Module 20009 (2010)

Syllabus page 2010/2011

06-20009
Network Security
Level 4/M

Marco Cova
10 credits in Semester 2

Links | Outline | Aims | Outcomes | Prerequisites | Teaching | Assessment | Books | Detailed Syllabus

The Module Description is a strict subset of this Syllabus Page. (The University module description has not yet been checked against the School's.)

Relevant Links

Module Web Page

Outline

The module introduces the threats and attacks which may be perpetrated on computer networks, and some of the mechanisms designed to address them. Some technology case studies are presented and evaluated.

Aims

The aims of this module are to:

  • introduce the basic terminology, concepts, and mechanisms of network security
  • explain network threats, vulnerabilities, and attacks
  • present security algorithms and protocols as countermeasures

Learning Outcomes

On successful completion of this module, the student should be able to: Assessed by:
1explain network vulnerabilities and attacks Examination
2explain and evaluate security mechanisms designed to address such attacks Examination
3design networking security solutions appropriate for a given application and situation Examination, Continuous Assessment

Restrictions, Prerequisites and Corequisites

Restrictions:

None

Prerequisites:

06-05933 (Computer Networks) (or 06-18150 (Computer Networks (Extended)) as a co-requisite)

Co-requisites:

06-17417 (Computer Security), 06-18150 (Computer Networks (Extended)) (or 06-05933 (Computer Networks) as a prerequisite)

Teaching

Teaching Methods:

Lectures

Contact Hours:

15-20

Assessment

  • Sessional: 1.5 hr examination (80%), continuous assessment (20%).
  • Supplementary (where allowed): By examination only.
  • The continuous assessment will consist of a report.

Recommended Books

TitleAuthor(s)Publisher, Date
Cryptography and Network Security, Principles and Practice (4th ed.)William StallingsPrentice Hall, 2006
Security in Computing (4th ed.) C Pfleeger & S PfleegerPrentice Hall, 2006
Internet and Intranet Security (2nd ed.)Rolf OppligerArtech House, 2002

Detailed Syllabus

  1. Network Protocols
    • Ethernet, ARP, IP, ICMP, UDP, TCP, DNS
    • Threats, vulnerabilities, and attacks
    • Countermeasures
  2. Web Application Security
    • HTTPS
    • Vulnerabilities: XSS, SQL injection, CSRF
    • Analysis, attacks, and defenses
  3. Browser Security
    • Same-origin policy, DNS pinning, cookies
  4. Malicious Web
    • Drive-by-download attacks
    • Scams: Phishing, Spam, Fake AV
    • Botnets
    • Underground economy
  5. Intrusion Detection Systems
    • Types of IDSs: misuse vs. anomaly detection
    • Evasion
    • Evaluation
  6. Firewalls
    • Packet filter
    • Application-level filter

Last updated: 11 Jan 2011

Source file: /internal/modules/COMSCI/2010/xml/20009.xml

Links | Outline | Aims | Outcomes | Prerequisites | Teaching | Assessment | Books | Detailed Syllabus