Birla Institute of Technology & Science, Pilani

Work-Integrated Learning Programmes Division

Second Semester 2013-2014

Course Handout

Course No. : SS ZG513

Course Title : Network Security

Instructor : Rahul Banerjee

Course Description

The primary goal of the course is to introduce the student to system and application design aspects of network security including cryptographic, systemic and computational security aspects of the network / internetwork systems.

Objective and Scope of the Course

This course aims at providing a sound conceptual foundation in the area of Network Security with emphasis on the design aspects while adopting combination of the systems approach. The course attempts to provide a balanced treatment of the state-of-the-art in the area and thus prepares the students for taking more rigorous and specialized courses in this and related fields. At the end of this course, students should be able to design, build and analyze simple network security architectures and systems.

Course Material

Being a graduate-level course, no single book would actually suffice for the purpose of this course. In addition, from time to time, students would be expected to consult identified material from different sources including research papers, standards, patents and case-studies.

Prescribed Text book

T1.  William Stallings: Cryptography and Network Security, 5th Edition, Prentice-Hall / Pearson Education, Englewood Cliffs /New Delhi, 2011. (A new edition has appeared as: William Stallings: Cryptography and Network Security, 6th Edition, Prentice-Hall Inc., 2013. Unfortunately, as of now Indian reprint is not available. Those, who can afford it, are encouraged to use the new edition.)

Reference Books: <Other than those to be specified by the Instructors, topic-wise>

R1.  Bruce Schenier: Applied Cryptography, Second Edition, John Wiley & Sons, Singapore, 2011.

R2.  Seymore Bosworth, M. E. Kabay & Eric Whyne: Computer Security Handbook, Vols. 1 & 2, 5th Edition, John Wiley & Sons, Inc. N.J., 2009.

SS ZG513 (Course Handout) Second Semester 2013-2014 Page 2

Plan of Self Study

S. No. / Topic(s) to be discussed / Sections of the Text Book /
Part-I: Introduction to Network and Internetwork Security: Systems & Application Perspective
1. / Introduction to Network Security, Systems and Cryptographic approaches, How would this course be conducted? / 1.0
Elements and aspects of Network Security, Network Security Architectures, Example / 1.1, 1.2
An overview of types of Security attacks and breaches, Concept of Security services, Associated Security Mechanisms, Models of Network Security, Examples / 1.3, 1.4, 1.5, 1.6
2. / Security at the Network / IP level / Reference Material (RFCs on IPSec)
IP-level Security, Need, Implications, Mechanisms, Choices, Applications, Examples / 19.0, 19.1, 19.3, 19.4, 19.5
Security in IPv4 and IPv6, Trade-offs involved, Points to take-away / Reference Material (RFCs on IPSec)
Virtual Private Networks, Purpose, Types, Principles involved, Applications / Extracts from C-18 and 19
3. / Security at the Transport and Application level
Need for Application-level and Transport-level security, Mechanisms, Techniques, Applications, Examples / 16.0, 16.1
Security for the Web-based Transactions, SSL and TLS / 16.1, 16.2, 16.3
Of HTTPS and Secure Shell (SSH) / 16.4, 16.5
E-mail Security, Need, Mechanisms, Choices, Examples / 18.0-18.3
4. / Designing secure networks and internetworks, Basic idea, Process involved, Devices, Positioning, Configuration and Trade-offs, Examples, Firewalls / Online material and links as provided at: http://williamstallings.com/Cryptography/Crypto6e-Student/
More on Firewalls, Intrusion Detection Systems and Perimeter Security
Of Virus, Worms, other malware and Spyware
Security in Clouds: Facts and Myths, Current Status, Emerging trends, Examples Recent Advances in Network Security technology, Emerging trends, Best practices, Take-away points / Online material or select research papers
Part-II: Cryptographic Principles, Algorithms, Techniques and Standards
5. / Brief recapitulation of mathematical techniques and tools used in a range of cryptographic designs / Select portions of Chapters 4 & 5
Steganography, Substitution Ciphers, Transposition Ciphers / 2.0-2.3, 9.0-9.1
Of Pseudo-Random Numbers and their generation, Relevance, Applications, Techniques, Examples / 7.0. 7.1. 7.2
Generating Pseudo-Random Numbers using Block-Ciphers: the basic idea / 7.3
Stream Ciphers, Applications, Examples / 7.4
The RC4 Stream Cipher and other Stream Ciphers of interest / 7.5
True Random Numbers and their generation / 7.6
6. / Introduction to Block Ciphers, Principles, Examples / 3.0, 3.1, 3.6
The DES Standard and its current variants / 3.2, 3.3, 3.4
Cryptanalysis: An overview of the basics, current trends
Examples of use of common mathematical techniques of interest, Example, AES: The Advanced Encryption Standard and its variants
Block Cipher Design Principles, Multiple Encryption, Examples / 6.0
Triple-DES and its variants / 6.1
An overview of the NIST-defined Block Cipher Modes of Operation, Types (05), Examples / 6.2, 6.3, 6.4, 6.5, 6.6, 6.7
Brief recapitulation of Number Theory in the context of Cryptography,
Examples of use of common mathematical techniques of interest, Example, Significance of Prime Numbers and Primality Testing etc.
<self-study> / Select Portions of Chapter 8
Syllabus for Mid-Semester Test (Closed Book): Topics in S. No. 1 to 6
7. / Fundamentals of Asymmetric Cryptography, Rationale, Basis, Issues, Applications, Examples / 9.0, 9.1
The RSA Algorithm, Principle, Mechanism, Design, Critique, Applications / 9.2
Alternatives, Brief overview, Trade-offs, Points to take away, Design tips / Select portions of Chapter 10
Introduction to Cryptographic Hashing, Techniques, Principles, Applications, Examples / 11.0, 11.1, 11.5
Authentication using cryptographic hashing, Example, Message authentication / 11.1
Introduction to Digital Signatures & Digital Certificates, Principles, Applications / 11.1
An overview of Message Authentication Codes (MACs), Principle, Applications, Examples / 12.0 and 12,1-12.8
8. / Brief recapitulation of Number Theory in the context of Cryptography <self-study> / Select portions of Chapter 8
Examples of use of common mathematical techniques of interest, Example, Significance of Prime Numbers and Primality Testing etc.
Fundamentals of Asymmetric Cryptography, Rationale, Basis, Issues, Applications, Examples / 9.0, 9.1
The RSA Algorithm <latest version>, Principle, Mechanism, Design, Critique, Applications / 9.2
Alternatives, Brief overview, Trade-offs, Points to take away, Design tips / Select portions of Chapter 10
9. / Introduction to Cryptographic Hashing, Techniques, Principles, Applications, Examples / 11.0, 11.1, 11.5
Authentication using cryptographic hashing, Example, Message authentication / 11.1
Introduction to Digital Signatures & Digital Certificates, Principles, Applications / 11.1
An overview of Message Authentication Codes (MACs), Principle, Applications, Examples / 12.0 and 12.1-12.8
Part-IV: Putting all pieces together
10. / Security in the context of E-commerce / m-commerce, document interchange, e-Voting, / 13.0, 13.1, 13.4, Select portions from Chapter-14, Reference Material
11. / Authentication of Remote Users, Issues, Mechanisms, Examples, Kerberos-based security scenarios / Select portions from Chapter 15
12. / Biometrics in Network and Internet Security, e-Passports, e-VISA and more / Reference material
13. / Security in Wireless Networks, Basic problems, Issues, Techniques, Examples / Portions of Chapter 17, References
14-16. / Case-Studies on:
Firewalls, Intrusion Detection Systems and Perimeter Security, Anti-Virus, Anti-Worms, Anti-Spyware and other Anti-malware systems, State-of-the-art practices in Modern Network and Internetwork Security / Online Notes / Reference Material
Special Session: / Concept summarization, Discussions on a Design Problem / Case-study covering all major aspects of Networking covered during the semester
Syllabus for Comprehensive Exam (Open Book): All topics given in Plan of Self Study

