COSC555 - Network Security (Fall 2010)
Georgetown University
Prof. Micah Sherr

Course Description

This course introduces students to Internet security. Students will learn about current threats and defenses by examining case-studies, seminal research papers, and monographs in a wide range of security areas. Topics covered include cryptography, network design fundamentals, authentication, confidentiality protocols, worms, botnets, denial-of-service attacks, firewalls, intrusion detection systems, secure routing, network privacy and anonymity, spam, web security, network eavesdropping, social engineering, and computer crime.

Jump to course syllabus/schedule.

Who, What, and Where

Instructor: Prof. Micah Sherr
Email: click here
Office: St. Mary's Hall, Room 337
Office Hours: Thursday from 4pm until 5pm, and by appointment

Classes are held every Monday and Wednesday from 4:15pm until 5:30pm in Reiss 264.


This introductory course will impart a broad understanding of the underpinnings of security techniques, security best practices, and computer security research. The course should help students to understand the mindsets of attackers (the bad guys and gals who do malicious things on the network) and system designers and defenders (the good guys and gals who try to stop the attackers). The course should prepare students to understand and assess security threats, become familiar with security engineering best practices, and write better software, protocols, and systems. Finally, the course will require students to not only understand network security research, but also actively engage in it.

Textbook and Other Readings

The required textbook for this class is Network Security: Private Communication in a Public World (2nd Edition) by Charlie Kaufman, Radia Perlman, and Mike Speciner.

Other useful (but not required) books include:

A major goal of this graduate-level class is to familiarize students with academic computer security research. Students will read several seminal research papers throughout the semester. Reading assignments are listed below and should be completed before the class that covers the material.

Important: Before each class, students should email short (as in, at most 3 sentences) answers to the following questions to
  • "What problem does this paper address?"
  • "What is the contribution of this work?"
  • "What are the shortcomings of the proposed approach?" Or, alternatively, "How could the paper be improved?"
  • "Was this a good paper to assign?"

Answers will be graded on a {✓+, ✓, ✓-, 0} basis.

Course Resources / Listserv

Students should take advantage of two critical course resources.

Most importantly, students should regularly attend class. Not only is attendance mandatory (and a significant part of the students' grades), classroom discussion will hone in on the particular subject matter that I think is most important (and consequently, significantly more likely to appear on exams).

Second, we will make extensive use of the class listserv. (The listserv address will be posted after the first class.) Students are expected to read every post to the listserv and to contribute to the discussion. Be prepared to receive a lot of email -- in my previous classes, several thousand listserv messages were posted in a single semester.

Q: What's the point of the listserv?
A: I'm glad you asked. If you don't understand something that was said in class, or have a question about some part of the homework assignment or some material in the textbook, it's safe to assume that a handful of other students are also confused. The listserv has several purposes. (1) It tells you that other people in the class are similarly confused about a particular topic; (2) it enables all students to learn both from the question and the answer; (3) it spawns interesting discussions; and (4) it lets me gauge what topics need better clarification and instruction.

Q: Can't I just email the Prof?
A: Of course you can, but if others can learn from the answer, you're strongly encouraged to post your question to the listserv. (In fact, you may be asked to do so.)

Q: What types of questions/answers can I post to the listserv?
A: Students are encouraged to post any questions (and answers!!) to the listserv, so long as they do not give away the solution to an assignment. General questions, conceptual questions, and clarifications are strongly encouraged. For example:
    What are the causes of a "Segmentation fault"?

    Are code exploits specific to a particular operating system?

    What is the meaning of *ptr++?
are acceptable.

Q: What types of questions/answers should I not post to the listserv?
A: Do not give away solutions to assignments. Do not start flamewars and do be respectful of others. For example:
    Why doesn't the following code work?
    [followed by 500 lines of C code]

    Is "42" an acceptable answer to homework question 5?

    Billy, your a morron.  Stop asking stupid questions and
    wasting everyone's time.
are not acceptable.

Grading and Other Class Policies
Homeworks 15%
Exam 1 12.5%
Exam 2 12.5%
Course Project 25%
Final Exam 20%
Participation* 15%

* Participation includes more than just attendance (although attendance is a must). Students should contribute to classroom and listserv discussions. Answers to reading questions are factored into the participation grade.

Other miscellaneous (but hopefully not arbitrary) policies:
  • Please turn off cell phones during class.
  • I will do my best to respond to emails within 24 hours. Please also consider posting your questions to the class listserv.
  • Assignments are due before class on the posted date. There is a 25% penalty for up to 24 hours after the deadline. After that, the assignment will be graded as a zero.
  • No make-up exams will be permitted.
  • Students may appeal to the instructor for reconsideration of a grade, but the appeal must be in writing (i.e., email), and must be sent within 3 weeks (or the close of the semester, whichever is sooner) of receiving the graded assignment.
  • Behave civilly: don't be late for class; don't read newspapers/blogs/etc. during class; don't solve Sudoku puzzles during class; don't struggle with crossword puzzles during class; respect others' opinions, even if they are clearly wrong.
  • Adhere to good scientific principles and practices, and uphold the Georgetown Honor System.

A Note about Academic (Dis)Honesty

Please do not cheat. Dealing with cheating is by far the worst part of a professor's responsibilities, and it's one that I'd greatly like to avoid. If you are caught cheating, you will be referred to the Honor Council, without exception. It doesn't matter if you plagiarized one part of one answer in a homework assignment or outsourced your entire semester project to Telling me that I'm ruining your future/career/life will make me feel wicked bad, but won't stop me from referring you to the Honor Council.

The following -- taken from the Graduate Bulletin -- is a partial list of the things you cannot do: plagiarism; unacknowledged paraphrase; cheating, fabrication of data; fabrication, alteration, or misrepresentation of academic records; facilitating academic dishonesty; unauthorized collaboration; misuse of otherwise valid academic work; misuse of academic resources; depriving others of equal access to academic resources.

Please see the Georgetown Graduate Bulletin for all the nasty things that will happen to you if you are caught cheating.

Bottom Line: If you are unsure whether or not something is permissible, ask me beforehand.


New: The description of the course project is now available.

Students must participate in a novel research project. Projects that merely implement existing protocols or that attempt to solve problems that have existing, well-understood, and widely-accepted solutions will not be accepted. The topic and scope of the project must be approved by the instructor, and the project itself will be graded based on its novelty, student effort, technical depth and correctness, and the clarity of the project presentation (to occur on the penultimate class). The output of the project should be a workshop-length paper that addresses a novel network security research topic. Students may work in groups, so long as the scope of the project is proportional to the size of the group. All students in a group will receive the same grade.

Syllabus and Schedule

Slide handouts will be distributed at the beginning of class, and posted to this web page shortly after class.

Lec# Date Description Readings Notes
1 Sept 1 Course introduction, a security case study
[slides.pdf] [slides.pdf/4]
"Why Cryptosystems Fail" by Ross Anderson

Book chapter 2
- Sept 6 Labor Day - no class
2 Sept 8 Secret key cryptography, hashes, message integrity and authenticity
[slides.pdf] [slides.pdf/4]
Book chapters 3 and 4, skip 3.4 HW1 assigned (due Sept. 27 before class)

Project assigned (due Dec. 1)
3 Sept 13 Public key cryptography
[slides.pdf] [slides.pdf/4]
Book chapter 6

"A Method of Obtaining Digital Signatures and Public-Key Cryptosystems" by Rivest, Shamir, and Adleman
4 Sept 15 Key Agreement and Public key infrastructure
[slides.pdf] [slides.pdf/4]
"Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure" by Ellison and Schneier
5 Sept 20 Authentication protocols
[slides.pdf] [slides.pdf/4]
"Designing an Authentication System: A Dialogue in Four Scenes" by Bryant and Ts'o
Attacks I
6 Sept 22 Gaining (unauthorized) access
[slides.pdf] [slides.pdf/4]
"Smashing the Stack for Fun and Profit" by Aleph One

"The Internet Worm Program: An Analysis" by Eugene Spafford
HW2 assigned (due Oct 13th before class)
Research Methods
7 Sept 27 Research Methods
[slides.pdf] [slides.pdf/4]
"Reflections on Trusting Trust" by Ken Thompson HW1 due before class
Network Fundamentals
8 Sept 29 Overview of internetworking
[slides.pdf] [slides.pdf/4]
"End-to-end Arguments in System Design" by Saltzer, Reed, and Clark

Book section 1.5
- Oct 4 Exam 1
9 Oct 6 Network (un)security
[slides.pdf] [slides.pdf/4]
"Security Problems in the TCP/IP Protocol Suite" by Steven Bellovin
- Oct 11 Columbus Day - no class
10 Oct 13 DNS
[slides.pdf] [slides.pdf/4]
Dan Kaminsky BlackHat 2009 talk HW2 due before class

Research Plan due at 10pm

HW3 assigned (due Nov 1 before class)
Confidential Communication
11 Oct 18 Confidentiality protocols
[slides.pdf] [slides.pdf/4]
Book chapter 19
12 Oct 20 IPsec and Virtual private networking
[slides.pdf] [slides.pdf/4]
13 Oct 25 Hiding messages in plain sight
[slides.pdf] [slides.pdf/4]
"Chaffing and Winnowing" by Ron Rivest
14 Oct 27 Information leakage and timing channels
[slides.pdf] [slides.pdf/4]
"Remote Timing Attacks are Practical" by Brumley and Boneh

"Keyboards and Covert Channels" by Shah, Molina, and Blaze
Attacks II
15 Nov 1 Worms, Botnets, and Denial-of-Service
[slides.pdf] [slides.pdf/4]
"How to 0wn the Internet in Your Spare Time" by Staniford, Paxson, and Weaver

"Your Botnet is My Botnet: Analysis of a Botnet Takeover" by Stone-Gross et al.
HW3 due before class

Related Work due at 10pm
- Nov 3 No class Attend talk by Abdur Chowdhury (CSO of Twitter) HW4 assigned (due Nov 24 before class)
- Nov 8 Exam 2
16 Nov 10 Spam
[slides.pdf] [slides.pdf/4]
"Spamalytics: An Empirical Analysis of Spam Marketing Conversion" by Kanich et al.
17 Nov 15 Firewalls and Intrusion Detection
[slides.pdf] [slides.pdf/4]
"A Quantitative Study of Firewall Configuration Errors" by Avisai Wool
Privacy and Anonymity
18 Nov 17 Anonymity
[slides.pdf] [slides.pdf/4]
"Tor: The Second-Generation Onion Router" by Dingledine, Mathewson, and Syverson
19 Nov 22 Wiretapping
[slides.pdf] [slides.pdf/4]
"Signaling Vulnerabilities in Wiretapping Systems" by Sherr, Cronin, Clark, and Blaze
Web Security
20 Nov 22 SQL injection attacks, cross-site scripting, and drive-by downloads
[slides.pdf] [slides.pdf/4]
"The Essence of Command Injection Attacks in Web Applications" by Su and Wassermann
21 Nov 29 Safe practices
[slides.pdf] [slides.pdf/4]
"Secure Web Browsing with the OP Web Browser" by Grief, Tang, and King HW4 due before class
Crime and Mischief
22 Dec 1 Social engineering
[slides.pdf] [slides.pdf/4]
"Social Engineering Fundamentals, Part I: Hacker Tactics" by Sarah Granger Final Project Report due at 10pm
- Dec 6 Project presentations
- Dec 6 Course/final review Be prepared with questions!
- Dec 15
Course final Location: ICC 210A



This page was last modified on 12/6/10 08:51am