CS 5950/6030: Network Security - Fall 2005

Department of Computer Science

Western Michigan University


Instructor:           Dr. Leszek (LEH-shek) Lilien

                             CEAS B-249, phone: 276-3116

                             Email: llilien@cs.wmich.edu – please use for urgent matters only


1)   Only e-mail coming from a WMU account (ending with “wmich.edu” will be read).

2)   Files submitted as attachments will not be read unless they are scanned with up-to-date anti-viral software, and the message including them contains the following statement:

      I have scanned the enclosed file(s) with <name of software, its version>, which was last updated on <date>.


Office Hours:      MW 4:30 PM -5:30 PM         F  1:30 PM – 2:30 PM


Classes:               CEAS C0141, M W F 3:00 PM – 3:50 PM


Class Web Pages:


Announcements (last updated on Oct. 21)

Class Slides :



All class slides and notes authored by Leszek T. Lilien (not indicated as authored by others) are

© 2005-2006 by Leszek T. Lilien.

Requests to use original slides for non-profit purposes will be gladly granted upon a written request (email requests included).



1)     8/31/05, W – Syllabus

Section 1. Introduction to Security: Examples-Security in Practice; What is “Security”?; Pillars of Security: C-I-A…

2)     9/2/05, F …cont-Pillars of Security: C-I-A; Vulnerabilities, Threats, and Controls…

3)     9/7/05, W …cont-Vulnerabilities, Threats, and Controls; Attackers; How to React to an Exploit?; Methods of Defense…

4)     9/9/05, F – …cont-Methods of Defense; Principles of Computer Security

Section 2. Introduction to Cryptology: Threats to Messages; Basic Terminology and Notation; Requirements for Crypto Protocols;

5)     9/12/05, M Basic Terminology and Notation; Representing Characters; Basic Types of Ciphers (Substitution ciphers: Caesar, other)…

6)     9/14/05, W …cont-Basic Types of Ciphers (cont-Substitution ciphers: other, one-time pads; Transposition ciphers; Product ciphers); Making Good Ciphers (Criteria)…

7)     9/16/05, F …cont-Making Good Ciphers (Stream and block ciphers, Cryptanalysis, Symmetric and asymmetric cryptosystems)…

8)     9/19/05, M …cont-Making Good Ciphers (cont-Symmetric and asymmetric cryptosystems); The DES Algorithm; The Clipper Story; The AES Algorithm…

9)     9/21/05, W  … cont-The AES Algorithm; Public Key Encryption (incl. RSA); The Uses of Encryption (Crypto hash functions)…

10)   9/23/05, F …cont- The Uses of Encryption (cont-Crypto hash functions, Key exchange, Digital signatures, Certificates)…

11)   9/26/05, M …cont- The Uses of Encryption (cont-Certificates)…

12)   9/28/05, W …cont-  The Uses of Encryption (cont-Certificates)

Section 3. Program Security:  Secure Programs – Defining and Testing; Nonmalicious Program Errors (Buffer overflows)…

13)   9/30/05, F …cont-Nonmalicious Program Errors (cont-Buffer overflows, Incomplete mediation, Time-to-check to time-to-use errors, Combinations of nonmalicious program flaws); Malicious Code (General purpose malicious code incl. viruses [intro, kinds of malicious code, how viruses work])…

14)   10/3/05, M …cont-Malicious Code (cont-General purpose malicious code incl. viruses [cont-how viruses work, virus signatures, preventing virus infections, seven truths about viruses, case studies, virus removal and system recovery after infection], Targeted malicious code [trapdoors]) …

15)   10/5/05, W …cont-Malicious Code (cont-Targeted malicious code [salami attack, covert channels])

16)   10/7/05, F Controls for Security (Introduction, Developmental controls for security)

17)   10/10/05, M – Project Information 1 (PDF) --

18)   10/12/05, W cont-Controls for Security (cont-Developmental controls for security, OS controls for security, Administrative controls for security, Conclusions)

Section 4. Protection in General-Purpose OSs: 4.1. Protected Objects, Methods, and Levels of Protection – a. History of protection in OSs; b. Protected objects in OSs; c. Security methods in OSs; d. Levels of protection in OSs; e. Three dimensions of protection in OSs; …

