UBE 528
NETWORK SECURITY
2014-2015 SPRING
Catalog Data: Network
Security, 3 hour lectures
Principles of Network Attacks
and Defenses, Cryptography, Authentication and E-mail security
Instructor: PROF.DR.M.E.DALKILIC
Textbooks
·
Counter Hack, 2nd. Ed., Ed Skoudis,
2005
·
W. Stallings, Cryptography and Network
Security: Principles and
Practice, 4th ed., Prentice-Hall, 2006
·
C. Kaufman, R. Perlman and M. Speciner, Network Security 2nd ed, Pren-Hall,2003
Referenences
·
Computer Networking,
6th ed. Kurose and Ross, 2013
Goals: A survey
of network security technology.
Each of the basic building blocks of network security, including conventional and public-key cryptography, authentication,
and digital signatures are covered. In addition methods for countering hackers and viruses are explored. The course covers important network security applications such as PGP,
PEM, Kerberos, and
X509, DSS security
Prerequisites: Fundamental
Concepts in Computer
Networks, Graduate standing
Topics:
·
Introduction
·
Attacks
·
Hash functions
·
User/Web authentication
·
Symmetric Encryption
·
Attacks, Denial of Service
·
Spam, Antispam
·
Wi-fi, RFID, VoIP security
·
Intruders, viruses and worms
·
Public key cryptography
·
PKI and certificates
·
IP and WEB security
·
Firewalls
·
Anonimity networks
Grading (tentative):
- Homeworks 20%
- Midterm, 25%
- Project,
20%
- Final Exam, 35%
Useful material mostly from Keith Ross’s Network Security Course
Sample Midterm exam from year 2002 is here
Sample Final exam from year
2002 is here
Project Dates:
· Proposal
:
April 15th, 2015 (e-mail to mehmet.emin.dalkilic@ege.edu.tr)
· Presentation : last week of the term (in class)
· Report : During the presentation (submit hard copy)
· Individual or two-people projects are allowed
·
Implementation projects or literature survey/ product security analysis type projects are accepted
·
All Reports and Presentations will be in TURKISH!
·
Sample Project topics:
1. Internet Privacy
2. Internet anonymity
3. Malware
4. Steganography
5. Digital Watermarking
6. Mobile (electronic) signature
7. Smart Card applications
8. Authentication applications- BAN Logic
9. secure electronic voting
10. e-money (bitcoin)
11. Latest Firewall technology
12. Latest IDS technology
Homework #1
(Due date: March 18th, 2015)
1. Explain
the Smurf Attack.
2. Explain
source routing and spoofing attack using source routing.
3. Explain
(switch) port stealing and its use
in a session hijacking attack.
Hint: A good source is the text: Counter Hack, 2nd ed., Ed Skoudis, 2005.
Homework #2
(Due date: April 1st, 2015)
Homework 2 typed
Homework #3
(Due date: April 8th, 2015)
1.Briefly describe
the HMAC algorithm. Also explain the steps done
on the sender and receiver when HMAC used for message authentication.
2. Describe
the decryption process in DES. What are the decryption
equations for DES?
3. Explain,
in a step by step fashion,
the man in the middle attack against Diffie-Hellman Key Exchange
Protocol.
4. a) Suppose
Alice has a message that
she is ready to send to
anyone who asks. Thousands of people want to obtain Alice’s
message, but each wants to be sure of the integrity of the message. In this context,
do you think a MAC-based or a digital signature based integrity scheme is more suitable? Why?
b) Suppose
Bob initiates a TCP connection to Trudy who is pretending to be Alice. During the Handshake, Trudy sends Bob Alice’s
certificate. In what step of the SSL handshake algorithm will Bob discover
that he is not communicating
with Alice? Explain.
Homework #4
(Due date:
April 22nd, 2015)
Problems 10, 13, 20 ve 25 from Chapter 8 of Kurose&Ross, Computer
Networking, 6th. ed.
Homework4typed
Also you
may want to take a look
at Problems 22 and 24 ExtraQuestionsTyped
for exam preparation.
Homework #5
(Due date: May 13th, 2015)
1.
What is the difference between a packet-filtering
firewall and a proxy-server firewall? Can the two be used together?
2.
What are
the four tables maintained by the Linux kernel for processing incoming and outgoing packets?
3.
How does an iptables based firewall decide as to which packets
to subject to the INPUT chain of rules, which to the
FORWARD chain of rules,
and which to the OUTPUT chain of rules? Additionally, which part of a packet is examined in order to figure out
whether or not the condition part of a rule is satisfied?
4.
Show how you would use the
iptables
command to reject all incoming SYN packets that seek to
open a new connection with your machine?
5.
What is the option given to the
iptables
command to flush all the
user-defined chains in
a table? How do you flush all the
rules in a table?
6.
What are
the icmp-types associated with the echo-request
(ping) and with the echo-reply
(pong) packets?
7.
What is the iptables command if you want
your machine to accept only
the incoming connection requests for the SSHD server you are
running on your machine? (You want your machine
to drop all other connection
request packets from remote clients.)
8.
What is connection tracking? How does an iptables-based firewall know that the incoming
packets all belong to the
same ongoing connection?
Source: Lecture 18 of Lecture Notes on Computer and Network Security by Avi Kak of Purdue University.
Send any comments or suggestions to dalkilic
Last revised in March, 10 1997
|