Evaluation Scheme:

EC No. / Evaluation Component &
Type of Examination /

Duration

/ Weigh-tage /
Day, Date, Session,Time
EC-1 / Assignment/Quiz /
** Details to be announced on LMS Taxila website by Instructor
/ 15% /
** Details to be announced on LMS Taxila website by Instructor
EC-2 / Mid-Semester Test
(Closed Book)* / 2 Hours / 35% / Saturday, 15/02/2014 (FN)*
10 AM – 12 Noon
EC-3 / Comprehensive Exam
(Open Book)* / 3 Hours / 50% / Saturday, 05/04/2014 (FN)*
9 AM – 12 Noon

** Please check the details by January 10, 2014 on LMS Taxila web site.

AN: AfterNoon Session; FN: ForeNoon Session

Closed Book Test: No reference material of any kind will be permitted inside the exam hall.

Open Book Exam: Use of any printed / written reference material (books and notebooks) will be permitted inside the exam hall. Loose sheets of paper will not be permitted. Computers of any kind will not be allowed inside the exam hall. Use of calculators will be allowed in all exams. No exchange of any material will be allowed.

Note:

It shall be the responsibility of the individual student to be regular in maintaining the self study schedule as given in the course handout, attend the online/on demand lectures as per details that would be put up in the BITS LMS Taxila website www.taxila.bits-pilani.ac.in and take all the prescribed components of the evaluation such as Assignment (Course Page on LMS Taxila), Mid Semester Test and Comprehensive Examination according to the Evaluation Scheme given in the respective Course Handout. If the student is unable to appear for the Regular Test/Examination due to genuine exigencies, the student must refer to the procedure for applying for Make-up Test/Examination, which will be available through the Important Information link on the BITS LMS Taxila website www.taxila.bits-pilani.ac.in on the date of the Regular Test/Examination. The Make-up Tests/Exams will be conducted only at selected exam centres on the dates to be announced later.

Instructor-in-Charge