CSE598k / CSE545 Advanced Network Security



Similar documents
Lecture 1 - Overview

Advanced Systems Security

Module: Introduction. Professor Patrick McDaniel Spring CMPSC443 - Introduction to Computer and Network Security

Module: Introduction. Professor Trent Jaeger Fall CSE543 - Introduction to Computer and Network Security

CSC574 - Computer and Network Security Module: Introduction

CIS433/533 - Computer and Network Security Introduction

CSCI 4250/6250 Fall 2015 Computer and Network Security. Instructor: Prof. Roberto Perdisci

Applied Network Security Course Syllabus Spring 2015

6306 Advanced Operating Systems

CNA 432/532 OSI Layers Security

Syllabus: IST451. Division of Business and Engineering. Penn State Altoona

Wireless Network Security Spring 2015

Integrating Security and Usability at Requirement Specification Process

Course mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication

UVic Department of Electrical and Computer Engineering

Outline Overview. Course Description

Applied Information Technology Department

CS 458 / 658 Computer Security and Privacy. Course mechanics. Course website. Module 1 Introduction to Computer Security and Privacy.

Syllabus: SCML 3106 Principles of Supply Chain Management

Common Syllabus Revised

Spring 2013 CS 6930 Advanced Topics in Web Security and Privacy - 3 Credit Hours Syllabus and Course Policies

New York City College of Technology Computer Systems Technology Department

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline

IT 101 Introduction to Information Technology

Building RFID Applications with Security and Privacy

Texas A&M University-Central Texas Math College Geometry M,T,W,R 2:00pm to 4:30pm

CGN 6150 Engineering Project Management Summer C No pre-requites and no co-requisites

AGEC $424$ Syllabus. Financial Management of Agricultural Businesses

CGN 6150 Engineering Project Management Summer C No pre-requites and no co-requisites

MKTG 330 FLORENCE: MARKET RESEARCH Syllabus Spring 2011 (Tentative)

OPERATIONS, BUSINESS ANALYTICS & INFORMATION SYSTEMS

Department of Computer & Information Sciences. CSCI-445: Computer and Network Security Syllabus

Vanguard University of Southern California Natural Science and Mathematics

J320 Stratcom I: Introduction to Strategic Communication Spring 2016

Cracking and Computer Security

ACADEMIC CONTINUATION PLAN

Medical Biochemistry BC 362 Fall 2014

Course Outline. 1. COURSE INFORMATION Session Offered Winter 2012 Course Name Biochemistry

CSE 40437/ Social Sensing and Cyber- Physical Systems - Spring 2015

F l o r i d a G u l f C o a s t U n i v e r s i t y S t a t i s t i c a l M e t h o d s F a l l C R N

Network Security Course Specifications

INFO & 090 Business Data Communications and Information Security Fall 2014

CIS 56 (CRN: 33372) Hybrid Course Winter, 2016

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

ITNW1392 Special Topics in Computer Systems Networking and Telecommunications COURSE SYLLABUS

INFO 2130 Introduction to Business Computing Fall 2014

This four (4) credit hour. Students will explore tools and techniques used penetrate, exploit and infiltrate data from computers and networks.

Statistics and Research Methods in Psychology ROWAN UNIVERSITY. Fall MW 1:45-4:30 MW 4:45-7:15 Robinson 102 Robinson 102

IDS and Penetration Testing Lab ISA 674

Introduction to Psychology (PSY 120)

INFO 2130 Introduction to Business Computing Spring 2013 Self-Paced Section 006

DEPARTMENT OF FAMILY RELATIONS AND APPLIED NUTRITION University of Guelph FRHD *2260 INFANT DEVELOPMENT. Winter 2015 COURSE OUTLINE

UCC1: New Course Transmittal Form

CIS 160 ST: Web Design and Technology

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

Philadelphia University Faculty of Information Technology Department of Computer Science --- Semester, 2007/2008. Course Syllabus

University of Lethbridge LOGI 1000 XOL/YOL/ZOL. Critical Thinking

PEC 479 Sport Management Course Syllabus

Lecture 1: Course Introduction"

Course Syllabus. Course code: Academic Staff Specifics. Office Number and Location

CSE 544 Principles of Database Management Systems. Magdalena Balazinska (magda) Winter 2009 Lecture 1 - Class Introduction

GEOG 5200S Elements of Cartography : Serving the Community Through Cartography Spring 2015

Class Day & Time: Tuesday & Thursday, 10:25 am 1:25 pm Office Location: INST 2014 Classroom: INST 2014

Introduction to Business Course Syllabus. Dr. Michelle Choate Office # C221 Phone: Mobile Office:

or simply Google John Penn WVU and take the top hit. Useful Websites to Help the Organic Chemistry Class

DSBA/MBAD 6211 Advanced Business Analytics UNC Charlotte Fall 2015

MIS W: Mobile Business

Network Security. Instructor: Adam Hahn

Categorical Data Analysis

PSYCHOLOGY Fundamentals of Psychology II. Mixed Mode COURSE OUTLINE

International Journal of Asian Social Science LEARNING MANAGEMENT SYSTEM USING MULTI-AGENT TECHNOLOGY: A PROPOSED IMPLEMENTATION STRATEGY

