This unit aims to provide students with an advanced knowledge of network security. Topics to be covered include the design and implementation of some important public key systems: RSA and Elliptic Curve algorithms; concepts of quantum cryptography; quantum computing and cryptography; wireless computing and cryptography; design, implementation and configuration of firewalls in depth; design, implementation and configuration of intrusion detection systems; prevention systems; advanced network security architectures; advanced wireless security: principle and practice; security in trusted-based computing environments.
Objectives
At the completion of of this unit students will:
Understand the design and implementation of advanced cryptographic algorithms for wired and wireless computing environments.
Achieve sound knowledge of network security components including the design, implementation, and configuration of
Firewalls,
Intrusion Detection Systems (static and dynamic checking of programs, anomaly detection, large-scale (Internet-wide) distributed intrusion detection, early sensing, complex attack scenario analysis, and automated response.),
Prevention Systems,
Firewalls, IDSs, VPNs and prevention systems together.
Develop knowledge of advanced network security architectures to allow better network protection, load balancing and recovery from attacks.
Achieve sound knowledge of wireless network security.
Understand security in trusted-based computing environments.
Practical Skills
Gain experience of efficient implementation of public key cryptography for wired and wireless environments
Gain experience of design, implementation, and configurations of different type of firewalls
Gain experience of configurations of Snort intrusion detection system
Gain experience of applying digital signatures in prevention systems on Linux and Windows
Become familiar with network security architectures and network security components
Gain experience of how firewalls and IDSs work together
Practically find the vulnerabilities in your computer system
Relationships, Communication and TeamWork
Experience the need of cooperative security management
Work effectively in group to achieve a system implementation
Prerequisites
Before attempting this unit you must have satisfactorily completed CPE5002Network Security or equivalent.
Unit relationships
CPE5021 is an elective unit in the MNC degree.
Texts and software
Required text(s)
N/A
Textbook availability
There is no specific textbook for this unit.
Software requirements
Linux OS, Squid, Snore IDS, PGP/GPG, Java. The software is available at the lab.
Hardware requirements
Network cables and removable hard-drives are provided at the lab.
Recommended reading
Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security - Private Communication in a Public World, 2nd Edition, Prentice Hall, 2002. ISBN 0-13-046019-2.
William Stallings, Cryptography and Network Security: Principles and Practices, Prentice-Hall, 2000. ISBN 0-13-016093-8.
Michael Howard and David LeBlanc, Writing Secure Code, Microsoft Press, 2002. ISBN 0-7356-1588-8.
Greg Holden, Guide to Firewalls and Network Security Intrusion Detection and VPNs, Thomson, ISBN: 0-619-13039-3.
Robert L. Ziegler, Linux Firewalls, New Riders, ASIN: 0735709009.
Greg Holden, Guide to Network Defense and Counter Measures, Thomson, ISBN: 0-619-13124-1.
Jack Kozoil, Intrusion Detection with Snort, SAMS, 157870281x.
Stephen Nortcutt, Network Intrusion Detection System: A analyst?s Handbook, Que, ASIN: 0735708681.
Adam Engst and Glenn Fleishman, The wireless Networking Starter Kit, Peachpit Press, ISBN: 0321174089.
Cyrus Peikari, Seth Fogie, Maximum Wireless Security, SAMS, ISBN: 0672324881.
Library access
You may need to access the Monash library either personally to be able to satisfactorily complete the subject. Be sure to obtain a copy of the Library Guide, and if necessary, the instructions for remote access from the library website.
Study resources
Study resources for CPE5021 are:
lecture slides, weekly tutorial requirements, assignment specifications will be posted on the unit webpage.
Design, implementation and configuration of firewalls
5
Strengthening and Managing Firewalls
6
Intrusion Detection Systems: Concepts, Design, and Implementation
7
Wireless Security: Principles and Practices
8
Security, Load Balancing and Network Performance
9
Advanced Wireless Security
10
Security, Load Balancing and Network Performance
Non teaching week
11
Network Security and Quantum Theory
12
Reading in Network Security
13
Research Discussion
Timetable
The timetable for on-campus classes for this unit can be viewed in Allocate+
Assessment
Assessment weighting
The assessment methods in this subject are by: two individual assignments worth 40% of the total subject assessment, lab works (exercises and group assignments) worth 40%, and theoretical test worth 20%. Attending lab sessions is compulsory.
Assessment Policy
To pass this unit you must:
All works except the theoretical test will be interviewed. All the assessments are based on how much students understand their woks. If a student can't demonstrate her/his understanding of the work. The student will get the lowest mark: ZERO.
Your score for the unit will be calculated by:
Individual assignments (2), 25% each.
Group assignments (2), 20 % each.
Test 20%.
Assessment Requirements
Assessment
Due Date
Weighting
Individual Assignment 1
week 10
20%
Individual Assignment 2
week 10
20 %
Group Assignment 1
week 8
20 %
Group Assignment 2
week 10
20 %
Theoretical Test
week 13
20 %
Assignment specifications will be made available Download them from the unit webpage.
Assignment Submission
Group-assignments will have to be submitted on the due dates during the labs.
Individual assignments will have to be submitted on by 5:00PM on the due date at H.656.
