Course Information

Instructor: Amirreza Masoumzadeh (Amir)
Contact: amirreza _at_ sis.pitt.edu (Include "IS1075" in the subject)
Office Hours: Tuesdays 2:00PM-4:00PM or by appointment (Room 410)
Objective: This is an introductory course to network security and cryptographic protocols. The course wil cover concepts such as
  • Network vulnerabilities, attacks on TCP/IP, network monitoring, security at the link, network and transport layers
  • Cryptography, e.g., secret and public key schemes, message authentication codes and key management
  • WLAN security, IPSec, SSL, and VPNs. E-mail security (PGP, S/MIME), Kerberos, X.509 certificates, AAA and Mobile IP, SNMP security, firewalls, filters and gateways
  • Policies and implementation of firewall policies, stateful firewalls, firewall appliances
  • Network-related physical security, risk management and disaster recovery/contingency planning issues and housekeeping procedures
Textbooks:
Readings: These books/chapters are available online. You may be required to use your Pitt credentials to access them.
Prerequisites: INFSCI 0017 or CS 0401 or INFSCI 0015 (at Pitt Greensburg), and INFSCI 1070 (previously INFSCI 1004)
Grading:
  • 25% Homework
  • 25% Labs
  • 10% Quizzes
  • 15% Midterm Exam
  • 25% Final Exam
The exams will be closed book. There will be an optional term project for extra credit (up to 15%).

Policies

Late Assignment Policy

Students can submit their homework assignments up to two days late with 10% penalty per day.

Academic Integrity

With the exception of routine studying and tutoring, all graded work must be the sole result of your own efforts. You may not do work for another student nor may you copy or plagiarize someone else’s work. At a minimum, cheating will result in a grade of zero on the assignment. Depending on the circumstances, you may also receive a grade of ‘F’ for the course.

Students in this course will be expected to comply with the University of Pittsburgh's Policy on Academic Integrity. Any student suspected of violating this obligation for any reason during the semester will be required to participate in the procedural process, initiated at the instructor level, as outlined in the University Guidelines on Academic Integrity. This may include, but is not limited to, the confiscation of the examination of any individual suspected of violating University Policy.

Disability Services

If you have a disability that requires special testing accommodations or other classroom modifications, you need to notify both the instructor and Disability Resources and Services no later than the second week of the term. You may be asked to provide documentation of your disability to determine the appropriateness of accommodations. To notify Disability Resources and Services, call (412) 648-7890 (Voice or TTD) to schedule an appointment. The Disability Resources and Services office is located in 140 William Pitt Union on the Oakland campus.

Copyright Notice

Course materials may be protected by copyright. United States copyright law, 17 USC section 101, et seq., in addition to University policy and procedures, prohibit unauthorized duplication or retransmission of course materials. See Library of Congress Copyright Office and the University Copyright Policy.

Statement on Classroom Recording

To ensure the free and open discussion of ideas, students may not record classroom lectures, discussion and/or activities without the advance written permission of the instructor, and any such recording properly approved in advance can be used solely for the student’s own private use.

Lecture Schedule

Here is a tentative schedule of the class lectures. It is subject to change at any time during the course of the semester.

Week Topic Reading Slide Assignment
Week 1
(Jan. 8)
  • Course Introduction
  • Introduction to Network Security
Week 2
(Jan. 15)
  • Review of Network Basics, Network Terminology, and Common Network Protocols
  • [BH02] - Chapter 3: Understanding How Network Systems Communicate
Week 3
(Jan. 22)
  • Process of Attack
  • Risks and Vulnerabilities - I
  • [BRS03] - Chapter 2: Risk Analysis and Defense Models
  • [BH02] - Chapter 14: The Anatomy of an Attack
  • HW1 is out
  • Lab1 is out
  • Quiz
Week 4
(Jan. 29)
  • Risks and Vulnerabilities - II
  • Process of Defense
  • [BRS03] - Chapter 2: Risk Analysis and Defense Models
  • [BH02] - Chapter 14: The Anatomy of an Attack
  • Additional: check out the two threat reports posted on CourseWeb
  • HW1 is due
  • Quiz Jan. 31
Week 5
(Feb. 5)
  • Firewalls
  • Lab1 is due Feb. 5
  • HW2 is out by the end of the week
Week 6
(Feb. 12)
  • Introduction to Cryptography
  • Classic Cryptography
  • [Sta11] - Chapter 2: Classical Encryption Techniques
Week 7
(Feb. 19)
  • Modern Symmetric Cryptography
  • [Sta11] - Chapter 3: Block Ciphers and the Data Encryption Standard
  • [Sta11] - Chapter 5: Advanced Encryption Standard
  • HW3 is out on Feb. 20
  • HW2 is due Feb. 21
Week 8
(Feb. 26)
Review (Feb. 26) / Midterm Exam(Feb. 28)
  • HW3 is due Feb. 26
Week 9
(Mar. 5)
  • Public-Key Cryptography
  • Security Protocols (Using Cryptography) - I
  • [Sta11] - Chapter 9: Public-Key Cryptography and RSA
  • [Sta11] - Chapter 11: Cryptographic Hash Functions
  • [Sta11] - Chapter 12: Message Authentication Codes
  • [Sta11] - Chapter 13: Digital Signatures
Week 10
(Mar. 12)
Spring Break (No Class)
Week 11
(Mar. 19)
  • Security Protocols (Using Cryptography) - II
  • [Sta11] - Chapter 14: Key Management and Distribution
  • [Sta11] - Chapter 15: User Authentication Protocols
  • Lab2 is out on Mar. 13
Week 12
(Mar. 26)
  • IP and Transpor Layer Security
  • Wireless Security
  • [Sta11] - Chapter 16: Transport-Level Security
  • [Sta11] - Chapter 19: IP Security
  • [BRS03] - Chapter 13: Wireless Network Security
  • HW4 is out on Mar. 26
Week 13
(Apr. 2)
  • Wireless Security
  • Preventing Attacks / Preventative Measures (IDS / IPS, Network Monitoring, Vulnerability Assessment)
  • [BRS03] - Chapter 13: Wireless Network Security
  • [BRS03] - Chapter 14: Intrusion-Detection Systems
  • Lab2 is due Apr. 2
  • HW4 is due Apr. 4
Week 14
(Apr. 9)
  • The Context of Security (Security in Organizations, Incident Response, Legal)
  • [BRS03] - Chapter 3: Security Policy Development
  • [BRS03] - Chapter 29: Incident Response and Forensic Analysis
Week 15
(Apr. 16)
Recap and Review
  • Lab3 is due Apr. 23
  • Term paper is due Apr. 26
Week 16
(Apr. 23)
Final Exam (Apr. 24 - 4:00PM-5:50PM)