CPSC 526/626: Network Systems Security (Fall 2018)

Announcements | General Information | Discussions | Exercises | Assignments | Tutorials | Lectures


Announcements


General information

Instructor: Joel Reardon, ICT 642, e-mail joel.reardon [at] ucalgary [dot] ca
Lectures: TR 14:00--15:15, Room: ICT 121
Office hours: TR 15:30--16:30 Room: ICT 642
Syllabus: [CPSC 526]
Syllabus: [CPSC 626]
TA Edward Rochester's course webpage is here


Exam Review Materials

Midterm multiple choice and true/false answers here.

Final exam practice questions here.

Final exam network-layout practice questions here.



Assignments

assignment due date
Assignment 1 October 4th 16:00 [solutions]
Assignment 2 October 30th 16:00
Assignment 3 November 20th 16:00
Assignment 4 December 4th 16:00



Tutorials

num day time place tutor
T01 MW 11:00--11:50 MS 239 Sogand Sadrhaghighi
T02 TR 10:00--10:50 MS 239 Sogand Sadrhaghighi
T03 TR 12:00--12:50 MS 239 Edward Rochester
T04 MW 10:00--10:50 MS 239 Edward Rochester

Date Topic Handout
sept 10/11 C network programming homework
sept 12/13 Threat modelling discussion
sept 17/18 Frequency Analysis homework
sept 19/20 Randomness and Block Cipher Modes discussion
sept 24/25 (continuation)
sept 26/27 (work on assignment 1)
oct 1/2 (work on assignment 1)
oct 3/4 Hash Functions and Authentication discussion
oct 9 Open tutorials / TA office hours
oct 10/11 Certificates discussion
oct 10/11 Ticket granting measurements homework
oct 15 Open tutoral / TA office hours
oct 16 No tutorials
oct 17/18 continue ticket granting measurements
oct 24/25 certificates homework
nov 1/2 networks attacks discussion
nov 7/8 DNS attacks discussion
nov 19/20 (work on assignment 3)
nov 21/22 XSRF discussion
nov 26/27 SOP homework
nov 28/28 XSS and Code injection discussion
dec 3/4 ARP poisoning homework
dec 5/6 (wrap-up and catch-up)


Lecture Content

Lecture Date Topic Readings
Sep 6 and 11 Introduction [KPS] chapter 1; [beej] chapters 1-7
Sept 11, 13, and 18 Cryptography [KPS] chapter 2, 3.1, 3.2, 4.1, 4.2, 4.3, 6.1, 6.2, 6.4, 6.5
Sept 20 and 25 Hash Functions [KPS] 5.1, 5.2, 5.7
Sept 27 Authentication [KPS] chapter 9.1, 9.2, 9.3, 10; [weir]
Oct 2 and 4 Kerberos [KPS] 11.4, 11.5, chapter 13; [kerb] all scenes
Oct 9 and 16 Certificates [KPS] 9.7.2, 9.7.3
October 16 and 18 TLS [KPS] chapter 19; [strip]
October 18 and 23 Network Stack [KPS] 16.1
October 23 Denial of Service [KPS] 23.6
October 23 and 25 TCP Attacks [du] chapter 13
October 25 and 30, Nov 1 DNS and DNSSec [kam], [kamdns]
November 1 ARP
November 1 and 6 Firewalls [KPS] chapter 23 intro and 23.1
November 6 and 8 Web Security
November 8 and 20 XSRF [schreiber]
November 20 XSS [postcards]
Novemeber 27 Code Injection [sql]
Novemeber 27 and 29 Clickjacking [huang]

Extra material not on exam

Intrusion detection

References

[KPS] Network Security Charlie Kaufman, Radia Perlman, Mike Speciner (second edition) 2002, Prentice Hall.
[beej] Beej's Guide to Network Programming
[kerb] Designing an Authentication System: a Dialogue in Four Scenes
[weir] Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords
[kam] It’s The End Of The Cache As We Know It
[strip] New Tricks For Defeating SSL In Practice
[du] Chapter 13 Attacks on the TCP Protocol
[kamdns] An Illustrated Guide to the Kaminsky DNS Vulnerability
[huang] Clickjacking: Attacks and Defenses
[schreiber] Session Riding
[postcards] Postcards from the post-XSS world
[sql] Advanced SQL Injection In SQL Server Applications


Last updated: