CSE 571S Network Security Raj Jain Washington University in Saint Louis Saint Louis MO 63130 Jain cse wustl edu These slides are available on line at http www cse wustl edu jain cse571 07 Washington University in St Louis CSE571S 1 1 2007 Raj Jain Overview Goal of this Course Grading Prerequisites Tentative Schedule Project Washington University in St Louis CSE571S 1 2 2007 Raj Jain Goal of This Course Comprehensive course on network security Includes both theory and practice Theory Cryptography Hashes key exchange Email Security Web Security Practice Hacking and Anti Hacker techniques Graduate course Advanced Topics Lot of independent reading and writing Project Survey paper Washington University in St Louis CSE571S 1 3 2007 Raj Jain Incidents Reports Received CERT Statistics 150000 100000 50000 0 1985 1990 1995 2000 2005 Year Computer emergency response team CERT Security is a 1 concern about Internet Significant industry and government investment in security Washington University in St Louis CSE571S 1 4 2007 Raj Jain Prerequisites CSE 473S Introduction to Computer Networking or equivalent Washington University in St Louis CSE571S 1 5 2007 Raj Jain Prerequisites ISO OSI reference model TCP IP protocol stack Full Duplex vs half duplex UTP vs Satellite link vs Wireless Cyclic Redundancy Check CRC CRC Polynomial Ethernet IEEE 802 MAC Addresses Bridging and Routing IEEE 802 11 LAN Washington University in St Louis CSE571S 1 6 2007 Raj Jain Prerequisites Cont IP Address Subnets Private vs Public Addresses Address Resolution Protocol ARP Internet Control Message Protocol ICMP IPV6 addresses Routing Dijkstra s algorithm Transport Control Protocol TCP User Datagram Protocol UDP TCP connection setup TCP Checksum Hypertext Transfer Protocol HTTP Washington University in St Louis CSE571S 1 7 2007 Raj Jain Text Book Charlie Kaufman Radia Perlman and Mike Speciner Network Security Private Communication in a Public World 2nd Edition Prentice Hall 2002 ISBN 0130460192 Washington University in St Louis CSE571S 1 8 2007 Raj Jain Supporting Books On 2hr reserve at WUSTL Olin Library Ankit Fadia Network Security A Hacker s Perspective Course Technology Ptr May 06 415 pp ISBN 1598631632 Vincent J Nestler et al Computer Security Lab Manual McGraw Hill 2006 755 pp ISBN 0072255080 Gert DeLaet Gert X Schauwers Network Security Fundamentals Cisco Press Sep 04 400 pp ISBN 1587051672 Richard Bejtlich The Tao Of Network Security Monitoring Beyond Intrusion Detection Addison Wesley Jul 04 798 pp ISBN 321246772 Eric Rescorla SSL and TLS Designing and Building Secure Systems Addison Wesley Oct 00 499 pp ISBN 201615983 Washington University in St Louis CSE571S 1 9 2007 Raj Jain Supporting Books Cont Jon C Snader VPNs Illustrated Tunnels VPNs and IPsec Addison Wesley Professional Oct 05 480 pp ISBN 032124544X Matt Bishop Introduction to Computer Security AddisonWesley Professional Oct 04 784 pp ISBN 0321247442 Saadat Malik Network Security Principles and Practices Macmillan Technical Pub Nov 02 400 pp ISBN 1587050250 Jan Harrington Network Security A Practical Approach Morgan Kaufmann Pub Mar 05 365 pp ISBN 123116333 Wenbo Mao Modern Cryptography Theory and Practice Prentice Hall Ptr Jul 03 648 pp ISBN 0130669431 Washington University in St Louis CSE571S 1 10 2007 Raj Jain Tentative Schedule Washington University in St Louis CSE571S 1 11 2007 Raj Jain Tentative Schedule Cont Washington University in St Louis CSE571S 1 12 2007 Raj Jain Tentative Schedule Washington University in St Louis CSE571S 1 13 2007 Raj Jain Grading Mid Terms Best 1 of 2 Final Exam Class participation Homeworks Project 30 30 5 15 20 Washington University in St Louis CSE571S 1 14 2007 Raj Jain Projects A survey paper on a network security topic Wireless Network Security Key Exchange Protocols Comprehensive Survey Technical Papers Industry Standards Products A real attack and protection exercise on the security of a system web server Mail server Groups of 2 students Hacker and Administrator Average 6 Hrs week person on project 9 Hrs week person on class Recent Developments Last 5 to 10 years Not in books Better ones may be submitted to magazines or journals Washington University in St Louis CSE571S 1 15 2007 Raj Jain Projects Cont Develop a hack tool to break the security of a system Develop a tool to protect from the hack tool Goal Provide an insight or information not obvious before the project Real Problems Thesis work or job Homeworks Apply techniques learnt to your system Washington University in St Louis CSE571S 1 16 2007 Raj Jain Project Schedule Mon 10 8 07 Mon 10 15 07 Mon 10 29 07 Mon 11 12 07 Mon 11 19 07 Mon 12 3 07 Washington University in St Louis Topic Selection Proposal References Due Outline Due First Draft Demo Due Reviews comments Returned Final Report Due CSE571S 1 17 2007 Raj Jain Office Hours Monday 11 AM to 12 noon Wednesday 11 AM to 12 noon Office Bryan 405D Teaching Assistant Chakchai So in Bryan 516 1 hour week Group meeting CSE 571 Security Lab Bryan 516 Washington University in St Louis CSE571S 1 18 2007 Raj Jain Frequently Asked Questions Yes I do use curve Your grade depends upon the performance of the rest of the class All homeworks are due on the following Monday unless specified otherwise Any late submissions if allowed will always have a penalty All exams are open book and extremely time limited Exams consist of numerical as well as multiple choice truefalse questions There is a negative grading on incorrect multiple choice questions Grade 1 for correct 1 n 1 for incorrect Everyone including the graduating students are graded the same way Washington University in St Louis CSE571S 1 19 2007 Raj Jain Summary Goal To prepare you for a job as a secure systems administrator There will be a lot of self reading and writing Get ready to work hard Washington University in St Louis CSE571S 1 20 2007 Raj Jain Student Questionnaire Name Email Phone Degree Expected Date Technical Interest Area s Prior networking related courses activities Prior security related courses If you have a laptop or desktop it s operating system Do you have a WiFi interface I agree to abide by the rules and will not use the techniques on any computer other than mine or CSE 571 security lab Signature Date Washington University in St Louis CSE571S 1 21 2007 Raj Jain Lab Homework 1 Gathering Info Learn about IPconfig ping arp nslookup whois tracert netstat route hosts file 1 Find the IP addresses of www google com 2 Modify the hosts file to map