Extensions and late submissions
Late submission of assignments
Late submission will get a deduction of 10% per day and the assignments will not be marked if they are submitted later than 4 days.
This policy is strict because comments or guidance will be given on assignments as they are returned, and sample solutions may also be published and distributed, after assignment marking or with the returned assignment.
Extensions
It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions.
No extension will be provided except for serious illness with medical certificates.
Grading of assessment
Assignments, and the unit, will be marked and allocated a grade according to the following scale:
Grade
Percentage/description
HD High Distinction -
very high levels of achievement, demonstrated knowledge and understanding, skills in application and high standards of work encompassing all aspects of the tasks.
In the 80+% range of marks for the assignment.
D Distinction -
high levels of achievement, but not of the same standards. May have a weakness in one particular aspect, or overall standards may not be quite as high.
In the 70-79% range.
C Credit -
sound pass displaying good knowledge or application skills, but some weaknesses in the quality, range or demonstration of understanding.
In the 60-69% range.
P Pass
acceptable standard, showing an adequate basic knowledge, understanding or skills, but with definite limitations on the extent of such understanding or application. Some parts may be incomplete.
In the 50-59% range.
N Not satisfactory
failure to meet the basic requirements of the assessment.
Below 50%.
Assignment return
We will aim to have assignment results made available to you within two weeks after assignment receipt. However, it depends on the number of students enroled in the unit.
Feedback
Feedback to you
You will receive feedback on your work and progress in this unit. This feedback may be provided through your participation in tutorials and class discussions, as well as through your assignment submissions. It may come in the form of individual advice, marks and comments, or it may be provided as comment or reflection targeted at the group. It may be provided through personal interactions, such as interviews and on-line forums, or through other mechanisms such as on-line self-tests and publication of grade distributions.
Feedback from you
You will be asked to provide feedback to the Faculty through a Unit Evaluation survey at the end of the semester. You may also be asked to complete surveys to help teaching staff improve the unit and unit delivery. Your input to such surveys is very important to the faculty and the teaching staff in maintaining relevant and high quality learning experiences for our students.
And if you are having problems
It is essential that you take action immediately if you realise that you have a problem with your study. The semester is short, so we can help you best if you let us know as soon as problems arise. Regardless of whether the problem is related directly to your progress in the unit, if it is likely to interfere with your progress you should discuss it with your lecturer or a Community Service counsellor as soon as possible.
Plagiarism and cheating
Plagiarism and cheating are regarded as very serious offences. In cases where cheating has been confirmed, students have been severely penalised, from losing all marks for an assignment, to facing disciplinary action at the Faculty level. While we would wish that all our students adhere to sound ethical conduct and honesty, I will ask you to acquaint yourself with Student Rights and Responsibilities and the Faculty regulations that apply to students detected cheating as these will be applied in all detected cases.
In this University, cheating means seeking to obtain an unfair advantage in any examination or any other written or practical work to be submitted or completed by a student for assessment. It includes the use, or attempted use, of any means to gain an unfair advantage for any assessable work in the unit, where the means is contrary to the instructions for such work.
When you submit an individual assessment item, such as a program, a report, an essay, assignment or other piece of work, under your name you are understood to be stating that this is your own work. If a submission is identical with, or similar to, someone else's work, an assumption of cheating may arise. If you are planning on working with another student, it is acceptable to undertake research together, and discuss problems, but it is not acceptable to jointly develop or share solutions unless this is specified by your lecturer.
Intentionally providing students with your solutions to assignments is classified as "assisting to cheat" and students who do this may be subject to disciplinary action. You should take reasonable care that your solution is not accidentally or deliberately obtained by other students. For example, do not leave copies of your work in progress on the hard drives of shared computers, and do not show your work to other students. If you believe this may have happened, please be sure to contact your lecturer as soon as possible.
Cheating also includes taking into an examination any material contrary to the regulations, including any bilingual dictionary, whether or not with the intention of using it to obtain an advantage.
Plagiarism involves the false representation of another person's ideas, or findings, as your own by either copying material or paraphrasing without citing sources. It is both professional and ethical to reference clearly the ideas and information that you have used from another writer. If the source is not identified, then you have plagiarised work of the other author. Plagiarism is a form of dishonesty that is insulting to the reader and grossly unfair to your student colleagues.
Communication
Communication methods
Labs are compulsory and students can discuss with the tutors at the lab. There is 2-hour consultation with the lecturer every week and students can discuss issues with the lecturer at the consultation time. Email is a better communication than phone and the lecturer will ONLY answer emails with sensible questions.
Notices
Notices related to the unit during the semester will be placed on the unit webpage.
Consultation Times
TBA at the first lecture and it will be posted on the unit webpage.
If direct communication with your unit adviser/lecturer or tutor outside of consultation periods is needed you may contact the lecturer and/or tutors at:
Dr Phu Le Lecturer, and Visiting Peninsula Staff Phone +61 3 990 44229 +61 3 990 32747 Fax +61 3 990 55157
All email communication to you from your lecturer will occur through your Monash student email address. Please ensure that you read it regularly, or forward your email to your main address. Also check that your contact information registered with the University is up to date in My.Monash.
Additional information
IMPORTANT INFORMATION
This unit is for students who want to study further in security. There is some research work. It is a difficult unit and students should think twice before they decide to continue doing this unit.
