UBE 528
NETWORK SECURITY
2015-2016 SPRING
Catalog
Data: Network
Security, 3 hour lectures
Principles of Network Attacks and Defenses, Cryptography, Authentication
and E-mail security
Instructor: PROF.DR.M.E.DALKILIC
Textbooks
·
Counter Hack, 2nd. Ed., Ed Skoudis, 2005
·
W. Stallings, Cryptography and Network Security:
Principles and Practice, 4th ed., Prentice-Hall, 2006
·
C. Kaufman, R. Perlman and M. Speciner, Network
Security 2nd ed, Pren-Hall,2003
Referenences
·
Computer Networking, 6th ed. Kurose and Ross, 2013
Goals: A survey of network security technology. Each of the basic
building blocks of network security, including conventional and public-key cryptography,
authentication, and digital signatures are covered. In addition methods for
countering hackers and viruses are explored. The course covers important
network security applications such as PGP, PEM, Kerberos, and X509, DSS
security
Prerequisites: Fundamental Concepts in Computer Networks, Graduate
standing
Topics:
·
Introduction
·
Attacks
·
Hash functions
·
User/Web authentication
·
Symmetric Encryption
·
Attacks, Denial of Service
·
Spam, Antispam
·
Wi-fi, RFID, VoIP security
·
Intruders, viruses and worms
·
Public key cryptography
·
PKI and certificates
·
IP and WEB security
·
Firewalls
·
Anonimity networks
Grading (tentative):
- Homeworks
20%
- Midterm,
25%
- Project,
20%
- Final
Exam, 35%
Useful material mostly from
Keith Ross’s Network Security Course
Project Dates:
· Proposal : April 20th,
2016 (e-mail to mehmet.emin.dalkilic@ege.edu.tr)
· Presentation : last week of the term
i.e., June 1st 2016 (in class)
· Report : During the presentation (submit
hard copy)
· Individual or two-people projects are allowed
·
Implementation projects or literature survey/
product security analysis type projects are accepted
·
All Reports and Presentations will be in TURKISH!
·
Sample
Project topics:
1. Internet Privacy
2. Internet
anonymity
3. Malware
4. Steganography
5. Digital
Watermarking
6. Mobile
(electronic) signature
7. Smart Card
applications
8. Authentication
applications- BAN Logic
9. secure
electronic voting
10. e-money
(bitcoin)
11. Latest
Firewall technology
12. Latest IDS
technology
Homework #1
(Due date: March 16th, 2016)
1. Explain the Smurf Attack.
2. Explain source routing and spoofing attack using source routing.
3. Explain (switch) port stealing and its use in a session hijacking attack.
Hint: A good source is the text:
Counter Hack,
2nd ed., Ed Skoudis, 2005.
Homework
#2
(Due date: March 30th, 2016)
Homework
2 typed
Homework
#3
(Due date: April 6th, 2016)
1.Briefly describe the HMAC
algorithm. Also explain the steps done on the sender and receiver when HMAC
used for message authentication.
2. Describe the decryption
process in DES. What are the decryption equations for DES?
3. Explain, in a step by step
fashion, the man in the middle attack against Diffie-Hellman Key Exchange
Protocol.
4. a) Suppose Alice has a
message that she is ready to send to anyone who asks. Thousands of people
want to obtain Alice’s message, but each wants to be sure of the integrity
of the message. In this context, do you think a MAC-based or a digital
signature based integrity scheme is more suitable? Why?
b) Suppose Bob initiates a TCP
connection to Trudy who is pretending to be Alice. During the Handshake,
Trudy sends Bob Alice’s certificate. In what step of the SSL handshake
algorithm will Bob discover that he is not communicating with Alice?
Explain.
Homework #4
(Due date: April 13th, 2016)
Problems 10, 13, 20 ve 25 from Chapter 8 of Kurose&Ross,
Computer Networking, 6th. ed.
Homework4typed
Also you may want to take a look at Problems 22 and 24 ExtraQuestionsTyped
for exam preparation.
Homework
#5
(Due date: April 27th, 2016)
1.
What is the difference between a packet-filtering
firewall and a proxy-server firewall? Can the two be used together?
2.
What are the four tables maintained by the Linux
kernel for processing incoming and outgoing packets?
3.
How does an iptables
based firewall decide as to which packets to subject to the INPUT chain of
rules, which to the FORWARD chain of rules, and which to the OUTPUT chain
of rules? Additionally, which part of a packet is examined in order to
figure out whether or not the condition part of a rule is satisfied?
4.
Show how you would use the iptables command to reject all incoming SYN packets that seek
to open a new connection with your machine?
5.
What is the option given to the iptables command to flush all the
user-defined chains in a table? How do you flush all the rules in a table?
6.
What are the icmp-types
associated with the echo-request (ping) and with the echo-reply (pong)
packets?
7.
What is the iptables
command if you want your machine to accept only the incoming connection
requests for the SSHD server you are running on your machine? (You want
your machine to drop all other connection request packets from remote
clients.)
8.
What is connection tracking? How does an iptables-based firewall know that
the incoming packets all belong to the same ongoing connection?
Source: Lecture
18 of Lecture Notes on Computer and Network Security by Avi Kak of Purdue
University.
Send any
comments or suggestions to dalkilic
Last revised in March, 10 1997
|