Course Title: Computers and Networks Security
Credits: 3
Instructor: Mukesh Singhal, Professor and Endowed Chair, Tel: 257-3062, E-mail: singhal@cs.uky.edu, Office: Room 234 Hardymon Bldg.
Course Description
The following topics will be covered in roughly the given order.
1.Introduction: what is the problem?
2.Networking (levels, firewalls, sniffing)
3.Security models (military)
4.Encryption (types of attacks, uses of secret-key and public-key cryptography, uses of hash algorithms)
5.Algorithms (secret key: DES, IDEA, Rijndael, CBC, CFB, OFB, CFB; hashing: MD5, SHS; public-key: RSA, DSS)
6.Authentication (key distribution, passwords, addresses, cryptographic, certificates, nonces, Kerberos)
7.Pitfalls (security handshake attacks, performance problems)
8.Electronic mail (establishing keys, privacy, source authentication, message integrity, non-repudiation, PEM, PGP, X.400)
9.Case studies (NetWare, SNMP, DASS, Lotus Notes, Java applets)
10.Public-key infrastructure (PKI)
11.Exploits (file permissions, buffer overflow, active data, floods, port scans, IP spoofing)
12.Malware (viruses, worms, Trojan horses, service attacks, distributed denial-of-service, rootshell, repositories)
13.Organizations (CERT, Bugtraq, Information Warfare Research Center)
14.Security checklists (Unix, Win32)
15.Security software (file scanners, integrity checkers, general monitoring, wrappers, access control, port scan monitors, intrusion detection)
16.The human factor
17.Legal, social and ethical issues (key escrow, export rules)
Prerequisites
A course in operating systems, some understanding of networks, some mathematical sophistication or the consent of instructor.
Examinations
There will be one in-class, midterm examination during the semester and a two-hour final examination. The date of the mid-term is November 1, 2004 (Monday).
Grading
A student's grade will be determined by a weighted average of homework assignments, mid-term examination, and the final examination.
Letter Grades: top 40% will get As, next 50% will get Bs, and the rest 10% will get Cs and Ds.Homework (or programming assignments): 30%
Midterm: 35%
Final Examination: 35%
Textbook
William Stallings
Cryptography and Network Security: Principles and Practice
Prentice-Hall, 3rd edition.Papers from the literature