T. Andrew Yang
|
Last updated: 3/25/2019: revised schedule (weeks 9-11) 2/6/2019: corrected dates in the schedule 1/23/2019: first posted |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CSCI 5235-02 Spring 2019
(1/22–5/6 + final exam)
Time
& Classroom Wednesday,
1:00pm – 3:50pm
(Delta 158B) Course Description: Topics to be covered
include review of basic concepts and principles related to network defense
(networking protocols and cryptography, mission
assurance, network policy development and enforcement, etc.), secure network
development (network access control, DMZs / proxy servers, network hardening,
implementing firewalls, VPNs, etc.), and advanced network defense techniques
(honeypots, honeynets, network monitoring, implementing IDS/IPS, etc.) Prerequisite:
Basic understanding of networking
technologies (e.g., CSCI 5132
Internet Protocols, CSCI 4312 Network Protocols, or ITEC 3365 Network
Fundamentals) and introduction to cybersecurity (e.g., CSCI 5233
Computer Security & Cryptography, CSCI 4391 Select Topic - Cyber Attacks
and Defense, ITEC 3388 Cyber Security I), or instructor’s approval Course Objectives: This course provides an essential study of
network defense, related vulnerability and security issues, and common tools
available for network packet analysis and exploitations. Learning Outcome:
After
having successfully completed the class, one should be able to 1.
Understand fundamental security issues in
computer networks 2.
Understand the common mechanisms used in
securing a network 3.
Design a TCP/IP network with IP Security 4.
Design and deploy firewalls to secure a
private network 5.
Design and deploy a virtual private network to
secure remote connections 6.
Select appropriate methods to detect and
counter intrusions to a network 7.
Understand other advanced issues related to
network security Class Format: Lectures are combined with discussions and hands-on projects. Students are expected to be active participants, by studying the relevant chapters and/or research papers,
and participating at in-class discussions. A note about Bloom's Taxonomy
and your learning … Instructor:
Dr. T. Andrew Yang
Teaching assistant info and office hours: TA
- Mohamed Nasardeen, Mohamed
Ifthikhar; MohamedNasarM9652@UHCL.edu
Office Hours – Tuesday: 11 am – 1 pm Wednesday: 8 am - 12 pm Location –Delta 2nd floor PC
lab Note: Contact the instructor (yang@uhcl.edu)
immediately if you have any problem with the TA or the office hours. Required Text: ·
E: Chuck
Easttom. Network Defense and Countermeasures:
Principles and Practices (3rd Edition) (Pearson IT Cybersecurity Curriculum
(ITCC)) 3rd Edition, Pearson, 2018. ISBN-10: 0789759969;
ISBN-13: 978-0789759962 ·
D:
Wenliang Du. Computer Security: A
Hands-on Approach, CreateSpace Independent Publishing
Platform; 1st edition (October 12, 2017). ISBN-10: 154836794X; ISBN-13:
978-1548367947 + Instructor's handouts in the class and/or on the Web Reference Books ·
Michael Gregg, The Network Security Test Lab: a
step-by-step guide, Wiley, 2015. ISBN-10: 1118987055;
ISBN-13: 978-1118987056 ·
James
Forshaw, Attacking Network
Protocols: A Hacker's Guide to Capture, Analysis, and Exploitation, No Starch
Press, 2017. ISBN-10: 1593277504; ISBN-13: 978-1593277505 ·
Chris
Sander, Practical Packet
Analysis, 3E: Using Wireshark to Solve Real-World Network Problems, 3rd
Edition, No Starch Press, 2017. ISBN-10: 1593278020;
ISBN-13: 978-1593278021 ·
Nainar, Ramdoss,
and Orzach,
Network Analysis Using Wireshark 2
Cookbook: Practical recipes to analyze and secure your network using
Wireshark 2, 2nd Edition, Packt Publishing, 2018. ISBN-10: 1786461676;
ISBN-13: 978-1786461674 ·
Matthew
Monte, Network Attacks and
Exploitation: A Framework, Wiley, 2015. ISBN-10: 1118987128;
ISBN-13: 978-1118987124 Topics
and Notes
++ Attendance Policy: You are expected
to attend all classes. There will be no penalty for a person’s first two
absences without documented excuse. 1% will be taken for each of the
absences after the first two absences without documented excuses. Note: Being tardy is no excuse when a
person is found to be absent from the class. Note: If you ever miss a class, it is your responsibility to get
hold of whatever may have been discussed in the class. +++ Class Participation:
Participating in the class is
expected. You should ask or answer questions during the in-class or online
discussions. Grading Scale: The
accumulated points from all the categories determine a person's final grade. There
will be no extra-credit projects.
Tests & Exams: Both
analytic and synthetic abilities are emphasized. Being able to apply the
learned knowledge toward problem solving is also highly emphasized in the
tests. Unless
due to unexpected, documented emergency, no make-up exams will be given. No make-up exams will be granted once the exams have been
corrected and returned to the class. Assignments
and projects will be posted at the class web site. Assignments &
projects are due before the beginning of the class on the due day. See Topics and Notes for the due dates. a. Identification page: All assignments must have your
name, and course name/number/section number (e.g., CSCI 4391-03) at the top
of the first page. b. Proper stapling: Staple all the pages together at
the top-left corner. NOTE: Do not use paper clips. c. Order ! Order! Arrange the solutions following the
sequence of the questions. Write the question number at the top-right corner
of each page. d. Word processing: It is required that you type your
reports (e.g., print them using a printer). Use a word processor and
appropriate typesetting and drawing tools to do the assignments. Spell-check
the whole document before printing it. You may lose points due to spelling or
grammatical errors. Projects: The
projects will involve the design and implementation of encryption/decryption
algorithms and/or application of the algorithms to real-world problems.
Students are expected to employ the theories and techniques learned in the class
to design the system. Details
of the projects will be later made available at Assignments & Projects. NOTE:
Unless otherwise
specified, all assignments and projects are individual work. Students should take caution not to
violate the academic
honesty policies. Check out the details at this
link. Instructor's Notes:
Go to the Index |