CSE 331 - Introduction to Networks and Security

Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
CSE 331 - Introduction to Networks and Security

CSE 331 - Introduction to Networks and Security
Fall 2006

Announcements Schedule Reading Homework Description Policies

Time: MWF 11:00 - noon
Room: Towne 321

Instructor:

Steve Zdancewic
e-mail: stevez AT cis.upenn.edu
office hours: Tues. 9:30-10:30 (and by appointment) Levine 511

Teaching Assistants

Savi Basavaraj
e-mail: savi AT seas.upenn.edu
office hours: Fri. 4:30-5:30 Levine 310

Announcements:

06.09.2006 -- Class begins.

Description:

This course introduces basic concepts in secure network communications and computer security. It covers the key concepts of networking, including basic attributes of current direct link networks (Ethernet), how they are connected to form an internetwork using IP, routing in internetworks, and the endpoint protocols used by hosts to exploit internetwork communication. The course also introduces basic concepts of security such as confidentiality, integrity, and availability. It provides an introduction to cryptography including symmetric and asymmetric key schemes and digital signatures, and shows how these methods are used to construct secure communication protocols for network communication. In addition, the course examines software and systems security, including buffer overflows, viruses, worms, and firewalls. Throughout, the course emphasizes fundamental security principles such as access control and authentication.

Networks & Infrastructure: Ethernet, TCP/IP, Denial of Service, IPSEC, TLS/SSL
Security Policies and Principles: confidentiality, integrity, availability, authentication, access control
System Security: hacker behavior, intrusion & anomaly detection, hacker and admin tools
Basic Cryptography: Shared key (AES/DES), Public key (RSA), hashes (sha1/MD5)
Cryptographic protocols: authentication, digital signatures, key exchange
Malicious code: buffer overflows, viruses, worms, protection mechanisms

Reading and Course Material

There is no required textbook for CSE331.

The following books contain useful course material, and much of the lecture content is derived from them (and other sources). Copies of these books are on reserve in the Penn Engineering Library.

Security in Computing (3rd edition) by Pfleeger and Pfleeger
Computer Networks: A Systems Approach (3rd edition) by Larry L. Peterson and Bruce S. Davie
Applied Cryptography (2nd edition) by Bruce Schneier

In addition, the following papers and web sites provide supplementary material. Reading selections from these sources will be announced in class.

Security Engineering, Ross Anderson's textbook
The Protection of Information in Computer Systems, Saltzer & Schroeder (1975)
Smashing the Stack for Fun and Profit, Aleph One (1996)
Cyclic Redundancy Check (CRC) on Wikipedia
The Internet Worm Program: An Analysis, Gene Spafford (1988)
Kerberos: An Authentication Service for Open Network Systems, Steiner, Neuman, Schiller (1988)
Kerberos FAQ
Introduction to the Internet Protocols, Charles L. Hedrick (Rutgers). This 1987 tutorial is surprisingly up to date, and is a very concise introduction to the basics of the Internet protocols.
Open SSL web page. The OpenSSL library is installed on eniac-l.
"A look Back at 'Security Problems in the TCP/IP Protocol Suite'". S. M. Bellovin. 20th Computer Security Applications Conference. December 2004.
"Advanced 4.4BSD Interprocess Communication Tutorial." Lefler, et al.
Why Cryptosystems Fail, Ross Anderson (1993)
Inside the Slammer Worm, Moore et al. (2003).
How to 0wn the Internet in Your Spare Time , Staniford, Paxson, and Weaver (2002).
Top Speed of Internet Flash Worms, Staniford, Moore, Paxson, and Weaver (2004).
Internet Quarantine: Requirements for Containing Self-propagating Code, Moore et al. (2003)
Automated Worm Fingerprinting, Singh et al. (2004)
Bro Intrusion Detection System
Bro: A System for Detecting Network Intruders in Real-Time, Vern Paxson. (1998)
NSA Central Security Service
TCSEC
CERT
National Information Assurance Training and Information Center
Web pages of previous versions of CSE 331: [2004] [2003] [2002]
An example midterm 1 exam from Fall 2004. (Note that the material covered in that instance of the class was slightly different and presented in a different order.)
An example midterm 2 exam from Fall 2003. (Note that the material covered in that instance of the class was slightly different and presented in a different order.)
An example final from Fall 2003. (Note that the material covered in that instance of the class was slightly different and presented in a different order.)
Class newsgroup: upenn.cis.cse331

