Network SecuritySpring 2022

This course introduces students to the threats as well as defenses for securing networks. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. Topics covered include network security, authentication, security protocol design and analysis, security modeling, trusted computing, key management, program safety, intrusion detection, DDoS detection and mitigation, architecture/operating systems security, security policy, web security, and other emerging topics.

Professors

Dr. Fareed Zaffar
Office hours: Tuesday 12:15-1:00PM (Zoom)
Dr. Wajih Ul Hassan
Office hours: Friday 2-3 PM (Zoom)

Teaching Assistants

Maham Ghazanfar (2022-10-0016)
Office hours: Friday 10-11 AM
Muhammad Faraz Karim (2022-10-0002)
Office hours: Wednesday 3:30-4:30 PM
Mati Ur Rehman (2022-10-0173)
Office hours: Monday 5-6 PM
Rukhshan Haroon (2022-10-0195)
Office hours: Friday 6-7 PM

Lectures

TTh 11:00AM-12:15PM

Format

This class will be 100% online, with both synchronous and asynchronous lectures.

Required Text Book

There is NO specific textbook for this course. The following books can be used as a supplement:
(i) Introduction to Computer Security by Goodrich and Tamassia
(ii) Computer Security: Principles and Practice, 2nd. Ed., by William Stalling and Lawrence Brown

Communications

We will make use of the following communication methods during this course:

Lectures and Office Hours:
Lecture Recordings (only lectures related to software security module and network forensic module will be recorded):
Class Discussion:
Slides, Quizzes, Exams, and Grades:

Grading

We will calculate your course grade based on these components:

Assignments	35%	Total four programming assignments. Individual or groups of 2 Five days extension with the penalty of -5% for each extra day
Quizzes	15%	Total six quizzes. Out of these six quizzes, only best four will count towards your grade.
Participation	02%	Includes in-class discussion and posting on Slack
Midterm Exam	20%	Covering material in the first half of class
Final exam	28%	Covering all material from the course

Schedule

Click here.

Assignments

Assignment#1 = Cryptography
Assignment#2 = Software Security (Memory Corruption)
Assignment#3 = Web Security (XSS, SQL Injection)
Assignment#4 = Network Forensics (Wireshark, PCAP analysis, threat hunting)

Course Expectations

The expectations for the course are that students will attend every class, do any readings assigned for class, and actively and constructively participate in class discussions. Class participation will be a measure of contributing to the discourse both in class, through discussion and questions, and outside of class through contributing and responding to the discussion forum. More information about course requirements will be made available leading up to the start of classes

Ethics Statement

This course includes topics related to computer security and privacy. As part of this investigation, we may cover technologies whose abuse could infringe on the rights of others. As computer scientists, we rely on the ethical use of these technologies. Unethical use includes circumvention of an existing security or privacy mechanisms for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class and possibly more severe academic and legal sanctions.

Credits

This course is based on NEU's CS 4740/6740 Network Security course, taught by Professor Christo Wilson.