60-467 Computer Networks Fall 2015

REMINDER: The Midterm Examination is scheduled for Thursday November 12 - in lecture room.

STUDENT PRESENTATIONS SCHEDULE

In-class seminar presentations by students will take place according to the schedule below:

Start Time	Tues. Nov. 17	Thurs. Nov. 19	Tues. Nov. 24	Thurs. Nov. 26
1:00	Almeida	Betts	Muresan	Speelman
1:20	Chaudhry	Charlopov	Alleyne	Khan
1:40	Philipose	Sullivan	Covelli	Petrozzi
2:00	St Pierre	Collard	Lam	Jafari
2:20			Bennett	Hompoth

NOTE: Each student must provide a copy of their presentation slides to Dr. Kent immediately after their presentation.

Instructor: Dr. Robert D. Kent < rkent@uwindsor.ca >

Office Hours: Monday and Wednesday, 10:00am to 12:00noon LT 5100

NOTE:   From time to time, office hours may be cancelled without notification.
              Dr. Kent monitors his email regularly and students are encouraged to
              communicate with him through email.

Course Requirements and Schedule:

Midterm Exam #1	%20	Thursday November 12 - in lecture room
Individual research essay	%20	Sunday November 22 (23:59:59ET) - Submitted by email to Instructor
Individual presentation	%10	Seminar presentation to class, in lecture – see table above
Projects I (groups)	%25	Reports, presentations, implementations, etc – Due Date: TBA - ) - Submitted by email to Instructor
Projects II (groups)	%25	Reports, presentations, implementations, etc – Due Date: TBA - ) - Submitted by email to Instructor

Course Outline: Click here to download Word doc.

Sample Questions for Midterm Preparation: SAMPLE MIDTERM QUESTIONS – Click Here.

Individual Research Essay:

Each student will write and submit an essay that involves research into a specific topic in Networks and Security. This topic may form the basis for the in-class Presentation (see below) if the student chooses, or it may be completely independent. Students must submit their topic choice to the Instructor for approval before beginning work. The essay should be between 10-15 pages in length using the IEEE format for writing papers for conferences (using Word). Proper citation style and formatting must be used. All essays must be written by the student in their own words (except when quoting other authors, with citations). The essay will be submitted by email to the Instructor.

Individual Presentation:

Each student will give a Presentation in the regularly scheduled class at a time and date to be determined by the class and Instructor. The topic must be approved beforehand by the Instructor. The presentation must be 13-15 minutes in length, including a few minutes for questions and answers from the class. The presentation slides must be submitted by email to the Instructor immediately following the actual presentation in class. Note that the topic may be the same as the Research Essay (see above).

Projects I and II (Groups):

Two of the assignment exercises below must be completed as two projects, I and II respectively, undertaken by a group. Students are expected to work in groups of up to 3 members. The practical experience offered through these exercises is considerable and excellent learning can be achieved through doing the work, both independently and in a group. Note that each assignment is provided as a .zip file.

Each group must submit a detailed report on each chosen Assignment (from the list including 1 to 5 below), listing their group members and the progress made on the assignment questions and goals. It is expected that most of the questions and goals described will be achieved, but not necessarily every question or goal. All group members will receive the same grade.

All students should read the textbook where these exercises are described. Additional informational resources may be available on the publisher’s website for the textbook. For added resources, the textbook describes where to go to on the web to find what you may need. Note that all practical aspects of the assignment work must be adapted to our local environment with unique examples provided – screen shots of activities on remote websites will not be accepted, in general.

*Assignment*	*Description*
1	Sage Exercises
2	Encryption Lab Exercises
3	Firewall Tool and Exercise
4	Hack Exercises
5	Lab Exercises

Required Textbook:

Cryptography and Network Security: Principles and Practice, (6th Edition)

By William Stallings

Publisher: Prentice Hall

Some Additional References: (Not Required, but recommended.)

- Penetration testing: A Hands-On Introduction to Hacking

By Georgia Weidman

Publisher: No Starch Press, San Francisco 2014

- Practical Malware Analysis

by Michael Sikorski and Andrew Honig.

Publisher: No Starch Press, San Francisco 2012

- Modern Cryptography: Theory & Practice

By Wenbo Mao

Publisher: Prentice-Hall

William Stallings website:

http://williamstallings.com/cryptography/

- Applied Cryptography: Protocols, Algorithms, and Source Code in C

By Bruce Schneier

Publisher: John Wiley and Sons.

- Network Forensics: Tracking Hackers Through Cyberspace

By Sherri Davidoff and Jonathan Ham

Publisher: Prentice-Hall.

Lecture Schedule:

Students are advised that lecture slides are not a substitute for the lectures and the assigned readings from the textbook. Examination questions, Assignments and Projects will require deeper understanding that can only be gained by additional textbook reading.

Week	Topics and Lecture Notes (Stallings)	Week	Topics and Lecture Notes (Stallings)
1-2	Topics: Introduction and Overview of Security Lecture notes: Overview Lecture notes: Security Basics (Kurose & Ross)	Week 7	Topics: Cryptographic Data Integrity Algorithms: Cryptographic Hash Functions. Message Authentication Codes. Lecture notes: Chapter 11 Lecture notes: Chapter 12
Week 2-3	Topics: Classical Encryption Techniques. Block Ciphers and the Data Encryption Standard Lecture notes: Chapter 2-3	Week 8	Topics: Digital Signatures. Lecture notes: Chapter 13
Week 4-5	Topics: Basic Concepts in Number Theory and Finite Fields. Advanced Encryption Standard. Lecture notes: Chapter 4-5	Week 9	Topics: Mutual Trust: Key Management and Distribution. User Authentication. Lecture notes: Chapter 14 Lecture notes: Chapter 15
Week 6-7	Topics: Block Cipher Operation. Pseudorandom Number Generation and Stream Ciphers. Lecture notes: Chapter 6-7	Week 10	Topics: Network Access Control and Cloud Security. Transport-Level Security. Lecture notes: Chapter 16 Lecture notes: Chapter 17
Week 5	Topics: Asymmetric Ciphers: More Number Theory. Lecture notes: Chapter 8	Week 11	Topics: Wireless Network Security. Electronic Mail Security. Lecture notes: Chapter 18 Lecture notes: Chapter 19
Week 6	Topics: Public-Key Cryptography and RSA. Other Public-Key Cryptosystems. Lecture notes: Chapter 9 Lecture notes: Chapter 10	Week 12	Topics: IP Security. Lecture notes: Chapter 20

Websites and News Stories of Interest:

Following are some website links relevant to this course. Students are asked to inform the Instructor about other such websites – they may be added to the listing below.

· https://www.us-cert.gov/

· https://www.schneier.com/

· https://www.schneier.com/blog/archives/2013/09/conspiracy_theo_1.html

· https://www.schneier.com/blog/archives/2013/09/the_nsas_crypto_1.html

· https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html

· https://www.schneier.com/blog/archives/2013/09/the_effect_of_m.htmlhttp://www.theguardian.com/commentisfree/series/glenn-greenwald-security-liberty

· https://www.schneier.com/blog/archives/2013/09/google_knows_ev.html#comments

· http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

· Bloomberg: http://www.businessweek.com/articles/2013-09-06/dear-nsa-thanks-for-making-us-all-insecure

· LA Times: http://www.latimes.com/opinion/opinion-la/la-ol-nsa-introduced-vulnerabilities-into-encryption-snowden-reveals-20130905,0,2218463.story

· Old net addresses run out in US - the last IPV4 addresses have been assigned, and there are none left. http://www.bbc.co.uk/news/technology-34356770

Using SAGE (Appendix A.1 in Stallings, 6^th Edition, and Appendix B)

SAGE is a CAS (Computer Algebra System) that may prove invaluable in learning and exploring the mathematics of cryptography. Read the textbook and visit the website to download the SAGE system and obtain additional reference and reading materials.

SAGE Website: http://www.sagemath.org

Security Alerts in the News:

Brief Description	Links
Heartbleed Bug	http://heartbleed.com/ http://en.wikipedia.org/wiki/Heartbleed
Bash Bug	http://www.cbc.ca/news/technology/new-bash-computer-bug-may-be-worse-than-heartbleed-1.2777514 http://www.zdnet.com/first-attacks-using-shellshock-bash-bug-discovered-7000034044/ https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
XcodeGhost	Apple lists top 25 apps hit by malware - http://www.theglobeandmail.com/report-on-business/apple-lists-top-25-apps-hit-by-malware/article26513605/

Policy on cheating:

The professor and teaching assistant for 60-367 will put a great deal of effort into helping students to understand and to learn the material in the course. However, they will not tolerate any form of cheating.

The professors and teaching assistants will report any suspicion of cheating to the Director of the School of Computer Science. If sufficient evidence is available, the Director will begin a formal process according to the University Senate Bylaws. The instructor will not negotiate with students who are accused of cheating but will pass all information to the Director of the School of Computer Science.

The following behaviours will be regarded as cheating (together with other acts that would normally be regarded as cheating in the broad sense of the term):