- Future Students
- Academic Progams
- Undergraduate Program
- Current Semester CS Courses
- New Course Offerings
- Upcoming Semesters
- Previous Semesters
- Canonical Syllabi
- Course Access & Request Policy
- Academic Integrity Policy
- Grad Student Registration
- Variable Title Courses
- Study Abroad
- Professional Practice
- Co-Op Professional Practice
- Non-Co-Op Professional Practice
- ISS Application Process for International Students (CPT, OPT, RCL, Program Extension, COEL)
- Pass/Not Pass Spring 2020
CS 52800: Network Security
The course focuses on the principles and foundations of building secure network systems and on security and privacy challenges in existing and emerging networks. The course compares and analyzes network architectures and network protocols from the physical layer to the access control, network, transport and application layer from an adversarial standpoint to understand how to build more secure protocols that can withstand attacks. The course material builds upon CS 52600 Information Security.
Week 1: Computer Networks
Review of network protocols. Types of networks and configurations, examples of protocols and their goals, examples of network configurations and their goals (e.g., enterprise networks, data centers, Internet Service Provider backbones).
Week 2: Goals and Attack Models
Security and privacy goals for network protocols. Attacker models and examples of attacks.
Week 3: Address Resolution and Transport
Attacks against the Address Resolution Protocol (ARP). Attacks against the Transmission Control Protocol (TCP). Discussion of different solution strategies.
Week 4: Secure and Private Transfer
Comparison of Internet Protocol Security (IPSec), Secure Socket Layer (SSL), and Secure Shell (SSH). Virtual Private Networks (VPNs). Connection establishment and authentication. Confidentiality and integrity properties.
Week 5: Transport Layer Protocols
Introduction to transport layer security (TLS), and Quick User Datagram Protocol (UDP) Internet Connections (QUIC) and their properties.
Week 6: The Domain Name System
Attacks and security solutions for the Domain Name System (DNS). Attacks include denial of service, reflection attacks, and DNS cache poisoning. Solutions such as DNS security (DNSEC) and their properties.
Week 7: Redirection and HTTPs
Secure HyperText Transfer Protocol (HTTPS). Attacks involving HTTPS and DNS redirection.
Week 8: Backbone Networks
Attacks and security solutions for the interdomain routing protocol: the Border Gateway Protocol (BGP). Attacks include prefix hijacking and timer flaps. Solutions include secure BGP (S-BGP), the routing public key infrastructure (RPKI), and route flap damping. Security in software defined networks (SDN).
Week 9: Enterprise Networks
Attacks and security solutions for the intradomain routing protocols: the routing information protocol (RIP) and Open Shortest Path First (OSPF). Firewalls and intrusion detections systems (IDSs). Enterprise security and Network Function Virtualization (NFV).
Week 10: Wireless Local-Area Networks
Attacks and security solutions for local-area wireless networks such as 802.11 and Bluetooth, e.g., Medium Access Control (MAC) security, WiFi Protected Access (WPA), Wired Equivalent Privacy (WEP), Wireless Application Protocol (WAP), and new standards.
Week 11: Wireless Wide-Area Networks
Protocols for digital cellular networks (Global Systems for Mobile communications (GSM), 3G, Long-Term Evolution (LTE)). Authentication and denial of service attacks.
Week 12: Anonymity
Anonymity and mix networks and their properties. Onion routing and Tor. Attacks against Tor.
Week 13: Social Networks
Security and privacy in social networks such as FaceBook. De-anonymization techniques.
Week 14: Control Systems
Security in control and data acquisition (SCADA) systems and in health devices. Security in vehicular networks and avionics.