REMINDER: The Midterm Examination is scheduled for Thursday November 12 - in lecture room.
In-class seminar presentations by students will
take place according to the schedule below:
|
NOTE:
Each student must provide a copy of their presentation slides to Dr. Kent
immediately after their presentation.
Instructor: Dr.
Robert D. Kent < rkent@uwindsor.ca
>
Office Hours: Monday and Wednesday, 10:00am to
12:00noon LT 5100
NOTE: From time to time, office hours may be
cancelled without notification.
Dr. Kent monitors his email
regularly and students are encouraged to
communicate with him
through email.
Course Requirements and Schedule:
Midterm Exam #1 |
%20 |
Thursday
November 12 - in lecture room |
Individual
research essay |
%20 |
Sunday
November 22 (23:59:59ET) - Submitted by email to Instructor |
Individual
presentation |
%10 |
Seminar
presentation to class, in lecture – see table above |
Projects
I (groups) |
%25 |
Reports,
presentations, implementations, etc – Due Date: TBA
- ) - Submitted by email to Instructor |
Projects
II (groups) |
%25 |
Reports,
presentations, implementations, etc – Due Date: TBA
- ) - Submitted by email to Instructor |
Each student will write and submit
an essay that involves research into a specific topic in Networks and
Security. This topic may form the basis
for the in-class Presentation (see below) if the student chooses, or it may be
completely independent. Students must
submit their topic choice to the Instructor for approval before beginning
work. The essay should be between 10-15
pages in length using the IEEE
format for writing papers for conferences (using Word). Proper citation style and formatting must be
used. All essays must be written by the
student in their own words (except when quoting other authors, with citations). The essay will be submitted by email to the
Instructor.
Each student will give a
Presentation in the regularly scheduled class at a time and date to be
determined by the class and Instructor.
The topic must be approved beforehand by the Instructor. The presentation must be 13-15 minutes in
length, including a few minutes for questions and answers from the class. The presentation slides must be submitted by
email to the Instructor immediately following the actual presentation in class. Note that the topic may be the same as the
Research Essay (see above).
Two of the assignment exercises below must be completed as two projects, I and II respectively, undertaken by a group. Students are expected to work in groups of up to 3 members. The practical experience offered through these exercises is considerable and excellent learning can be achieved through doing the work, both independently and in a group. Note that each assignment is provided as a .zip file.
Each group must submit a detailed report on each chosen Assignment (from the list including 1 to 5 below), listing their group members and the progress made on the assignment questions and goals. It is expected that most of the questions and goals described will be achieved, but not necessarily every question or goal. All group members will receive the same grade.
All students should read the textbook where these exercises are described. Additional informational resources may be available on the publisher’s website for the textbook. For added resources, the textbook describes where to go to on the web to find what you may need. Note that all practical aspects of the assignment work must be adapted to our local environment with unique examples provided – screen shots of activities on remote websites will not be accepted, in general.
Assignment |
Description |
1 |
|
2 |
|
3 |
|
4 |
|
5 |
Required Textbook:
Cryptography and Network Security: Principles and Practice, (6th Edition)
By William Stallings
Publisher: Prentice Hall
Some Additional References: (Not Required,
but recommended.)
-
Penetration testing: A Hands-On
Introduction to Hacking
By Georgia Weidman
Publisher: No Starch Press, San
Francisco 2014
- Practical
Malware Analysis
by Michael Sikorski and Andrew Honig.
Publisher: No Starch Press, San Francisco 2012
- Modern Cryptography: Theory & Practice
By Wenbo Mao
Publisher:
Prentice-Hall
William
Stallings website:
http://williamstallings.com/cryptography/
-
Applied Cryptography: Protocols,
Algorithms, and Source Code in C
By
Bruce Schneier
Publisher:
John Wiley and Sons.
-
Network Forensics: Tracking Hackers Through Cyberspace
By
Sherri Davidoff and Jonathan Ham
Publisher:
Prentice-Hall.
Students
are advised that lecture slides are not a substitute for the lectures and the
assigned readings from the textbook.
Examination questions, Assignments and Projects will require deeper
understanding that can only be gained by additional textbook reading.
