CIS/CSE 644: Internet Security




This course provides an in-depth study of various network attacks techniques and methods to defend against them. A number of threats and vulnerabilities of the Internet will be covered, including various vulnerabilities of TCP/IP protocols, denial of service (DOS), attacks on routing, attacks on DNS servers, TCP session hijacking, and so on. This course will also cover defending mechanisms, including intrusion detection, firewalls, tracing the source of attacks, anonymous communication, IPsec, virtual private network, and PKI. To make it easy for students to understand these attacks, basics of the TCP/IP protocols will also be covered in the course.

The course adopts the "learning by doing" principle. Students are supposed to learn the attacks by performing them in a restricted environment or a simulated environment. They will also play with a number of security tools to understand how they work and what security guarantee they provide. The experiments will be conducted in the virtual machine environments and/or in minix environments. Students are expected to have a solid foundation in C and Unix programming.


Wenliang (Kevin) Du
Office: SciTech Building, Room 4-285
Phone: 443-9180
Email address: