|
T. Andrew Yang
|
Last
updated: 9/7: Research Project posted 8/31/2022: Lab 1 posted 8/24/2022: first posted |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
CSCI 5235 Network
Security fall 2022
(8/22 – 12/2 + final exam week)
Time
(Classroom) Wednesdays,
4:00pm – 6:50pm (Delta 201) Note: The
instructor will try his best to have the class sessions recorded (when the
classroom equipment works). If you ever miss any of the sessions, be sure
to watch the recorded video of the class session and/or review the class
notes, which will be shared in the BlackBoard’s
Class Notes folder. Course Description: Topics to be covered include review of
basic concepts and principles related to network defense (networking
protocols and cryptography, mission assurance, network policy
development and enforcement, etc.), secure network development (network
access control, DMZs / proxy servers, network hardening, implementing
firewalls, VPNs, etc.), and advanced network defense techniques (honeypots,
honeynets, network monitoring, implementing IDS/IPS, etc.) Prerequisite: Basic
understanding of networking technologies (e.g., CSCI 5132 Internet
Protocols, CSCI 4312 Network Protocols, or ITEC 3365 Network Fundamentals)
and introduction to cybersecurity (e.g., CSCI 5233 Computer Security
& Cryptography, CSCI 4391 Select Topic - Cyber Attacks and Defense, ITEC
3388 Cyber Security I), or instructor’s
approval Course Objectives: This course provides an essential study of
network defense, related vulnerability and security issues, and common tools
available for network packet analysis and exploitations. Learning Outcome:
After having
successfully completed the class, one should be able to 1. Understand
fundamental security issues in computer networks 2. Understand
the common mechanisms used in securing a network 3. Design a
TCP/IP network with IP Security 4. Design and
deploy firewalls to secure a private network 5. Design and
deploy a virtual private network to secure remote connections 6. Select
appropriate methods to detect and counter intrusions to a network 7. Understand
other advanced issues related to network security Class Format: Lectures are combined with discussions. Students are
expected to be active participants, by studying the relevant chapters
and/or research papers, and participating at in-class discussions. Lifelong learning “Education is not
something you can finish.” (Isaac Asimov) A note about Bloom's
Taxonomy and your learning …
(source: https://tips.uark.edu/usingbloomstaxonomy/
) Instructor:
Dr. T. Andrew Yang - Email address: yang@uhcl.edu - Web site:
http://cse.uhcl.edu/yang (or https://sceweb.uhcl.edu/yang) - Office: Delta 174 - Phone: (281) 283-3835 (Please leave a message if not
available. - Drop-in
Office Hours Click this link: https://uhcl.zoom.us/j/93285948037?pwd=U3NJMmhMaWVjZy9INUxwbS9ENDBvZz09 Tuesdays:
3:00pm-4:00pm Wednesdays:
3:00pm-4:00pm Thursdays:
3:00pm-4:00pm - To communicate with the professor, you are encouraged to email your questions or
issues to yang@uhcl.edu and, if necessary,
set up a time with the professor to have an online meeting. Emails are
typically replied within 24 hours. If you have not received a response within
24 hours, either send a reminder email or leave a message at (281) 283-3835. - Using emails effectively: Emailing
has become an indispensable tool in most work places. Emails
without a subject line or the signature line will be considered as
potentially malicious and be discarded.
Here is a sample subject line: "CSCI 5235 assignment #1, question
3". The signature line should have your full name and the name of the
class. Although
email messages tend to be informal, please check the grammar and spelling of
your messages to ensure their legibility. Try
to provide sufficient details in your email message, such as the problem(s)
you have encountered, the solution(s) you have tried, and the outcome you
have got from these solution(s). Teaching assistant info and office hours
Required Text: ·
William Stallings, Network Security Essentials: Applications
and Standards, 6th edition, Pearson, 2017. Print ISBN: 9780134527338,
013452733X; eText ISBN: 9780134527598, 0134527593. + Instructor's handouts in the class and/or on the Web Recommended Text: ·
Chris
Sander, Practical Packet
Analysis, 3E: Using Wireshark to Solve Real-World Network Problems, 3rd
Edition, No Starch Press, 2017. ISBN-10: 1593278020;
ISBN-13: 978-1593278021 ·
Nainar, Ramdoss,
and Orzach, Network
Analysis Using Wireshark 2 Cookbook: Practical recipes to analyze and secure
your network using Wireshark 2, 2nd Edition, Packt
Publishing, 2018. ISBN-10: 1786461676; ISBN-13: 978-1786461674 ·
Matthew
Monte, Network Attacks and
Exploitation: A Framework, Wiley, 2015. ISBN-10: 1118987128;
ISBN-13: 978-1118987124 ·
Michael Gregg, The Network Security Test Lab: a
step-by-step guide, Wiley, 2015. ISBN-10: 1118987055; ISBN-13: 978-1118987056 ·
James
Forshaw, Attacking Network
Protocols: A Hacker's Guide to Capture, Analysis, and Exploitation, No
Starch Press, 2017. ISBN-10: 1593277504; ISBN-13: 978-1593277505 NOTE:
The following schedule will be adhered to as closely as possible,
although changes are probable. Always check with your instructor if you are
not sure about what would be covered next week. Review the class notes in the
BlackBoard (under the Class Notes folder) to learn what had been covered.
Attendance Policy: You are expected
to attend all classes. If you have ever missed a class, be sure to watch the
recorded session to learn what had been covered. It is your responsibility to
get hold of whatever may have been discussed in the class.
