Richard A. Spinello, Jones and Bartlett, 2006
 
Course Description
This course aims to give a good understanding of computer networks, and network security. The topics we will discuss are Internetworking with TCP/IP, wireless networking with 802.11, Internet security, confidentiality, authentication, security attacks, detection of threats, defense and privacy issues. After taking the course, a student ought to understand the security threats against computer networks, and have at least a good idea of the ways to address them.
 
Prerequisites:  
Academic Dishonesty Policy: All assignments MUST BE done individually. Sharing answers or working together on specific problems is prohibited. Students are permitted to discuss without writing general strategies with other students in the class. Students may also get help debugging code from students not in the class. Please try to come to the instructor, the Assistants, or additional programming support personnel if you are having difficulty on assignments. Failure to adhere to these policies may result in the lowering of the final class grade by a whole letter grade, on the first offense.
 
 
Outline of material to be covered:
  
  Chapter/Source
1. Wireless LAN 802.11 Classnotes, ST2- Ch - 6
2. Security in 802.11
WEP, WPA, RSN, TKIP
Radius, Authentication
Classnotes, Ch – 9,10, ST4
3. Secure Protocols, Standards Ch - 11,12, 13, 14, 15
4. Security in Electronic Mail, PEM, S/MIME, PGP Ch - 20, 21, 22
5. Real-time Communication Security Ch - 16
6. IPsec, SSL/TLS Ch - 17, 18, 19, ST - 3
7. Firewalls Ch – 23
8. Intrusion Detection Classnotes
9. Privacy and Policies ST5 – Ch -5
                     
           
 
Tentative Assignments and Grading Breakdown: worth(% of grade)
Programming and Lab assignments: 25%
Homework assignments: 10%
First Exam (February 20): 15%
Second Exam (March 22) 15%
Final exam (April 26 – 4:00 – 6:50 PM) 35%

 
Notes: +/- grades may be given in this course if deemed appropriate.
 
Other Relevant Information
 
Withdrawal Deadline – March 2 (Friday)
Last day of class April 19 (Thursday)
Spring Break March 12 -17
Final Exam April 24 - 30