Syllabus
- When: Fall 2021 September 1 - December 8 (final exam date will be announced at a later date).
- Where: Class meets once a week either (either online via Zoom or in-person) for discussion and questions/answers. These sessions are with Professor Kermani not a TA. Materials including posted videos are available via Blackboard.
Discussion session is planned for Tuesday afternoons at 5:30 P.M.-6:45 P.M. in Fall 2021.
UWW Section 1 (Grads - COMPSCI and ECE students as well as any other student at the grad level with instructor permission (including non-matriculated/non-CS/non-ECE students).
UNIV Section 1 (MS-CS).
Non-matriculated students can enroll in the UWW section with permission. MS degree students may do so as well (for example, if they are off campus for the semester). Attendance in discussion sessions is optional but highly recommended.
- Instructor: Dr. Parviz Kermani
- This class can be applied towards the Information Security Certificate or as an outside elective for the CS MS degree.
This course provides an introduction to the principles and practice of computer and network security with a focus on both fundamental principles and practical applications through hands-on approach. Many of the principles are taught through examples. The key topics of this course are a brief introduction to computer networking; applied cryptography; protecting users, data, and services; network security, and common threats and defense strategies. Students will complete number of practical lab assignments as well as auto-graded quizzes/assignment.
Prerequisites: No prerequsities for COMPSCI and ECE graduate students; however, knowledge equivalent to COMPSCI 377, Operating Systems, or equivalent experience. Any education in security requires a good knowledge of networking. Knowledge of COMPSCI 453, Computering Networking is essential to completely benefit from this course. Other non-degree students need permission of instructor.
Tentative Agenda:
- Fundamentals (1 weeks) - Week 1
- Basic definitions
- when is an asset security
- Confidentiality, integrity, authentication, availability, etc.
- Ethics
- Policy basics
- Threat and risk basics
- Recovery from attacks
- Basic definitions
- Applied Cryptography (2 week) - Weeks 2,3,
- Symmetric-key crypto
- Cryptographic hash functions
- Public/private key cryptography
- Information Hiding: Watermarking and Steganography
- Hash Functions & Message Authentication Codes & Applications
- Applications: Protecting users, data, and services (1 Week)- Week 4
- Password & User protection
- File/Software integrity
- Message authentication
- Digital Signature
- X.509 Digital Certificate
- End-Point Authentication
- Establishing Session Key
- Secure e-mail
- Passwords and user authentication
- Distributed: Brief introduction to Kerberos
- Encrypted file systems
- Fundamentals of Computer Networking (4 weeks)- Weeks 5-8
- Networks and Internet
- Application Layer
- Transport Layer
- Network Layer
- Link Layer
- Local Area and Wireless Networks
- Network security (1 Week)- Week 9
- Port scanning
- Transport-Level Security; SSL/TLS
- Wi-Fi security
- Malware: Viruses and Rootkits (1 Week)- Week 10
- Malware: Viruses and Rootkits, Worms and Botnets
- Phishing
- Threats and Mitigation (1 Weeks)- Week 11
- Firewalls and Intrusion Detection Systems
- Online Tracking
- VPNs
- iptables
- Anonymous Communications (1 Week)- Week 12
- Network Attacks: BGP, DNS, DoS
- Tor and related systems
- Wrap up & Review (1 Week)- Week 13
Workload, Grading, and Participation Policy:
There will be one (or multiple) assignments per week; a total of 10+ assignments. There will be a final project or a final exam for this course.
This is an online course. All class material and (most of) class video lectures will be available on Blackboard. The course will have weekly (online/video) sessions/discussion which are recorded and made available to students. Participation in class meeting, while not mandatory, is expected of all students. If you cannot participate in a class, please let the instructor know.
The final exam will be announced when the date is determined. The exam will be on any day from Monday November 30, 2020 to Friday December 4, 2020. The exam will be online. The exact date/time will be available on SPIRE.
Grade distribution
The following distribution will be used for the final grading in this course
Coursework |
Approximate Amount |
% |
Assignments (evenly distributed) |
10+ |
70% |
Final (exam or project) |
1 |
20% |
Discussion participation/ (My discretion) |
5% |
Textbooks:
The two textbooks which I will be following in this course cover the material from two different points of view. The book by Wending Du, as the title suggests, covers the topic in a very practical and hands-on approach. The second book by William Stallings is more descriptive and covers the topics in more traditional way. I have used parts of these two books and well as lecture notes by other leaders of the field in this course.
Wenliang Du: Computer & Internet Security, A hand-on Approach, Second Edition, 2019. I recommend that students purchase this book. It covers the topics which we discuss in the course in a hands-on approach. We will cover many sections of this book. A valuable book to have.
William Stallings: Network Security Essentials, Sixth Edition, Pearson, 2017
I will use this book for a more in-depth coverage of theoretical aspect of the course. It is condensation of a more theoretical book by the same author and covers the fundamental mechanism used in security practice.
Textbooks (Reference):
Jim Kurose and Keith Ross: Computer Networking: A top-down approach, Seventh Edition, Pearson 2017. For the purpose of this course, the Sixth edition of the book will be sufficient. If you plan to purchase this book, I highly recommend the 7th edition. You might be able to purchase or find PDF of the 6th edition of this book. This is an excellent (the best!) book on networking. I use it to cover the networking part of this course. I have used a chapter of this book on security in my lecture notes.
Matt Bishop: Introduction to Computer Security, Addison Wesley, 2005
This is a classic book and I have used part of it in my lecture notes.
Matt Bishop: Computer Security [Art and Science], Pearson, 2019
A new edition of a classic book.