+ Class Participation:
Participating in the class is expected.
You should ask or answer questions during the in-class or online discussions.
Grading Scale: The
accumulated points from all the categories determine a person's final grade. There
will be no extra-credit projects.
Quizzes,
Tests, and Exams: Both analytic and synthetic abilities are emphasized. Being able
to apply the learned knowledge toward problem solving is also highly
emphasized in the tests. No
makeup quiz will be given. Unless
due to unexpected, documented emergency, no makeup tests or exams will be
given. Assignments
will be posted at the class web site as well as in the Blackboard. The due
date and time of each assignment is specified when it is published in the
Blackboard. 1)
Identification page: All assignments must have your name, and course
name/number/section number (e.g., CSCI 4323) at the top of the first page. 2)
Proper organization of
submitted material: If your submission include multiple documents, combine all of them into a
single document (for example, a single PDF or ZIP). 3)
Order! Order! Arrange the solutions following the sequence of the questions.
Write the question number at the top-right corner of each page. 4)
Word processing: It is required that you type your reports (e.g., print them
using a printer). Use a word processor and appropriate typesetting and/or
drawing tools to do the assignments. Spellcheck the whole document
before printing it. You may lose points due to spelling or grammatical
errors. NOTE: When a grade is assigned, the grade can only be appealed within a week after the grade has been posted. Always review a graded lab or test
immediately and, if needed, talk to the instructor within a week. There is a tutorial at https://www.youtube.com/watch?v=im1j8wGNoBg about
how to view grades and instructor feedbacks in the Blackboard. It's smart to
find out what might have gone wrong in your answers (so the same mistakes
won't be repeated in the future exams). A note about problem-solving: An
important part of problem solving is correct understanding of the given
problem. -
Try to have a good grasp of the problem
before starting the process of finding the solution(s). -
Use any resources, including the instructor,
the TA, your classmates/friends, and online resources to ensure that you have
correctly understood the given problem. -
While trying to figure out the solution(s),
continue to verify your understanding of the problem. -
Read the given instructions carefully
before taking any action; while preparing your solutions, be sure to follow
the given instructions. Academic
Honesty Policy: NOTE:
Unless otherwise
specified, all assignments, projects, quizzes, tests and exams are individual
work. Students should take caution not to violate the academic
honesty policy specified by the university. Per the UHCL
academic honesty policy, plagiarism is defined as follow. Plagiarism: a. Incorporating the work or idea of
another person into one’s own work without acknowledging the source of
that work or idea. b. Attempting to receive credit for
work performed by another person, including papers obtained in whole or part
from individuals or other sources. c. Copying copyrighted computer
programs or data files belonging to someone else. Visit http://cse.uhcl.edu/yang/citing.htm for more information about cited references. Instructor's Notes: -
Important: If you think you have lost some points due to grading errors,
make sure you approach the instructor within
a week after the assignment, project, or test has been graded.
-
To get the most out of
this class, you need to read the textbooks and spend time using computers
regularly. Be prepared for a class by previewing the material to be
covered in that class and participate in discussions and problem-solving
exercises, if applicable, in the class. -
Taking notes and understanding what are covered in
classes are essential for successfully passing the exams. -
As a student being
trained to become a professional person, you are expected to behave according
to the professional codes of conduct (e.g., the IEEE
Code of Conduct) or code of ethics (e.g., the ACM Code of Ethics). As
a starting point, listed below are some of the common behaviors that do not
conform to the codes of ethics: - Being
regularly late for the class. - Chatting
with another person while the instructor or someone is giving a speech in
class. - Being
regularly late when submitting assignments. - Asking
the instructor or the TA for a favor when submitting a late assignment. - Checking
out others’ answers
during an exam. - Continuing
to write when an exam’s time is
up, or submitting an online exam past the due time. - Violating
academic honesty when working on the assignments or exams. - Using
others’ write-up
without proper citing when writing a paper or report. - … o Some
wishful thinking that could harm your learning and grade: “It’s during the pandemic, so the instructor must make
it easy for all students to pass the class.” “If
sufficient number of students do not do well in a test or exam, it is the
instructor’s fault and
he/she must give a make-up exam.” “Submitting
an assignments just a few minutes late should be acceptable and the TA or the
instructor should not take points off.” “Submitting a
completed quiz or exam late should be ok if I had started the exam a few
minutes late.” ...
Go to the Index UHCL
Covid-related Policies and Information (Fall 2021) The documentation below contains
language approved by the Office of General Council from UH System for
inclusion in all syllabi. Face
Covering Policy Presence
in Class · Are
NOT exhibiting any Coronavirus Symptoms that makes you think that you may have
COVID-19 · Have
NOT tested positive or been diagnosed for COVID-19 · Have
NOT knowingly been exposed to someone with COVID-19 or suspected/presumed
COVID-19 If you are experiencing any
COVID-19 symptoms that are not clearly related to a pre-existing medical
condition, do not come to class. Please see Student Protocols for what to do if you experience symptoms
and potential exposure for what to do if you have potentially been
exposed to COVID-19. The Covid-19
Reporting Forms for
students are easily accessible and you are encouraged to report a diagnosis
or an exposure. COVID-19
Information Vaccinations Reasonable
Academic Adjustments/Auxiliary Aids Recording
of Class Syllabus
Changes Resources
for Online Learning UHCL Email Go to the Index |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