Homework and Projects

Project 1: Buffer Overflows -- Due: 25 Sept. 2006
Avg. 82
Std. Dev. 8
Homework 1 -- Due: 29 Sept. 2006
Solutions
Project 2: Network Intrusion Detection System -- Due: 25 Oct. 2006
Homework 2: Homework 2 -- Due: 3 Nov. 2006 *NEW DATE*
Solutions
Project 3: Cryptography -- Due: 20 Nov. 2006
Project 4: Secure Distributed Banking -- Due: 8 Dec. 2006 at midnight
- Project4.tar.gz
Homework 3: Homework 3 -- Due: 8 Dec. 2006 11:00 AM
Solutions

Lecture Slides and Notes

Schedule
Date	Topic	Notes
06/09	Course overview / Introduction to Security
08/09	Buffer overflows
11/09	Network Basics
13/09	Network Architecture
15/09	Framing & Reliable Transmission
18/09*	Ethernet & 802.11	Guest Lecturer
20/09*	IP: Internet Protocol	Guest Lecturer
22/09	IP Subnetting & Routing	Add period ends
25/09	Reliable Transmission & Sliding Window
27/09	TCP
29/09	UDP / Application Level / ARP / DNS
02/10	NATs and Firewalls
04/10	Network Security / DoS / Malicious Code
06/10	Midterm I
09/10	Malicious Code & Viruses
11/10	-- no class --
13/10	Worms and Worm Propagation	Drop period ends
16/10	Worm Confinement: Quantative Analysis
18/10	Intrusion Detection
20/10	Intrusion Detection Cont'd / Worm Detection
23/10	Fall Break	No class
25/10	Worm Detection / Polymorphic Worms & Virsuses
27/10	Intro to Cryptography / Substitution Ciphers
30/10	Cracking Substitution Ciphers
01/11	Shared Key Cryptography: DES
03/11*	Language-based Security	Guest Lecturer: Peng Li
06/11	AES / Hashes / Public Key Cryptography: RSA
08/11	RSA continued
10/11	Midterm II
13/11	Diffie Hellman Key Exchange / Dolev-Yao Model / Protocols
15/11	Authentication Protocols
17/11	Digital Signatures
20/11	Key Distribution / Needham-Schroeder
22/11	Kerberos	Thanksgiving Break begins
24/11	Thanksgiving Break	No class
27/11	SSH / Human Authentication
29/11	Passwords / SKey
01/12	Access Control
04/12	Unix/Windows Access Control
06/12	Mandatory Access Control
08/12	Web Security / Course Overview	Class ends
*indicates dates when Prof. Zdancewic will be away.

Course Policies

Prerequisites

This course is for Juniors and Seniors with some experience in Java and C programming. They are expected to have completed CSE 121 or 115 and CSE 240, or have permission of the instructor. Students who have taken, or are currently taking TCOM 500 should not take CSE 331. Instead, they should consider taking CIS 551.

Grading Criteria

Grades for CSE 331 will be based on individual homework assignments, team projects, two in-class exams, and a final exam. The policies regarding each of these are described below.

20% Individual Homework
40% Group projects
12% Midterm I
12% Midterm II
15% Final exam
01% Course participation

Grading Policies

Individual homework assignments will be available on the web pages. They are to be completed independently and turned in at the beginning of class on the due date.
Late homework will not be accepted without prior permission of the instructor unless there are emergency circumstances.
Teams for group projects will consist of two or three students. Students are not permitted to work individually on the team projects.

Regrade Policy

Regrade requests should be sent to the TA. Only reasonable requests will be considered. The entire homework or exam will be regraded. Note that this means that the score on a regraded homework might decrease.

Academic Integrity

This course will abide by the University's Code of Academic Integrity. In particular, for individual projects and group projects, the following guidelines should be followed:

For individual projects, you must type in and edit your own code, documentation, and any other materials submitted for grading.
- Copying someone else's file is not allowed.
- Allowing someone else to copy a file of yours, either explicitly or implicitly by leaving your code unprotected, is not allowed.
- Editing each other's files is not allowed
Regarding the ethics of what you may or may not discuss with others:
- "High level" discussions are fine.
  For example, discussions about the problem statement.
- "Low level" discussions are fine.
  For example, discussions about C syntax or using gdb, understanding compiler error messages, understanding the mechanics of the tools and libraries used for the projects.
- "Mid level" discussions require discretion. In this CIS course, discussions at this level must be limited. Unless explicitly stated otherwise, you may not collaborate significantly with classmates (except group project members) at this level. If you have minor discussions with others at this level or get help from outside resources (tutors, web sites, etc), you must cite at the top of the submitted projects the names of the people or websites who helped you and how they did. For example:
```
      /**
       * Chris Brown
       * Project 1
       * 5/6/2007
       * I received tips from Jo Johnson on the i/o and example.com/mem.htm on memory
       */
        
```
If there is any doubt about the use of external sources or collaboration, please ask for clarification by the course staff.