CPSC 526/626: Network Systems Security (Winter 2020)

Announcements | General Information | Exercises | Assignments | Tutorials | Lectures


Announcements


General information

Instructor: Joel Reardon, ICT 642, e-mail joel.reardon [at] ucalgary [dot] ca
Lectures: TR 12:30--13:45, Room: ST 145
Office hours: TR 14:15--15:15 Room: ICT 642
Syllabus: [CPSC 526]
Syllabus: [CPSC 626]
Midterm 1: February 27th, 2020 in class. Will cover certificates and all earlier topics. review question
Online lectures:here




Assignments

assignment due date
Assignment 1 Feb 11th
Assignment 2 Mar 3rd
Assignment 3 Apr 1st
Assignment 4 Apr 14th



Tutorials

num day time place tutor
T01 TR 14:00--14:50 MS 239 Edward Rochester
T02 TR 16:00--16:50 MS 239 Edward Rochester
T03 MW 13:00--13:50 MS 239 Behnam Ousat
T04 MW 11:00--11:50 MS 239 Behnam Ousat

Date Topic Handout
2020-01-20 intro C socket programming
2020-01-22 intro Threat models
2020-01-30 crypto Crypto
2020-02-02 crypto Cipher
2020-02-12 crypto Hash
2020-02-24 review
2020-02-26 authentication Authentication Graph
2020-03-02 certificates Certificates
2020-03-04 marking
2020-03-11 network TLS and TCP


Lecture Content

Note: readings marked with an asterix should be considered optional. The rest are requiredhighly recommended

Lectures are available here.

Lecture Date Topic Readings
Jan 14 and 16 Introduction[text][slides] [PVO] chapter 1; [KPS*] chapter 1; [beej] chapters 1-7
Jan 21 and 23 and 28 Cryptography[text][slides] [PVO] 2.1--2.4; [PVO*] 4.8; [KPS*] chapter 2, 3.1, 3.2, 4.1, 4.2, 4.3, 6.1, 6.2, 6.4, 6.5
Jan 28 and Jan 30 Hash Functions[text][slides] [PVO] 2.5, 2.6; [KPS*] 5.1, 5.2, 5.7
Jan 30 and Feb 4 Authentication[text][slides] [PVO] 3.1--3.4; [KPS*] chapter 9.1, 9.2, 9.3, 10; [weir*]
Feb 6 and Feb 11 Kerberos[text][slides] [PVO] 4.1--4.4; 4.7; [KPS*] 11.4, 11.5, chapter 13; [kerb] all scenes
Feb 11 and 13 Certificates[text][slides] [PVO] 8.1--8.5; [KPS*] 9.7.2, 9.7.3
Feb 25 TLS[text][slides] [PVO] 9.2; [KPS*] chapter 19; [strip]
Feb 25 and Mar 3rd Network Stack[text][slides] [KPS*] 16.1
Mar 5th Denial of Service[text][slides] [PVO] 11.4; [KPS*] 23.6
Mar 5th and Mar 10 TCP Attacks[text][slides] [PVO] 11.6; [du*] chapter 13
Mar 10 DNS and DNSSec[text][slides] [PVO] 11.5; [kam], [kamdns]
ARP[text][slides] [PVO] 11.5
Firewalls[text][slides] [PVO] 10.1, 10.2; [KPS*] chapter 23 intro and 23.1
IDS[text][slides]
Web Security[text][slides] [PVO] 9.1, 9.3, 9.4
XSRF[text][slides] [PVO] 9.5; [schreiber]
XSS[text][slides] [PVO] 9.6; [postcards]
Code Injection[text][slides] [PVO] 9.7; [sql*]
Clickjacking[text][slides] [huang]

References

[PVO] Computer Security and the Internet Paul Van Oorschot 2020, Springer
[KPS] Network Security Charlie Kaufman, Radia Perlman, Mike Speciner (second edition) 2002, Prentice Hall.
[beej] Beej's Guide to Network Programming
[kerb] Designing an Authentication System: a Dialogue in Four Scenes
[weir] Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords
[kam] It’s The End Of The Cache As We Know It
[strip] New Tricks For Defeating SSL In Practice
[du] Chapter 13 Attacks on the TCP Protocol
[kamdns] An Illustrated Guide to the Kaminsky DNS Vulnerability
[huang] Clickjacking: Attacks and Defenses
[schreiber] Session Riding
[postcards] Postcards from the post-XSS world
[sql] Advanced SQL Injection In SQL Server Applications


Last updated: