Embed Size (px)
Citation preview
CSCD 434Spring 2011
Lecture 1 Course Overview
Contact Information
• InstructorCarol Taylor315 CEB Phone: 509-359-6908E-mail: [email protected]
• Office Hours:M, W 1-2 and F 10-11 am or other times I
am in my office
Course Information
• Course number: CSCD 434 Network Security
• Course Web Pagehttp://penguin.ewu.edu/cscd434
Overview
• Today’s Topics• What is network security and how
does it fit within EWU curriculum?• Network Security fits within the
broader topic of general security• Some expectations• Learning Objectives for this course• Pre-test of network security
Network Security Defined
• Network Security – How would you define it?– Protection of networks and their services
from unauthorized modification, destruction, or disclosure
– Study of both attack and defense techniques that affect the network
Our Curriculum
• CSCD 330 – Network programming– Basic networking course with an emphasis
on programming
• CSCD 433/533 – Advanced Networking– More depth, cover network principles,
design – Cover other protocols, real-time, QOS– Some programming
Our Curriculum
• CSCD 434 Network Security– Computer networks focus of both threats
and defense. – Begin with coverage of Attacks and
Attackers• What they typically do to gain access to
computers on a network• Examine different phases of an attack• Learn tools and techniques attackers use–Try some out in the lab
• Try to answer, Why attack?
Our Curriculum
• CSCD434 continued …– Talk about Defense Mechanisms
against attackers• Detection/Prevention – Network
security policies• Authentication, users and machines• Firewalls and Intrusion Detection• Use of Cryptography as network
defense–Whats its real value?–Where it works and where it doesn’t
work
General Computer Security
• How do you define computer security?– Application of hardware, firmware and
software security to a computer system in order to protect against, or prevent, unauthorized disclosure, manipulation, and deletion of information or denial of service
– Protection from all measures to deny unauthorized access and exploitation of computer systems
General Computer Security• Where does network security fit within a
security curriculum?– Introductory Security class, CSCD303• Basics of computer security, code and
hardware vulnerabilities, OS protection mechanisms, cryptography based protection, authentication
– Cryptography• Algorithms and math that define
cryptography
General Computer Security• CSCD496 - Computer or Digital Forensics
• Capture data related to proof of electronic crimes• Recoverability of data from both host and
network
• CSCD437 - Secure Coding taught by Tom Capul
• Learn how to avoid software vulnerabilities • Attacks that can take advantage of code
vulnerabilities and how to create more secure programs
Network and General Security
Overlap of Topics
General SecurityNetwork
Security
Cryptography
Forensics
Secure Coding
Pre-requisite Knowledge
• Pre-requisites – Network course • Should know basic TCP/IP networks
– Knowledge of programming such as C, C++ or Java
• We will review some networking concepts– Point you to some supplemental
material on TCP/IP Networks to fill in the gaps
Student Learning Objectives
• By end of this course you should– Understand threats to computer
systems through network– Understand and be able to set up
defense mechanisms used to counteract threats
– Understand role of cryptography in network defense
– Know how to continue learning about network security beyond this class• Certifications, Journals, Web Sites
Expectations for You• Come to Class– Listen, learn and ask lots of questions
• Download lecture notes • Do reading if assigned – There will be some outside reading!!!!
• Want in-class participation • Group exercises in class• Labs
Expectations for You
• Produce a project • Programming or experiment• Short write up of results• Presentation of your resultsOr
• Create a research paper• Survey paper
Conclusion• Interesting class, increase everyone’s
knowledge of network security• Topic is challenging
• Broad and changes constantly
• Nothing really difficult, but is a large topic
• Naturally interdisciplinary –Extends beyond the technical• Social and people-related issues • Policy and laws• We will cover some of this
The End
• This week no Lab• Next Time– General Security Overview