Week |
Topics and Lecture Notes
(Stallings) |
Week |
Topics and Lecture Notes
(Stallings) |
1-2 |
Topics:
Introduction and Overview of Security Lecture notes: Security Basics (Kurose & Ross) |
Week 7 |
Topics:
Cryptographic Data Integrity Algorithms:
Cryptographic Hash Functions.
Message Authentication Codes. Lecture notes: Chapter 12 |
Week 2-3 |
Topics: Classical
Encryption Techniques. Block Ciphers
and the Data Encryption Standard |
Week 8 |
Topics: Digital
Signatures. |
Week 4-5 |
Topics: Basic
Concepts in Number Theory and Finite Fields.
Advanced Encryption Standard. |
Week 9 |
Topics: Mutual
Trust: Key Management and Distribution. User Authentication. Lecture notes: Chapter 15 |
Week 6-7 |
Topics: Block
Cipher Operation. Pseudorandom Number
Generation and Stream Ciphers. |
Week 10 |
Topics: Network
Access Control and Cloud Security.
Transport-Level Security. Lecture notes: Chapter 17 |
Week 5 |
Topics:
Asymmetric Ciphers: More
Number Theory. |
Week 11 |
Topics: Wireless
Network Security. Electronic Mail
Security. Lecture notes: Chapter 19 |
Week 6 |
Topics:
Public-Key Cryptography and RSA. Other
Public-Key Cryptosystems. Lecture notes: Chapter 10 |
Week 12 |
Topics: IP
Security. |
|
|
|
Following
are some website links relevant to this course.
Students are asked to inform the Instructor about other such websites –
they may be added to the listing below.
·
https://www.schneier.com/blog/archives/2013/09/conspiracy_theo_1.html
·
https://www.schneier.com/blog/archives/2013/09/the_nsas_crypto_1.html
·
https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html
·
https://www.schneier.com/blog/archives/2013/09/google_knows_ev.html#comments
·
http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
·
Bloomberg:
http://www.businessweek.com/articles/2013-09-06/dear-nsa-thanks-for-making-us-all-insecure
·
Old
net addresses run out in US - the last IPV4 addresses have been assigned, and
there are none left. http://www.bbc.co.uk/news/technology-34356770
SAGE is a
CAS (Computer Algebra System) that may prove invaluable in learning and
exploring the mathematics of cryptography.
Read the textbook and visit the website to download the SAGE system and
obtain additional reference and reading materials.
SAGE Website: http://www.sagemath.org
Brief Description |
Links |
Heartbleed
Bug |
|
Bash Bug |
http://www.cbc.ca/news/technology/new-bash-computer-bug-may-be-worse-than-heartbleed-1.2777514
http://www.zdnet.com/first-attacks-using-shellshock-bash-bug-discovered-7000034044/
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability |
XcodeGhost |
Apple
lists top 25 apps hit by malware - http://www.theglobeandmail.com/report-on-business/apple-lists-top-25-apps-hit-by-malware/article26513605/
|
The
professor and teaching assistant for 60-367 will put a great deal of effort into
helping students to understand and to learn the material in the course. However, they will not tolerate any form of
cheating.
The
professors and teaching assistants will report any suspicion of cheating to the
Director of the School of Computer Science.
If sufficient evidence is available, the Director will begin a formal
process according to the University Senate Bylaws. The instructor will not negotiate with
students who are accused of cheating but will pass all information to the
Director of the School of Computer Science.
The
following behaviours will be regarded as cheating (together with other acts
that would normally be regarded as cheating in the broad sense of the term):
·
Copying
assignments
·
Allowing
another student to copy an assignment from you and present it as their own work
·
Copying
from another student during a test or exam
·
Referring
to non-approved notes, textbooks, etc. during a test or exam
·
Talking
during a test or an exam
·
Communicating
with another student in any way during a test or exam
·
Having
access to the exam/test paper prior to the exam/test
·
Asking
a proctor for the answer to a question during an exam/test
·
Presenting
another person’s work as your own
·
Using
web resources and information without proper referencing and quotation
indicators
·
Modifying
answers after they have been marked and attempting to use those to support an
appeal
·
Any
other behaviour which attempts unfairly to give you an advantage over other
students in the grade-assessment process
·
Refusing
to obey the instructions of the officer in charge of an examination.
Copyright 2015. Dr. Robert D. Kent. All rights reserved. All content on this website is the
responsibility of R. D. Kent. Report all errors and problems to Dr. Kent.