กก
Name : Dr. Bin Lu,
Office : 408 Anderson Hall
Phone : 610-436-2595
Email : blu <at> wcupa <dot> edu (put "CSC495" in the subject line and use your WCU account when sending email to me)
Office hours: MWF: 11:00-12:00pm; Th: 2:00-4:00pm; or by appointment.
Permission of the instructor
Network Security: Private Communication in a Public World, 2nd Edition, Charlie Kaufman, Radia Perlman, and Mike Speciner, Prentice Hall Publishers, ISBN: 0-13-046019-2.
By the end of this course, you should be able to:
1. Explain the following terminologies in your own words:
1) security, safety, threat, vulnerability, asset, security policy, preventive/detection, risk, intruder, insider threat, risk avoidance, risk management, risk acceptance, accountability, identity theft, physical security, cost/benefit analysis
2) confidentiality, integrity, availability, reliability (fault/error/failure, buffer overflow, race condition), authentication, non-repudiation, cryptology, cryptography, cryptanalysis, symmetric/asymmetric key cryptography, one-time pad, public key cryptography, digital signature, hash, CBC-MAC, HMAC, DES, AES, ECB, CBC, RSA
3) password, dictionary attack, password aging, proactive password checking, password shadow, salt, Unix password security, one-time password
4) access control: MAC (entities, security level, security categories, security labels, subject, object clearance, classification, dominate), authorization policy
6) malicious logics, mobile code, computer virus, Trojan horse, Internet worm, logic bomb, backdoor, side channel attacks (timing, power), C fault analysis, traffic analysis, information warfare, social engineering, honeyspot, passive/active attacks, DoS, DDoS, SYN flooding, smurf attack, e-mail bombing, spoofing attack (IP spoofing, DNS spoofing, sequence number guessing, session hijacking)
7) signature/knowledge-based network intrusion detection
8) Firewall, packet filtering firewall, circuit replay firewall, application gateway; IPsec, ESP, AH
9) SSL, SSH, HTTPS
10) E-mail security: PGP/GPG, S/MIME
11) network security assessment, IP network scanning
Explain how DES and AES encryption, decryption and key schedule work
Explain how RSA encryption and digital signature work.
Describe the different levels of authentication, state the requirements and mechanisms for identification and authentication
Explain what dictionary attacks are and how to mitigate them. Explain why one-way hash and salt are used in password-based authentication.
Explain how packet filtering firewall and application gateway work; explain how IPsec works ; state typical firewall configurations
Determine appropriate mechanisms for protecting information systems ranging from operating systems, to database management systems, and to applications
Explain the basic concepts and state the general techniques in intrusion detection
State the criteria of evaluating secure network systems.
(We will have 14 lectures; each lecture lasts 2 hours 40 minutes)
Introduction and Basic Security Concepts (1 lectures)
Cryptography and Its Applications (4 lectures)
Introduction to System Security (1 lecture)
Identification and Authentication (2 lectures)
Network and Distributed Systems Security (5 lectures)
Administrating Security (1 lecture)
Assignments 30%, midterm 35%, term project 35%.
There will be 3 assignments, each worth 10 points.
The final grades are computed according to the following rules:
A : >= 90%
A- : >= 88% and < 90%
B+ : >= 85% and < 88%
B : >= 80% and < 85%
B- : >= 78% and < 80%
C+: >= 75% and < 78%
C : >= 70% and < 75%
C- : >= 68% and < 70%
D : >= 60% and < 68%
F : < 60%.
Homework and project deadlines will be enforced. Late homework will be accepted with a 10% reduction in grade for each class period they are late by. However, once a homework assignment is discussed in class or the solution is posted, submissions will no longer be accepted. All assignments must be turned in before the start of class on the due date.
Students are allowed to take excused absence. However, evidence, such as university excuse letter or doctor's note, must be shown. The instructor will NOT discuss the content of missed classes with students who take unexcused absence.
Students are responsible for discussing makeup exams if they miss exams due to excused absence. The instructor will choose a mutually agreed date and time for the makeup exam. The makeup exam must be taken before the exam keys are distributed or the exams are discussed in class.
Late submission of homework assignments due to excused absences is not subject to the policies on late assignments.
| First Day of Classes | August 27 |
| Beginning of Drop/Add | August 27 |
| End of Drop/Add period | September 4 |
| Course Withdrawal Period Begins | September 5 |
| End of Course Withdrawal period. Term Withdrawals only after this date. | October 26 |
| End of term withdrawal period. | November 30 |
| Last Day of Classes | December 10 |
| Final Examinations | Friday, December 14 |
The Computer Science Department has adopted the following policies in regard to academic dishonesty in Computer Science classes:
1. A student found to be academically dishonest in an assignment will receive zero for that assignment if it is his/her first offense in that class, but an F for the course if it is for his/her second offense in that class.
2. A student found to be academically dishonest in a test will receive the grade of F in that class.
3. For the purposes of this document on academic dishonesty, every form or method of evaluation in a class will be considered as being of one of two types: an assignment or a test. Assignments include homework assignments, and short quizzes. Tests include final exams and major exams. An instructor has, subject to these guidelines, the discretion to determine the type of any other form of evaluation, such as a project, in his/her class.
4. A student who has received the grade of F in a course because of academic dishonesty and who wants or is required to repeat that course may re-take that course only as a regularly scheduled course that is open to the student community in general. In exceptional circumstances, this condition may be revoked, but only by an explicit action to that effect by the full Computer Science Committee, and only then on a case by case basis.
5. The term academic dishonesty is used throughout in the sense provided by the rules and regulations of West Chester University.
The following is taken from The Ram's Eye View of 1997-1998:
Academic dishonesty as it applies to students includes but is not limited to academic cheating; plagiarism; the sale, purchase, or exchange of term papers or research papers; falsification of information which includes any form of providing false or misleading information, written, electronic, or oral; or of altering or falsifying official institutional records. Plagiarism is defined as copying another's work or portion thereof and/or using ideas and concepts of another and presenting them as one's own without giving proper credit to the source.
Please see http://www.wcupa.edu/_admin/social.equity/ADA.htm for AMERICANS WITH DISABILITIES ACT POLICY
According to the statement, "...A student who wants to request an accommodation and/or receive specialized services should contact the Director of the OSSD Office. The policies and procedures used by the OSSD Office are contained in the West Chester University Handbook on Disabilities, which is available in the OSSD Office, located at 105 Lawrence Center, V/TDD 610-436-3217."
For any emergency incident, contact WCU's Department of Public Safety: 610-436-3311.