Embed Size (px)
Citation preview
CSCD 434Network Security
Spring 2014
Lecture 1 Course Overview
Contact Information
• InstructorCarol Taylor315 CEB Phone: 509-359-6908E-mail: [email protected]
Office hours: M, W, F 1 – 2 pm
• Course TimeMon, Wed 2 – 4:30 pmRoom: CEB 227 Lecture and CEB 342 Lab
Course Information
• Course number: CSCD 434 Network Security
• Course Web Pagehttp://penguin.ewu.edu/cscd434
Overview
• Today’s Topics• What is network security and how
does it fit within EWU curriculum?• Network Security fits within the
broader topic of general security• Some expectations• Learning Objectives for this course• Pre-test of network security
Network Security Defined
• Network Security – How would you define it?– Protection of networks and their services
from unauthorized modification, destruction, or disclosure– Study of both attack and defense
techniques that affect the network
Our Curriculum
• CSCD 330 – Network programming– Basic networking course with an emphasis
on programming
• CSCD 433/533 – Advanced Networking–More depth, cover network principles,
design – Cover other protocols, real-time, QOS– Some programming
Our Curriculum
• CSCD 434 Network Security– Computer networks focus of both threats and
defense. – Begin with coverage of Attacks and
Attackers• What they typically do to gain access to
computers on a network• Examine different phases of an attack• Learn tools and techniques attackers use– Try some out in the lab
• Try to answer, Why attack?
Our Curriculum
• CSCD434 continued …– Talk about Defense Mechanisms against
attackers• Detection/Prevention – Network security
policies• Authentication, users and machines• Firewalls and Intrusion Detection• Use of Cryptography as network defense–Whats its real value?–Where it works and where it doesn’t
work
General Computer Security
• How do you define computer security?– Application of hardware, firmware and
software security• To a computer system in order to
protect against, or prevent,• Unauthorized disclosure,• Manipulation, and deletion of
information or• Denial of service
General Computer Security• Where does network security fit within a
security curriculum?– Introductory Security class, CSCD303• Basics of computer security, code and
hardware vulnerabilities, OS protection mechanisms, cryptography based protection, authentication
– Cryptography• Algorithms and math that define
cryptography
General Computer Security• CSCD496 - Computer or Digital Forensics
• Capture data related to proof of electronic crimes• Recoverability of data from both host and
network
• CSCD437 - Secure Coding taught by Tom Capul
• Learn how to avoid software vulnerabilities • Attacks that can take advantage of code
vulnerabilities and how to create more secure programs
Network and General Security
Overlap of Topics
General SecurityNetwork
Security
Cryptography
Forensics
Secure Coding
Pre-requisite Knowledge
• Pre-requisites – Network course • Should know basic TCP/IP networks
– Knowledge of programming such as C, C++, C# or Java, Python or Pearl
• We will review some networking concepts– Point you to some supplemental
material on TCP/IP Networks to fill in the gaps
Student Learning Objectives
• By end of this course you should– Understand threats to computer
systems through network– Understand and be able to set up
defense mechanisms used to counteract threats– Understand role of cryptography in
network defense– Know how to continue learning about
network security beyond this class• Certifications, Journals, Web Sites
Expectations for You• Come to Class– Listen, learn and ask lots of questions
• Download lecture notes • Do reading if assigned – There will be outside reading!!!!
• Want in-class participation • There will be group exercises in class• Labs
Expectations for You
• Produce a project • Programming or experiment• Short write up of results• Presentation of your resultsOr
• Create a research paper• Survey paper• And do a presentation of a topic
Project or Program
• This will be a substantial part of your grade
• And, you can become a group too– Groups need to outline who is doing
which job–Work should reflect greater effort from a
group
Conclusion• Interesting class, increase everyone’s
knowledge of network security• Topic is challenging
• Broad and changes constantly• Nothing really difficult, but is a large topic
• Naturally interdisciplinary – Extends beyond the technical• Social and people-related issues • Policy and laws• We will cover some of this
The End
• This week no Lab• Next Time– General Security Overview
