Network Security (Fall 2004)
- Important announcements about the deadlines for the programming
assignment, for the group/individual project final presentation date,
and for the final exam have been posted.
- This Webpage is the authoritative syllabus for this course.
You should check this website often for updates, assignment postings,
- If you do not have a garnet account you should get one now. The
free garnet account can be obtained from Academic
Computing and Network Services (ACNS) If you want to read your
garnet email on another ISP of your choice, go to ACNS eMail
Forwarding make sure that you check your garnet account
or have it forwarded to an e-mail account you do check
frequently. Important information pertinent to the course will be
sent to your garnet account (and posted to this website as an
announcement). E-mails sent
before 1:45pm on Fridays are considered equivalent to class
announcements made the day before, and may include ammendments to
assignments and other grade-related material.
Some extra reading assignments will be
available through the Library
Reserves, as they are copyrighted
material that cannot be legally posted in this website.
- TUE 09/28: Midterm exam.
- THU 10/07: Project proposal due.
- THU 11/11: Assignment due.
- TUE 11/16: Project presentations: concept and execution plan.
- 12/02-08: Project due. (Group presentations by appt)
- THU 12/09: Final exam date. Time 3:00-5:00pm. (As mandated by University Policy.)
This course will include programming assignments in Java. If you
not have previous Java experience, be aware that time constraints will
not permit coverage of basic Java programming in the course. If
are concerned you may not reach an adequate proficiency level in Java
in time to complete your assignments, talk to the instructor. You
have to reconsider your choice of taking this course at this time.
Kaufman, Perlman and Speciner. Network
Security: Private Communication in a Public World.
Prentice Hall, 2nd edition. 2002.
expectations and assigned work
Your goals in this course are threefold:
Attendance and participation in class discussions will contribute
5% of your grade.
- Acquire conceptual understanding of network security issues,
challenges and mechanisms. You will learn this by attending class
presentations, and by independent reading of the class notes, of the
and of the assigned research paper readings. Your achievement in
this area will be assessed through the midterm and final exam, which
together comprise 35% of the grade: 15% midterm, 20% final.
- Develop basic skills of secure network development through
a programming assignment/project. This will be
worth a total of 25% of the total course grade.
- Employ the acquired understanding and skill in a project of
your choosing. The project may either include original design and
implementation; empirical observation, measurement and analysis; or
theoretical investigation. Any topic related to network security
can be chosen. This project must contain an element of
originality. The write-up should be of sufficient quality for
submission to a workshop in the area. You will give a short
presentation of your results to the class. This project
corresponds to 35% of your grade.
Letter grades will be based on numerical grades as follows:
- A: 90 - 100
- B: 75 - 89
- C: 65 - 74
- D: 58 - 64
- F: 0 - 57
Plus/Minus letter grades will be assigned at the discretion of the
The lecture slides are posted here. You may print them and bring them to class and use the margins to keep class notes.
- For Thursday, 08/26:
- Victor L. Voydock and Stephen T. Kent.
Security Mechanisms in High-Level Network Protocols. In ACM Computing Surveys, (CSUR), vol.15,
issue 2, June 1983. Pp. 135--146 (stop before chapter 3). DOI:
- Textbook, chapter 1, sections 1.3 through 1.7 (including).
- For Tuesday, 08/31:
- Voydock and Kent (link above). Pp. 146--158 (stop before chapter 6).
- Textbook, chapter 2, sections 2.1 -- 2.4. Also do exercise 6 on 2.7.
- Textbook, chapter 4, sections 4.1 -- 4.2. Try exercises 2 and 6 on 4.5
- For the week of 09/07:
- Textbook, chapter 4, section 4.3
- Textbook, chapter 11, except for sections 11.1.2, 11.2.3, 11.3.2, 11.3.3.
Also try exercises 2, 3, 5, and 7 on pages 288--289.
- Roger M. Needham and Michael D. Schroeder. Using Encryption for Authentication
in Large Networks of Computers. In Communications of the ACM, Vol. 21, issue 12, December 1978.
- For the week of 09/14:
- Textbook, chapter 9, sections 9.1 through 9.7.1, and 9.7.4 through 9.8
- Assignments, section 9.10, exercises 1 through 3.
- Textbook, chapter 10, sections 10.1 through 10.7.
- Assignments, section 10.11, exercises 1 and 2.
- For the week of 09/21:
- M. Abadi and R. Needham. Prudent Engineering Practice for Cryptographic Protocols.
IEEE Transactions on Software Engineering, 1996, vol.22, No. 1, pp. 6--15. Find it on
Martin Abadi's webpage.
- Bill Bryant. Designing an Authentication System: A Dialogue in Four Scenes.
Original 1988, added afterword by Theodore Ts'o on changes in Version 5 of the Kerberos protocol in 1997.
- G. Steiner, B. Clifford Neuman, and J.I. Schiller. Kerberos: An Authentication Service for Open Network Systems.
