CS 4740/6740 - Network Security

News & Announcements

Syllabus

Welcome to the Network Security course webpage (CS 4740/6740). Networks security is a topic that requires as much attention to its real-world implications as its theoretical underpinnings. The CS 4740/6740 Network Security course allows the students to explore the practical elements of networks security and related design, and deployment decisions in a supervised laboratory, while simultaneously acquiring a strong conceptual knowledge of the underlying theory in the more traditional classroom environment. The combination of these elements provides students with a vivid picture of why and how networked systems and applications must be designed, implemented, deployed, and maintained in a secure fashion. The course goals are multi-fold:

• Provide a solid understanding of the design and analysis of network security architectures, protocols, and services. Most of these protocols are based on cryptographic primitives and can be used as building blocks for more sophisticated networked systems. Such theoretical knowledge also provides the foundations to understanding attacks from password cracking to recent SSL/TLS BEAST and CRIME exploits.
• Provide a indepth coverage of today's network security standards, their functionality and limitations e.g., SSL/TLS, Kerberos, IPsec, OAuth, WPA.
• The course covers how industy and international standards are used as part of state of the art systems such as in Single Sign On, email (e.g., S/MIME, DKIM), web (e.g., HTTPS), DNS (e.g., DNSSEC), online social networking platforms (e.g, facebook), 2G/3G/4G/WiFi wireless/mobile communication systems protocols, streaming platforms (e.g., netflix). We will also discuss recent trends in network security attacks, and cyber-attacks in general, and analyze variety of attacks from the analysis of worms spreading, to SSL/TLS session renegotiations/compression, DNS security, to spam and it's crypto-based countermeasures.
• The course has a substantial hands-on component. In addition to the conceptual problem sets, each team of students is required to perform several laboratory assignments on a sandboxed network of virtual machines. Such labs include netowrks scanning, host/network intrusion detection, buffer overflow attacks, passwork cracking, sql injection, and cross site scripting. The course culminates in a project where the students apply the acquired conceptual and practical knowledge of network security protocols and applications to designing, prototyping and deploying a networked application (typically a secure instant messaging application). Each team is also required to analyze other teams designs and implementations, identify potential vulnerabilities and demonstrate exploits.

Instructors interested in using the course material (including laboratory setup, configs, and solutions) are welcome to contact me.

Staff

Instructor

Guevara Noubir (noubir ATA ccs DOTA neu DOTA edu)
Office: 238 West Village H

Lab TA

Amirali Sanatinia (amirali ATA ccs DOTA neu DOTA edu)
Office: 208 West Village H

Class Information

Time/Location

Monday / Thursday at 11:45 am - 1:25 pm, 458 RI

Office Hours

Monday / Thursday at 2:00pm - 3:00 pm, 238 WVH.

Required Textbook

Network Security: Private Communication in a Public World Charles Kaufman, Radia Perlman, Mike Speciner, Pearson Education, April 2002

Course Home Page

https://chimera.ccs.neu.edu/CS6740/F13.

Announcements, discussions, forums

All announcements and discussions will be through piazza : https://piazza.com/northeastern/fall2013/cs6740/.

Prerequisites

Knowlege of Internet networking protocols (e.g, a Networking course).

Course schedule

Current Schedule.

Laboratory

Laboratory assignments will be on the course sandboxed network of virual machines and infrastructure (See Laboratory 1).

Additional Resources

List of books.
List of useful links.

Class Materials

• [PDF; Handouts] Review of Internet architecture and protocols.
• [PDF; Handouts] Non-cryptographic network security: tools, etc.
• [PDF; Handouts] Review of cryptography concepts, algorithms,and security services.
• [PDF; Handouts] Authentication Protocols I: Basics
• [PDF; Handouts] Authentication Protocols II: Mediated Authentication Protocols (KDC)
• [PDF; Handouts] Authentication Protocols III: Strong Password-Based Authentication
• [PDF; Handouts] Kerberos.
• [PDF; Handouts] Secure Socket Layer SSL/TLS.
• [PDF; Handouts] Public Key Infrastructures (PKI).
• [PDF; Handouts] IPsec: AH, ESP, IKE.
• [PDF; Handouts] Multicast Security.
• [PDF; Handouts] DNS Security.
• [PDF; Handouts] Email Security.
• [PDF; Handouts] Viruses, Worms, etc.

Test Your Knowledge

• You can access the weekly Test Your Knowledges here.

Assignments

Problem Sets

• PS1 [solution]

• PS2 [solution]

• PS3 [solution]

• PS4 [solution]

Lab Assignments

1. Introduction

2. Buffer Overflow

3. Port Scanning

4. Network Intrusion Detection

5. Host-based Intrusion Detection

6. Password Cracking

7. Firewall

8. Host Hardening

9. Man-in-the-Middle Attacks

10. Local Exploits

11. Vulnerability Scanning

12. Application Exploits

Midterm

The exam will take place on November 6th and 8th. Please mark your calendars and make sure that you will be able to attend.

Finals Project

• Application guidelines
• Competition Rules

Teams Final Designs and Implementations:

• Previous years teams A and B: Design and Source
• F12 teams: Design and Source

Notes

• Late submissions will result in a 10% penalty per day (e.g.: 2.5 days late result in 25% penalty.)

• Students may discuss the problem sets with one another, but solutions should be written up separately.

• If a key idea is obtained from another person (other than the TA or the instructor) or from another book or paper (other than the course textbook), then the source of that idea should be cited. Solutions should be presented in a clear and concise manner.

• Teams consist of two students. All the team member should participate actively to the labs and application development. For each laboratory each group member should document his contribution.

• Undergraduate teams must complete 5 lab (including the Introduction Laboratory 1).

• Graduate teams must complete 7 lab (including the Introduction Laboratory 1).

Grading

The course grade will be based on:

• 20%: 4 problem sets on network security theoretical concepts
• 10%: 3 quizzes
• 30%: Midterm exam
• 15%: Laboratory assignments
• 20%: Presentations, final project report (design and analyis of other teams), code, and demonstrations
• 5%: Class participation