CIS/CSE 644: Internet
This course provides an in-depth study of various network attacks
techniques and methods to defend against them. A number of threats
and vulnerabilities of the Internet will be covered, including
various vulnerabilities of TCP/IP protocols, denial of service (DOS),
attacks on routing, attacks on DNS servers,
TCP session hijacking, and so on. This course will also cover defending
mechanisms, including intrusion detection, firewalls, tracing the
source of attacks, anonymous communication,
IPsec, virtual private network, and PKI. To make it easy for students
to understand these attacks, basics of the TCP/IP protocols will
also be covered in the course.
The course adopts the "learning by doing" principle. Students
are supposed to learn the attacks by performing them in a restricted
environment or a simulated environment. They will also play with a
number of security tools to understand how
they work and what security guarantee they provide. The experiments
conducted in the virtual machine environments and/or in minix
environments. Students are expected to have a solid foundation
in C and Unix programming.
Office: SciTech Building, Room 4-285
Email address: email@example.com
- Suggested: Introduction to
by Michael T. Goodrich and Roberto Tamassia.
Addison Wesley, 2010.
- Suggested: Internetworking with
TCP/IP Vol.1: Principles, Protocols, and Architecture ,
by Douglas E. Comer. Pearson Education,
- Graduate Students
- 50%: Final Exam.
- 50%: Labs and Projects.
- Note: If your final-exam score is way too low (below certain threshold),
you will be asked
to demonstrate each of your project in front of me. An extremely low score on the final exam
usually indicates that the student did not do the labs by himself/herself, because a significant
portion of the final exam is based on the labs.
- Undergraduate Students
- 40%: Final Exam.
- 48%: Labs (demo and report).
- 12%: Lab attendance (one point for each lab).
- Late Homework Policy
- 10% penality per day.
- I reserve the right to discuss the homework
in the class after the due day; in that case, all late submissions will receive 0 point.
- TCP/IP Protocols, Vulnerabilities, Attacks, and Countermeasures
- ARP protocol and ARP cache poisoning.
- IP protocols, packet sniffering, IP Spoofing, IP
- ICMP protocol and ICMP misbehaviors.
- TCP protocol, TCP session hijacking, SYN flooding attacks, and
DoS attacks, and DDoS attacks.
- IP Routing protocols and Attacks.
- DNS and Pharming attacks.
- BGP protocols and Attacks
- Port scanning and signature identification.
- Basic Cryptography
- Secret-Key Encryption
- One-way Hash Functions
- MAC (Message Authentication Code)
- Public-Key Encryption
- Digital Signatures
- Certificate and Public-Key Infrastructure (PKI)
- Diffie-Hellman Key Exchange
- Kerberos Protocol
- Case Studies: Implementing Crypto in Systems
- Network Security Mechanisms
- Secure Socket Layer (SSL) and Transport Layer Security (TLS)
- Virtual Private Networks
- Intrusion Detection