(502805-3) Internet Security

Homepage and Syllabus

Disclaimer

This is the best information available as of today, Monday March 8, 2021 at 8:20 a.m. KSA time. Changes will appear in this web page as the course progresses.

Meeting time and place

  • Section 5156: Thursday 5:00 p.m. - 8:00 p.m. and Friday 1:00 p.m. - 4:00 p.m.
  • Due to COVID 19 pandemic, these classes will be conducted remotely and online via blackboard until further notice.

Instructor: Dr. Emad Alsuwat

Course Homepage: https://emadalsuwat.github.io/internetsecurity-Spring2021.html
Office: W101 CIT
Office hours: Due to the COVID-19 pandemic restrictions, there will be no in-person office hours. Please email me if you have any question. If necessary, I will arrange a phone call or a virtual meeting
Phone: NA
Email: Alsuwat@tu.edu.sa

Course Overview

The course covers topics in Internet security. It discusses security threats, vulnerabilities of protocols, and different types of attacks. Preventive and defensive mechanisms are covered, such as email security, web security, network access control and cloud security, and tracing the source of attacks. This course also explores malicious software including, Viruses, rootkits, Worms, botnets, Trojan, and Adware. Student projects will be composed of implementation, simulation, and research components.

Learning Outcomes

By the end of the course, students will obtain the following:
  • Advanced knowledge of Internet security threats, vulnerabilities of protocols and the different types of attacks
  • Advanced knowledge of protocols, devices and tools used in securing networked applications and systems
  • Advanced knowledge of current research topics and issues in Internet security
  • Experience in conducting and presenting a literature review on a research topic
  • Hands-on experience in analyzing and securing networked system

Textbook

  • Required: William Stallings, Cryptography and Network Security Principles and Practice, Seventh Edition, Pearson Education, England.
  • Optional: Behrouz A. Forouzan, TCP/IP Protocol Suite, 4th edition, McGraw-Hill, NY, United States.

Examinations

  • Midterm Exam: March 26, 2021 - From 1:00 p.m. until 4:00 p.m.
  • Final Exam: TBD

Grading

  • Midterm Exam: 20%
  • LAB and Homework Assignments: 25%
  • Reseach Project and Presentation: 15%
  • Final Exam: 40%

Topics to be covered

Below are roughly the sections of the CLRS book that I will cover. I may de-emphasize some topics and add others, but this is basically the list.

Topic Text Reference
Introduction
Potential web weaknesses and threats 		Forouzan's Textbook Chapters 1 & 2
Bellovin's Paper
Malware: Viruses, rootkits, Worms, botnets, Trojan, Adware
The higher layers of the TCP/IP Protocols Vulnerabilities, Attacks, and Countermeasures:
Transport Layer: TCP protocol, TCP session hijacking, reset and SYN flooding attacks
DoS and DDoS attacks
DNS protocol, attacks, and DNSSEC
BGP protocol and Attacks
Port scanning, Cookie poisoning, Buffer overflow and SQL injection.
Transport-Level Security:
Web security considerations
Secure sockets layer
HTTPS
Transport layer security
Secure shell (SSH) 		Stallings Textbook Chapter 17
Network Access Control and Cloud Security:
Network access control
Extensible authentication protocol
IEEE 802.1X port-based network access control
Cloud computing
Cloud security risks and countermeasures
Data protection in the cloud 		Stallings Textbook Chapter 16
Electronic Mail Security:
Pretty good privacy
Domain Keys Identified Mail
S/MIME
Enhanced security services:
 Stallings Textbook Chapter 19
Intruders:
Intruders
Intrusion Detection
Password Management
 Stallings Textbook Chapter 22
Firewalls:
The Need for Firewalls
Firewall Characteristics and Access Policy
Types of Firewalls
Firewall Basing
Firewall Location and Configurations
 Stallings Textbook Chapter 23

Lecture Notes and Homework Assignments

Note that changes to the table below will appear week by week as the course progresses

Week Topic Slides Assignment Due Date
Week 1 Introduction
Interesting Reading: Forouzan's Textbook Chapters 1 & 2		 Lecture 0
Lecture 1a
Lecture 1b		 - -
Week 2 Malware: Viruses, rootkits, Worms, botnets, Trojan, Adware Lecture 2 - -
Week 3 The higher layers of the TCP/IP Protocols Vulnerabilities, Attacks,
and Countermeasures 		Lecture 3 - -
Week 4 The higher layers of the TCP/IP Protocols, Vulnerabilities, Attacks,
and Countermeasures (cont.)
+
Lab #1 		Lecture 4
Lab #1 		Homework 1
Lab #1 		February 24, 2021
Week 5 Transport-Level Security
Required Reading: William Stallings' Textbook Chapter 17		 Lecture 5 - -
Week 6 Transport-Level Security (cont.)
+
Lab #2 		Lecture 6 Lab #2 March 10, 2021
Week 7 Network Access Control and Cloud Security
Required Reading: William Stallings' Textbook Chapter 16		 Lecture 7 - -
Week 8 Network Access Control and Cloud Security (cont.)
+
Lab #3 		Lecture 8 Lab #3 March 24, 2021
Week 9 Midterm Exam
Exam will cover Lectures 0, 1a, 1b, 2, 3, 4, 5, and 6.
Exam Date: March 26, 2021 		- - -
Week 10 Electronic Mail Security
Required Reading: William Stallings' Textbook Chapter 19		 Lecture 9 - -
Week 11 Electronic Mail Security (cont.)
+
Lab #4		 Lecture 10 Lab #4 -
Week 12 Intruders Lecture 11 - -
Week 13 Firewalls Lecture 12 - -
Week 14 Firewalls (cont.)
Students' Presentations 		Lecture 13 - -