SIL765
NETWORK AND SYSTEM SECURITY
Announcements
- What: Project0 has been released on moodle.iitd.ac.in
When: Deadline is at 11:55PM on August 26, 2014
- To access video lectures go to ETSC .
On the webpage, click on "List of Departments & Centres".
Select "Computer Science Engineering" on next webpage.
You will find the links for video lectures once you select "Network & System Security" from the courses.
Description
This 4 credit course will cover topics in network and systems security & is in C SLOT.
Course Organization
Instructor: Anupam Joshi
Office: CSIA Lab (IIA - 311)
E-Mail Address: ajoshi@iitd.ac.in
, joshi@umbc.edu Office Hours: Walk in, or by appointment |
TA: Chandrika Bhardwaj
Office: Verification Lab (IIA - 411)
E-Mail
Address: chandrika AT cse DOT iitd DOT ac DOT in
Office Hours: Tue. Thu. 2:30 pm - 3:30 pm |
Required Text: Network Security Essentials, William Stallings, 5th Edition
In addition, a number articles and notes will be made available by the instructor.
Prerequisites:
CS & EE students with UG level background
in Operating Systems (CSL331(CSL373) or equivalent) and networking (CSL374(CSL334) or equivalent). The graduate students taking this course are expected to be familiar with this material. The UG students must have OS, and be prepared to catch up a bit as needed on networking concepts. Talk to the instructor if
you would like to take the course, but are not sure of your background.
Course Information (or Stuff you should know up front ...)
A few noteworthy points. First, this is a course meant for
CS/EE graduate students or advanced undergraduates. This course will assume that you are largely
familiar with the OS basics (process management, memory management,
disk management, filesystems, protection) typically taught in
undergrad OS courses (such as CSL331(CSL373)).
In addition, we assume that
you are proficient in programming (i.e., have written more complex
programs than typically assigned in CSL100/CSL101/CSL102 courses).
In case your
background is deficient, it is your responsibility to catch up. In
class, I will assume that all students have the requisite
background. Second, this is a course in the "systems" area. That
means that hands on work is almost as important as theoretical
knowledge, and projects will account for almost 65% of your
grade.
Expect to be putting in significant effort! I will expect you to follow good programming practices (commenting, headers, version control, makefiles, etc. etc.) that you have learnt in previous classes. Pop Quizzes may be given if needed to "encourage" students to read the assigned material. Such quizzes will happen randomly, and cannot be made up if missed. We plan to have multiple short quizzes throughtout the semester on a continuous basis instead of the 2 minors. We will have a major on the assigned date
As we go through the course material, several reference papers will
be provided to you. For each of these papers, you will be expected to read it before we discuss it in class. A few homeworks might also be
given.
The initial plan is to do 5-6 projects. The first one will come out within a week or two.
We will use Sakai as a convenient tool for distributing course material and presenting other information. Sakai can be found at https://sakai.iitd.ac.in/portal . Sakai
will be the primary means used to provide important announcements and news about the
class, and provide links to homeworks and projects as they are
released. It is your responsibility to check it often, at least
several times a day. We will also communicate with you using your IITD email. If that is not where you primarily receive email, you might wish to appropriately forward it to where you do. A discussion forum will be created in Sakai. The purpose of this forum is to allow you to discuss ideas, especially as related to the project. The forum will not be monitored by the instructor or the TA, except passively. If you need to communicate with the TA or the instructor, please send an email to them with 'SIL765' as the first element of your subject line.
The email of instructor is ajoshi@iitd.ac.in,
and the email of TA is chandrika@cse.iitd.ac.in. Given
the large enrollment in this class, we will use the following division
of labor. Any questions that relate to conceptual difficulties with
the material presented in the class should come to the instructor
directly. All other questions should be first directed to the TA, who
may then pass some of them on to the instructor.
Tentative Course Outline
This is a rough outline of the course, and subject to change as we
progress through the semester. Its online counterpart will likely
reflect the changes as we go along. In many of these topics, besides covering the basic material in the book,
we will discuss recent advances and papers. It is your responsibility to read
the material to be covered in the class ahead of time. Besides the text, references to papers will be provided via Sakai for your convenience.
We’ll quickly review concepts such as Access Control and Crypto that some of you might already know from other courses, but
other students might not. We’ll then cover the following topics, in different degrees of depth.
- Introduction and Foundations, The “hacking” Ecosystem
- Quick review of basics of Crypto symmetric,asymmetric, homomorphic
- Quick review of OS security DAC/MAC
- Network Level Security (Attacks and Defences) Issues,IPSEC, SECDNS, TLS,ARP poisoning, PITM,...
- Web Security (Attacks and Defences) frames,XSS, HTTPS
- Isolation as an Approach Airgap,VM, multicore, ...
- Selected topics (time permitting) Fuzzing,attack graphs, Wireless Security WEP/WPA...
We will use the slides provided by the publisher to anchor our discussions, but they are NOT a substitute for the discussion in the class. Neither the slides, nor the text, by themselves completely capture the material we will cover, especially the part about recent developments and cutting edge research! It is expected that you will attend, follow, and participate in the discussions in class.
The Important Stuff (i.e. grades)
Given the format of this course, attendance and class discussion are essential
for the learning process. Most of the classes are virtual, and will not require your physical presence. You however do need to keep up with the online lectures, since at various points short, online quizzes will be given. We will also meet physically a few times in the semester. Those dates will be communicated to you via email and Moodle sufficiently in advance. I will not give any makeups for these quizzes. Course grades will be a function of your performance in the projects,
paper summaries, quizzes, and exams, as well as of your participation
in class.
If you miss any lectures, it
is your responsibility to find out what went on during the lecture and to
collect any material that were handed out. The grades will be based on a curve. A tentative breakdown of
grades, likely to change as we go along is
-
Exams 25%
- Quizzes 10%
-
Projects 65%
Academic Dishonesty
Academic Integrity is a key element of education. You should definitely read point 10 given on Prof. S. Arun Kumar's webpage at
http://www.cse.iitd.ernet.in/~sak/courses/general.html. It elanborates on the academic conduct policy. As you have probably been told
umpteen times by now, violating this policy is a strict no-no! If we
catch anyone cheating, we will take the maximum action possible
against them, including reporting the matter to the appropriate
university authorities. Please cooperate by doing your own work and
not seeking inappropriate help from your classmates. You may, of
course, discuss homeworks and assignments amongst yourselves, as long
as that discussion does not lead to a exchange of solutions.
Extra Help
We recognize that some of you may have disabilities that require special
attention from the instructional staff. Please make us aware of them at your
earliest so that IITD can make suitable arrangements as appropriate.