1-1©2007 Raj JainCSE571SWashington University in St. LouisCSE 571S: CSE 571S: Network SecurityNetwork SecurityRaj Jain Washington University in Saint LouisSaint Louis, MO [email protected] slides are available on-line at:http://www.cse.wustl.edu/~jain/cse571-07/1-2©2007 Raj JainCSE571SWashington University in St. LouisOverviewOverview! Goal of this Course! Grading! Prerequisites! Tentative Schedule! Project1-3©2007 Raj JainCSE571SWashington University in St. LouisGoal of This CourseGoal of This Course! Comprehensive course on network security! Includes both theory and practice! Theory: Cryptography, Hashes, key exchange, Email Security, Web Security! Practice: Hacking and Anti-Hacker techniques! Graduate course: (Advanced Topics) ⇒ Lot of independent reading and writing⇒ Project/Survey paper1-4©2007 Raj JainCSE571SWashington University in St. LouisCERT StatisticsCERT Statistics! Computer emergency response team (CERT)! Security is a #1 concern about Internet.! Significant industry and government investment in securityYear0500001000001500001985 1990 1995 2000 2005Incidents Reports Received1-5©2007 Raj JainCSE571SWashington University in St. LouisPrerequisitesPrerequisites! CSE 473S (Introduction to Computer Networking) or equivalent1-6©2007 Raj JainCSE571SWashington University in St. LouisPrerequisitesPrerequisites! ISO/OSI reference model! TCP/IP protocol stack! Full-Duplex vs half-duplex! UTP vs Satellite link vs Wireless! Cyclic Redundancy Check (CRC)! CRC Polynomial! Ethernet! IEEE 802 MAC Addresses! Bridging and Routing! IEEE 802.11 LAN1-7©2007 Raj JainCSE571SWashington University in St. LouisPrerequisites (Cont)Prerequisites (Cont)! IP Address! Subnets! Private vs Public Addresses! Address Resolution Protocol (ARP)! Internet Control Message Protocol (ICMP)! IPV6 addresses! Routing - Dijkstra's algorithm! Transport Control Protocol (TCP)! User Datagram Protocol (UDP)! TCP connection setup! TCP Checksum! Hypertext Transfer Protocol (HTTP)1-8©2007 Raj JainCSE571SWashington University in St. LouisText BookText Book! Charlie Kaufman, Radia Perlman, and MikeSpeciner, "Network Security: Private Communication in a Public World," 2nd Edition, Prentice Hall, 2002, ISBN: 0130460192.1-9©2007 Raj JainCSE571SWashington University in St. LouisSupporting BooksSupporting BooksOn 2hr reserve at WUSTL Olin Library! Ankit Fadia, "Network Security : A Hacker's Perspective," Course Technology Ptr, May-06, 415 pp., ISBN:1598631632. ! Vincent J. Nestler, et al, "Computer Security Lab Manual," McGraw-Hill, 2006, 755 pp., ISBN:0072255080.! Gert DeLaet, Gert X. Schauwers, "Network Security Fundamentals," Cisco Press, Sep-04, 400 pp., ISBN:1587051672. ! Richard Bejtlich, "The Tao Of Network Security Monitoring: Beyond Intrusion Detection," Addison-Wesley, Jul-04, 798 pp., ISBN:321246772. ! Eric Rescorla, "SSL and TLS: Designing and Building Secure Systems," Addison-Wesley, Oct-00, 499 pp., ISBN:201615983.1-10©2007 Raj JainCSE571SWashington University in St. LouisSupporting Books (Cont)Supporting Books (Cont)! Jon C. Snader, "VPNs Illustrated: Tunnels, VPNs, and IPsec," Addison-Wesley Professional, Oct-05, 480 pp., ISBN:032124544X. ! Matt Bishop, "Introduction to Computer Security," Addison-Wesley Professional, Oct-04, 784 pp., ISBN:0321247442.! Saadat Malik, "Network Security Principles and Practices," Macmillan Technical Pub, Nov-02, 400 pp., ISBN:1587050250. ! Jan Harrington, "Network Security: A Practical Approach," Morgan Kaufmann Pub, Mar-05, 365 pp., ISBN:123116333.! Wenbo Mao, "Modern Cryptography: Theory and Practice," Prentice Hall Ptr, Jul-03, 648 pp., ISBN:0130669431.1-11©2007 Raj JainCSE571SWashington University in St. LouisTentative Schedule Tentative Schedule1-12©2007 Raj JainCSE571SWashington University in St. LouisTentative Schedule (Cont)Tentative Schedule (Cont)1-13©2007 Raj JainCSE571SWashington University in St. LouisTentative ScheduleTentative Schedule1-14©2007 Raj JainCSE571SWashington University in St. LouisGradingGrading! Mid-Terms (Best 1 of 2) 30%! Final Exam 30%! Class participation 5%! Homeworks 15% ! Project 20%1-15©2007 Raj JainCSE571SWashington University in St. LouisProjectsProjects! A survey paper on a network security topic" Wireless Network Security" Key Exchange Protocols " Comprehensive Survey: Technical Papers, Industry Standards, Products! A real attack and protection exercise on the security of a system (web server, Mail server, …) – Groups of 2 students (Hacker and Administrator)! Average 6 Hrs/week/person on project + 9 Hrs/week/person on class! Recent Developments: Last 5 to 10 years ⇒ Not in books! Better ones may be submitted to magazines or journals1-16©2007 Raj JainCSE571SWashington University in St. LouisProjects (Cont)Projects (Cont)! Develop a hack tool to break the security of a system.! Develop a tool to protect from the hack tool.! Goal: Provide an insight (or information) not obvious before the project.! Real Problems: Thesis work, or job! Homeworks: Apply techniques learnt to your system.1-17©2007 Raj JainCSE571SWashington University in St. LouisProject ScheduleProject ScheduleMon 10/8/07 Topic Selection/ProposalMon 10/15/07 References Due Mon 10/29/07 Outline Due Mon 11/12/07 First Draft/Demo Due Mon 11/19/07 Reviews/comments ReturnedMon 12/3/07 Final Report Due1-18©2007 Raj JainCSE571SWashington University in St. LouisOffice HoursOffice Hours! Monday: 11 AM to 12 noon Wednesday: 11 AM to 12 noon! Office: Bryan 405D! Teaching Assistant: Chakchai So-in, Bryan 5161 hour/week – Group meeting! CSE 571 Security Lab: Bryan 5161-19©2007 Raj JainCSE571SWashington University in St. LouisFrequently Asked QuestionsFrequently Asked Questions! Yes, I do use “curve”. Your grade depends upon the performance of the rest of the class.! All homeworks are due on the following Monday unless specified otherwise.! Any late submissions, if allowed, will *always* have a penalty.! All exams are open-book and extremely time limited.! Exams consist of numerical as well as multiple-choice (true-false) questions.! There is a negative grading on incorrect multiple-choice questions. Grade: +1 for correct. -1/(n-1) for incorrect.! Everyone including the graduating students are graded the same way.1-20©2007 Raj JainCSE571SWashington University in St. LouisSummarySummary! Goal: To prepare you for a job as a secure systems administrator! There will be a lot of self-reading and writing! Get ready to work hard1-21©2007 Raj