2 Contact InformationInstructorAmir (Amirreza Masoumzadeh)Web:amirreza _at_ sis.pitt.eduPlease include “IS1075” in the subject410 IS Bldg. (LERSAIS), 2nd cubicle on your rightOffice hours: Tuesdays 2pm-4pm / by appointmentGSATBA
3 Deals with security issues related to the network Course OverviewDeals with security issues related to the networkCommon attacks originating from the networkPrevention and detection of attacksPerimeter Security, Monitoring, etc.Protocols for enhancing security (e.g. Cryptographic Protocols)Assessment of network security and response to attacks
4 Course Overview: More Details Common AttacksDoS attacks, DDoS attacks, Worms, Masquerading, Enumeration, etc.Cryptographic ProtocolsCryptography, IPSec, SSL/TLS, PGP, Wireless Security, etc.SecurityPacket Filters, Stateful Firewalls, Proxy Firewalls, IDS and IPSMonitoringSniffers, Network Monitoring and Logging Tools
5 Prerequisites Algebra and digital logic INFSCI 1070 – Introduction to Telecom and NetworksGood knowledge of TCP/IP and related protocolsWill be quickly reviewed, but you should feel comfortable with network basics (MAC, TCP/IP, HTTP, etc.)Algebra and digital logicModulo operation, XOR operationWill be reviewedTo understand encryption schemesINFSCI 0017 – Introduction to ProgrammingProbably won't do much programming but ...
6 Textbooks & References Network Security: The Complete ReferenceRoberta Bragg et. al., McGraw-Hill Osborne Media, November ISBN:Cryptography and Network Security, Principles and Practice, 4/Ed. or 5/Ed.,William Stallings, Prentice Hall, 2011, ISBN: (Optional)We also use other books and online materialsSafari booksUse “Secure Remote Access”https://sremote.pitt.eduReadings will be specified for each lectureYou are expected to read the specified references for each lecture before coming to the classNot every details can be covered in the lecturesEvaluation is based on both readings and lectures
7 Some Other References Cryptography and Network Security: Principles and Practices, 4th Ed, William Stallings, Pearson Education, 2006, ( ) Hacking Exposed (Fifth Edition) – Stuart McClure, Joel Scambray, George Kurts ( ) Penetration Testing and Network Defense – Andrew Whitaker, Daniel Newman ( ) Network Security – Private Communication in a Public World – Charlie Kaufman, Radia Perlman, Mike Speciner, ( ) Firewalls and Internet Security (2nd Edition) – William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin ( X) Cryptography and Network Security – Behrouz A. Forouzan ( )
8 Some Other References (Cont.)  Computer Security Lab Manual – Vincent J. Nestler, et. al. ( ) The Craft of System Security, Sean Smith and John Marchesini - ( ) Network Intrusion Detection: An Analyst’s Handbook, by S. Northcutt and J. Novak, New Riders, Indianapolis, Inside Network Perimeter Security, by S. Northcutt and others, New Riders, Indianapolis, 2005. Real Security: Wi-Fi Protected Access and i, by J. Edney and W.A. Arbaugh, Prentice Hall, 2004. The Tao of Network Security Monitoring, by Richard Bejtlich, Addison-Wesley, 2004.
9 Grading 20% Homework (~6) 30% Labs (~5) 15% Quizzes (~10) 15% Midterm 20% Final Exam+10% Optional Term Project
10 Course Logistics Website CourseWeb Course InformationLecture Schedule and SlidesCourseWebhttps://courseweb.pitt.edu/Announcements/CommunicationHomework, labs, and sample solutionsGrades
11 Assignments Ask the GSA if you have problem with Homework/Labs Homework and lab assignments must be delivered by 11- am of the due dates (beginning of the class)There will be 10% penalty for every day late (max two days)No late submission is accepted after two days!Ask the GSA if you have problem with Homework/LabsI will be also constantly monitoring and answering questions if necessaryUse discussion board on CourseWebSample solutions will be posted on CourseWebPre-configured equipment will be provided for labs
12 Quizzes & Exams Quizzes Quizzes and Exams are closed book Exams Short quizzes throughout the semester at the beginning of the classQuizzes will be based on recent materialsYou cannot take a make-up if you miss a quiz (make sure you don’t!)Your lowest grade will be droppedQuizzes and Exams are closed bookExamsSamples will be provided before the examAll written work must be legible and clear to receive creditI should be able to understand what you are trying to do/say without verbal explanations laterNo credit for vague answers, unclear steps, magical solutions, etc.
13 Policies Academic Integrity No copying from web or other books without understanding the materialIf you use such material cite your source properlyStudents may discuss homework assignments and work togetherThe final product for each student MUST be his or her own workZero tolerance for cheatingAt a minimum, cheating will result in a grade of zero on the assignmentDepending on the circumstances, you may also receive a grade of ‘F’ for the course
14 Tentative Course Syllabus - I IntroductionWhat is network security?Why is network security necessary?Basic security concepts and terminologyReview of Network BasicsNetwork operationCommon network protocols, services and applications of interest.TCP/IP, DNS, ICMP, etc.Discussion of some common network attacksThe Process of an Attack, Risks and VulnerabilitiesExamples: SYN Flood attacks, SMURF AttacksAuthentication failures
15 Tentative Course Syllabus - II Network Prevention/ProtectionCryptographySecret key, public key, message authentication, key managementCryptographic ProtocolsProtocol flaws and pitfallsSupport for cryptographic protocols - PKISpecific examplesPGP, Kerberos, SSL, IPSecWireless networksPerimeter SecurityFirewalls
16 Tentative Course Syllabus - III DetectionImportance of detectionIDS and IPSMonitoring, logging and auditingHousekeeping proceduresVulnerability Assessment and ResponseNetwork security in the “real world”Security in organizationsIncident responseLegal issues