CS 340 Cyber Security Weisberg Division of Computer Science College of Information Technology & Engineering Marshall University

ISM and 05D, Online Class Business Processes and Information Technology SYLLABUS Fall 2015

INTRODUCTION TO INFORMATION TECHNOLOGY

Required For This Class 1. YOU ARE REQUIRED TO HAVE THE BOOK AND ATTEND CLASS. (NO EXCUSES)

CIS/MKTG4500 Customer Relationship Management

ISBN: Custom Textbook + MindTap Access Card:

CIS Information and Database Systems I. Course Syllabus Spring 2015

CSUS COLLEGE OF ENGINEERING AND COMPUTER SCIENCE Department of Computer Science (RVR 3018; /6834)

ACG (10061) INTERMEDIATE THEORY III (3 credit hours) Tentative Syllabus spring 2012 Class hours: Wednesdays, 7:10 p.m. 10:00 p.m.

BUS Computer Concepts and Applications for Business Fall 2012

Microsoft STRIDE (six) threat categories

Anderson Schools of Management Accounting Department Revised 1/7/2014 COURSE SYLLABUS Check LMS for most current! MGT 490/594 CPA Exam Preparation

CEDAR CREST COLLEGE Psychological Assessment, PSY Spring Dr. Diane M. Moyer dmmoyer@cedarcrest.edu Office: Curtis 123

IST359 INTRODUCTION TO DATABASE MANAGEMENT SYSTEMS

Philosophy 3: Critical Thinking University of California, Santa Barbara Fall 2011

Kent State University, College of Business Administration. Department of Accounting, Fall REVISED Aug 22, Instructor:

LCC 2500: Introduction to Film

El Camino College Chemistry 1B: General Chemistry II Instructor: Dr. Melvin Kantz Office: Chem

ITK 214 Social, Legal, and Ethical Issues in Information Technology

Introduction to Computer Forensics Course Syllabus Spring 2012

Transcription:

CSE598k / CSE545 Advanced Network Security Lecture 1 - Introduction Prof. Patrick McDaniel Systems and Internet Infrastructure Security Laboratory (SIIS) 1

Oops... 2

Network Security No really good definition, so we will accept the following for this course: The study of the security of systems, applications, infrastructure, and tools that relate to online computing. Implication Networks: physical layer, protocols, and flows Applications: how they are designed and People and Policy: how do we use these system and what kinds of security do we need? 3

Network Security Questions How is this different than other types of security? Is the distinction between network security and other types of security meaningful any more? Is there anything more to study? 4

CERT Reports AOL Media Playback OpenSSL FIPS Questions What are the vulnerabilities? How can you exploit them? What is the cause? 5

Why are we here? -- Goals Our goal: to provide you with the tools to perform research in. Evaluating network security techniques Designing network security solutions Attacking network infrastructure Developing analysis methods This is going to be a time-consuming course. The key to success is sustained effort. Failure to keep up with readings and assignments will likely result in poor grades, and little understanding of the course material. Pay-off: network security research competence is a necessary, rare, valuable skill 6

Course Materials Website - We are maintaining the course website at http://www.cse.psu.edu/~mcdaniel/cse545/index.html Course assignments, slides, and other artifacts will be made available on the course websites 7

Course Calendar The course calendar as all the relevant readings, assignments and test dates Please check the website frequently for announcements and changes to the schedule. Students are responsible for any change on the schedule (we will try to make announcements in class). 8

Grades Grading policy 40% Course Project 20% Assignments 25% Final Exam 15% Class Participation, quizzes Lateness policy - Assignments are assessed a 10% per-day late penalty, up to a maximum of 4 days. Unless the problem is apocalyptic, don't give us excuses. Students with legitimate reasons who contact the professor before the deadline may apply for an extension. 9

Activities Homework reductions, logic problems, etc. readings, readings, readings... Projects perform some limited attack or desgin perform analysis of something interesting Quizzes if you don t do the reading... 10

Ethics Statement This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class. When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse under any circumstances unless you have received explicit permission from Professors Jaeger or McDaniel. 11

Read for Next week Jerome H. Saltzer, David P. Reed, and David D. Clark. Endto-end arguments in system design. ACM Transactions on Computer Systems 2, 4 (November 1984) pages 277-288. K. Thompson, "Reflections on Trusting Trust," Communications of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763. J.H. Saltzer and M.D. Schroeder. Part I-A of The Protection of Information in Computer Systems. Proceedings of the IEEE, 63(9):1278-1308, 1975. 12

Assignment: Due 1/28 Follow these steps: 1. Download on Linux or OS/X a VM system 2. Install a Linux operating system running in a VM 3. Install different kinds of network servers 4. Download and install Metasploit tool 5. Compromise the server over the network Write a report, with screen shots and log files that describes a network attacks ~ at least 1 page text each in deep detail of the attack and how it works. 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information