IST 451:  Network Security (tentative)

Instructor Information

 

Name

Sencun Zhu 

Email

szhu(AT)cse.psu.edu

Telephone

814-865-0995

Office

IST 338F

Office Hours

(T) 2:30-4:30pm

 

 

TA and LA Information

Name

(TA) Yufei Jiang, (LA) Liz Learn

Email

yzj107@ist.psu.edu

Office Hours

Tuesday 4-5pm, IST 321D

Meeting Times/Locations  

Class: T, R,  11:15am - 12:30pm / IST 206.

Course Webpage

http://www.cse.psu.edu/~szhu/teach/IST451/

Prerequisite:   

IST 220,SRA 221

Course materials:   

Textbook:

-- William Stallings,  Lawrie Brown, Computer Security: Principles and Practice, 2e Prentice Hall,

References:

-- Slides and papers

 

Overview

IST 451 focuses on network and information security. Students will learn fundamentals of computer security, formal models of security, aspects of information systems security such as access control, hacks/attacks, systems and programs security, intrusion detection, cryptography, networks and distributed systems security, worms, and viruses, and other Internet secure applications. Students will develop the skills necessary to formulate and address the security needs of enterprise and personal environments. 

A detailed list of a lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.

 

Course Objective

Upon completion of the course, the students will be able to:
  • Develop an understanding of network security, distributed systems, and representative applications. 
  • Gain familiarity with prevalent network and distributed system attacks, defenses against them, and forensics to investigate the aftermath. 
  • Develop a basic understanding of cryptography, how it has evolved, and some key encryption techniques used today. 
  • Develop an understanding of security policies (such as authentication, integrity and confidentiality) as well as protocols to implement such policies in the form of message exchanges. 

Grading (subject to change)

The course will be graded on exams, a course project, and class participation in the following proportions:
  • 25% Mid-term exam (closed book)
  • 25% Final exam  (closed book)
  • 16% Four hands-on projects (5% each)
  • 9% One  term paper
  • 20% Five homework assignments (4% each)
  • 5% - -3pts   Class Participation, students may lose up to additional 3% when missing 80% class.
  • Grading Policy

A: 92 above,  A-: 88-92,   B+: 84-87,   B: 80-83,  B-: 75-79, C+: 70-74, C: 65-69  D: 60-64  F: below 60

Exams and Assignments
  • Homework: Homework should be submitted in hard copy only.
  • Exams: There will be NO make-up examinations unless an official excuse (document) is submitted and pre-approved by the instructor. The exams are NOT accumulative.
  • Projects: Each project includes a report. The submission of each report has a due day (see the course calendar). Email submissions will NOT be accepted. They will be discarded when received. 
  • Late Policy: Starting right after the required submission date of any homework or project report, 10% of the grade will be deducted per day up to four days. NO points will be given to submissions more than four days late. A documented chronic condition which could affect this policy must be immediately brought to the attention of the instructor. 
  • Attendance: Attendance of students to all classes is required. 5% of the total grade will be based on attendance and the level of participation. 
  • Readings: Some sections in the textbook and additional papers will be assigned as reading materials. Students are expected to read the materials that will be discussed in the class before the class meeting.

Ethics Statement

This course includes topics involving personal and public privacy and security. We will cover technologies whose abuse may infringe on the rights of others. Especially, the hands-on labs may contain practical techniques for launching security attacks, although we will practice them in our isolated lab. Note that our purpose is to know the attacks and defend against them. Any abuse of such technology is at your own risk and responsibility. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.

When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor Sencun Zhu.

 

AMERICANS WITH DISABILITIES ACT: 

 

IST welcomes persons with disabilities to all of its classes, programs, and events. If you need accommodations, or have questions about access to buildings where IST activities are held, please contact us in advance of your participation or visit. If you need assistance during a class, program, or event, please contact the member of our staff or faculty in charge. Access to IST courses should be arranged by contacting the Office of Human Resources, 332 Information Sciences and Technology Building, (814) 865-8949.