Network Security (ISA 656) Fall 2013

Instructor: Damon McCoy (mccoy(at)
Time: Tuesday 4:30 pm - 7:10 pm
Room: Art and Design Building L008
Office Hours: Tuesday 2:00 pm - 4:00 pm also by appointment
Office: 5328 Engineering Building

Teaching Assistant: Changwei Liu (Coco) cliu6 at
Office Hours: Thursday 4 - 6pm
Office: 4456 Engineering Building

Course Website:
Course Forum: piazza We will be using piazza for discussions on current security topics, and if you have a question this is the best place to ask it. We will check the page regularly and other students will be able to help as well.

Course Description:

GMU catalog: This course is an in-depth introduction to the theory and practice of Network Security. It assumes basic knowledge of cryptography and its applications in modern network protocols. The course studies firewalls architectures and virtual private networks and provides deep coverage of widely used network security protocols such as SSL, TLS, SSH, Kerberos, IPSec, IKE, and LDAP. It covers countermeasures to distributed denial of service attacks, security of routing protocols and the Domain Name System, Email security and spam countermeasures, wireless security, multicast security and trust negotiation.

This course will present current attacks and and defenses against networked computers. As a growing number of everyday things not typically thought as computer gain computational ability and in turn are connected to networks traditional security methods, such as locks and physical security mechanisms are no longer sufficient to protect them. This course will delve into the concepts and tools defenders have at their disposal and which threats they can mitigate.


ISA 562 and CS 555; or permission of instructor. There will be substantial programming involved in the assignments, and students should be familiar with programming in C, Java or another language.


Midterm: 20% (Open book)
Labs: 15% (There will 3 in class labs)
Assignments: 15% (There will be 3 written assignments)
Projects: 20% (There will be 2 programming projects)
Final Project: 25% (You will work in groups of 2-3 on a class project in network security with a writeup/presentation due at the end)
Class/Forum Participation: 5%

Assignments received later that day lose 5%, the next day 20%, two days late 40%, after that no credit will be given. Please email or come and talk with me if you cannot turn in an assignment on time for some unforeseeable reason.

Required Materials:

Text Book:

Kaufman, Perlman, and Speciner. Network Security: Private Communication in a Public World, Second Edition, Prentice Hall PTR, 2002, ISBN 0130460192. (Required).

There will also be on-line news articles and research publications that will be required reading before some of the lectures.


Lectures (tentative)

The topic and list of required readings are below.

week and date Book Topic and Required Reading
week 1, Aug 27nd Course Overview and Introduction to Network Security [slides and HW 1 on blackboard]
week 2, Sep 3rd Chapter 23 Firewalls

Chapman, "Network (In)Security Through IP Packet Filtering"
week 3, Sep 10th Intrusion Detection Systems
Lab in ENGR 1505: IDS/Network Sniffers Download VM for lab1
HW 1 Due before class
week 4, Sep 17th Chapters 4,5,6 Cryptography Review

Anderson, Why Cryptosystems Fail
Lab 1 Due before class
week 5, Sep 24th Chapters 9.1-2, 10, 11.1-2, 12.2,13,14 Authentication Methods
Project 1 Milestone #1 Due before class
week 6, Oct 1st Chapters 15,19 SSL, TLS, SSH
Homework 2 Due before class
week 7, Oct 8th Chapters 17,18 Virtual Private Networks (IPsec/IKE)
DNS Security
Project 1 Due on Oct. 11th at 11:59pm
week 8, Oct 15th No Class
week 9, Oct 22th DDoS Attacks and Mitigation
Lab:Firewalls/Network Scanners
week 10, Oct 29th Chapters 20,25 Email Security
Midterm Review
week 11, Nov 5th Midterm
week 12, Nov 12th Malware

The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond, DHS, SRI, APWG Report, October 2006
THE PARTNERKA . WHAT IS IT, AND WHY SHOULD YOU CARE?, Dmitry Samosseiko, SophosLabs tech report 2009
The Underground Economy of Spam: A Botmaster.s Perspective of Coordinating Large-Scale Spam Campaigns, Brett Stone-Gross, Thorsten Holzz, Gianluca Stringhinix, and Giovanni Vigna, LEET 2011
Measuring Pay-per-Install: The Commoditization of Malware Distribution, Juan Caballero, Chris Grier, Christian Kreibich, Vern Paxson, Usenix Security 2011
week 13, Nov 19th Wireless Security
week 14, Nov 26th Web Security
week 15, Dec 3rd Privacy/Anonymity
Lab:SQL Injection Attacks
Final Dec 10th 4:30-7:15 Final Project Presentations

Honor Code:

Please read and adhere to the University's Academic Honesty Page, GMU Honor Code, CS Department Honor Code

Disability Statement:

If you have a documented learning disability or other condition that may affect academic performance you should:
1) Make sure this documentation is on file with the Office of Disability Services.
All academic accommodations must be arranged through the ODS.
2) Talk with me to discuss your accommodation needs.

Other Usefull Resources:

Writing Center: A114 Robinson Hall; (703) 993-1200;
University Libraries: .Ask a Librarian.
Counseling and Phychological Services (CAPS): (703) 993-2380;
University Policies: The University Catalog,, is the central resource for university policies affecting student, faculty, and staff conduct in university affairs.