In Proceedings of the Winter 1988 Usenix Conference. February, 1988. (Version 4)
- For the week of 10/12:
- Textbook, chapter 6, sections 6.1 through 6.7.
- Assignments, section 6.9, problems 2, 5, 7, 10.
- For the week of 10/19:
- Assignments, section 6.9, problems 3, 4, and 8.
- Textbook, chapter 15.
- Assignments, section 15.9, problems 1, 2, 3, 5, and 8.
- Textbook, chapter 13.
- For the week of 10/26:
- Assignments, section 13.13, problems 1, 2. 4.
- Textbook, chapter 19.
- Assignments, section 19.16, problem 2, section 19.17, problem 3.
- For the week of 11/02:
- David Brumley and Dan Boneh. Remote Timing Attacks are Practical. 12th Usenix Security Simposium.
- Textbook, chapter 17.
- Assignments, section 17.7, problems 1 and 2.
- Assignments, section 17.8, problems 1, 2, 5, 6, 7.
- For the week of 11/09:
- Textbook, chapter 18
- Assignments, section 18.8, problems 1, 2, 3, 7, 8.
- For the week of 11/23:
- D. Brent Chapman. Network (In)security Through IP Packet Filtering.
Proceedings of the Third USENIX UNIX Security Symposium. 1992.
- For the week of 11/30:
- Thomas Ptacek and Timothy Newsham. Insertion, Evasion and Denial of Service:
Eluding Network Intrusion Detection. http://www.securityfocus.com/data/library/ids.ps
- Textbook, chapter 26.
- Assignments, section 26.27, problems 1, 2, 3, 4.
Description of the assignment.
Extra instructions and code download for the assignment.
The course project will comprise the largest part of your grade. Your deliverables will consist of a project
proposal, a preliminary results presentation, and a final project report and presentation.
You will need to form groups of 2 or 3 members
and write a project proposal. (Individual projects are possible, but not encouraged.) The project proposal should
include at least four sections:
The project description itself should be one to two pages. Suitable project topics include any topic related to
network security, whether or not covered during the class. If you are unsure whether the topic you picked is appropriate, please
contact me before the deadline for project proposal submission: October 7th. The proposal must be typeset, and a paper copy
brought to class, while the original e-mailed directly to me. Acceptable file formats are HTML, PDF, and TXT.
- A title.
- List of group members. If the group members will have different responsibilities, please list those.
- Project description -- what you intend to do.
The project may take several formats:
Premilinary Results Presentation
- Theoretical analysis (suitable for individual project): Critique of algorithms or techniques used in network
security, analysis or design of network security protocols, etc. If you choose a theoretical approach,
a higher degree of originality. will be expected. Your
final deliverable will be in the form of a research paper, suitable for presentation at a workshop.
- Implementation (groups only): Implementation of network security protocols and algorithms. Examples of suitable
topics are special purpose VPNs, algorithms for security in overlay and ad-hoc networks.
- Empirical analysis/simulation: Study the performance of various security measures under different types of threats/attacks.
If you are implementing an attack, you must take every measure to ensure it does not present a threat to the Computer
Science computing community of the world at large. You need to inform me, and the CS systems group of the techniques you
will be employing beforehand. You must ensure that you abide by all the policies that govern use of FSU and CS computing resources
during the execution of this project.
On November 16th, you will give a class presentation on your project and intermediate progress you have achieved. You
should explain the concept of your project, provide details of your methodology and/or design, and any preliminary results.
You should be prepared to answer questions that your classmates or I may have about your project.
Final Report and Presentation
The final deliverable of the project will be a write-up (5-10 pages). You will give a 20-minute presentation
or demo of the project, and make an appointment with me during the week of finals to present your project and answer questions: (Dec. 6th-10th).
I expect students to arrive on-time for the class. Students
arriving late for exams will not be allowed extra time to complete
There will be no make-up midterm exam. If you cannot take
midterm exam because of a documented, legitimate condition, the final
exam will be substituted for the mid-term grade (and therefore will
count for 35% of your grade). Similarly, homework assignment
deadlines will not be extended, unless in documented, legitimate
situations. Same for the project and presentation deadlines.
An example of adequate documentation of a medical reason for missing
an exam is a discharge notice from the Student Health Center.
All students registered in this course (and all courses throughout
the University) are bound by the Academic Honor Code. Plagiarism
(use of somebody else's work without proper acknowledgment) will not be
The Academic Honor System at The Florida State University is based
on the premise that each student has the responsibility:
of the University Academic Honor
Code can be found in the current
- To uphold
the highest standards of academic integrity in the student's own work;
- To refuse to tolerate violations of academic integrity in the
University community, and;
- To foster a high sense of integrity and
social responsibility on the part of the University community.
Students with disabilities needing academic accommodations should
register with and provide documentation to the Student
Resource Center (SDRC), and bring a letter from the SDRC to the
instructor indicating their needs.This should be done within the first
week of class.