19)    10/14/05, F …cont-f. Granularity of data protection /// 4.2. Memory and Address Protection – a. Fence; b. Relocation; c. Base/Bounds Registers; d. Tagged Architecture; e.Segmentation; f. Paging; g. Combined Paging with Segmentation

Project Information 2 (PDF) –

20)    10/17/05, M /// 4.3. Control of Access to General Objects – a. Introduction to access control for general objects; b. Directory-like mechanism for access control; c. Access control lists; d. Access control matrices; e. Capabilities for access control; e. Procedure-oriented access control /// 4.4. File Protection Mechanisms – a. Basic forms of protection; b. Single file permissions; c. Per-object and per-user protection

21)    10/19/05, W /// 4.5. User Authentication – a. Introduction; b. Use of passwords; c. Attacks on passwords (Try all possible, Try many probable, Try likely passwords, Search system list of pwds—PART 1; …



*** NOTE: Midterm scheduled for F, 10/28 ***



22)    10/21/05, F cont.-…, Search system list of pwds—PART 2,  Find pwds by exploiting indiscreet users); d. Passwords selection criteria; e. One-time passwords (challenge-response systems); f. The authentication process; g. Authentication other than passwords; h. Conclusions

         Midterm Topics (PDF) –

23)    10/24/05, M  [SKIPPING FOR NOW: 5. Designing Trusted OSs  and 6. Database Security]

Section 7. Security in Networks: 7.1. Network Concepts – a. Introduction; b. The network; c. Media; d. Protocols—PART 1 (ISO OSI)



*** NOTE: Section 4.5 (User Authentication) will not be covered by the Midterm ***



24)    10/26/05, W  cont.-d. Protocols—PART 2 (TCP/IP, UDP, network addressing schemes for LAN and WAN); e. Types of networks; f. Topologies; g. Distributed systems; h. APIs; i. Advantages of computing networks

25)    10/28/05, F — Midterm:  Midterm v1. Master (PDF);    Midterm v.2 Master (PDF)

26)    10/31/05, M  /// 7.2. Threats in Networks – a. Introduction; b. Network vulnerabilities; c. Who attacks networks?; d. Threat precursors; e. Threats in transit: eavesdropping and wiretapping;

27)    11/2/05, W  f. Protocol flaws; g. Types of attacks (Impersonation; Spoofing; Message confidentiality threats; Message integrity threats; Web site attacks; …

28)    11/4/05, F cont.- Denial of service; Distributed denial of service; Threats to active or mobile code—PART 1; ...

29)    11/7/05, M cont.-Threats to active or mobile code—PART 2; Scripted and complex attacks); h. Summary of network vulnerabilities /// 7.3. Networks Security Controls – a. Introduction; b. Security threat analysis; c. Impact of network architecture/design and implementation on security—PART 1; ...

30)    11/9/05, W cont.- c. Impact of network architecture/design and implementation on security—PART 2; d. Encryption (Link encryption vs. end-to-end {e2e} encryption; Virtual private network {VPN}; PKI and certificates—PART 1, ...

31)    11/11/05, F cont.- PKI and certificates—PART 2; SSH protocol; SSL protocol {a.k.a. TLS protocol}; IPsec protocol suite—PART 1; ...

32)    11/14/05, M cont.- IPsec protocol suite—PART 2; Signed code; Encrypted e-mail); e. Message content integrity controls; f. Strong authentication (One-time passwords; Challenge-response systems; Digital distributed authentication; Kerberos)

         Project Information 3: Presentation and Report Guidelines (PDF) –

33)    11/16/05, W cont.- g. Access controls (ACLs on routers; Firewalls); h. Intrusion Detection Systems: alarms and alerts; i. Honeypots; j. Traffic flow security; k. Review of network security controls



*** REQUEST ***   I am looking for a Project group (preferably, one of  the groups with presentations scheduled for W, 11/30/05, i.e., P2, P3, P4, P6, and P7) that would volunteer to present their project on M, 11/28/05.  (This would give us a bit of a slack time in a very tight schedule on 11/30.)



         ADDENDUM TO Project Information 3: Presentation and Report Guidelines 

34)    11/18/05, F  /// 7.4. Network Security Tools –– 7.4.1. Firewalls – a. Introduction; b. What is a firewall; c. Firewall design; d. Types of firewalls (Packet filters {simple packet filters, stateful packet filters}; Application proxies {incl. guides}; Personal firewalls); e. Comparison of firewall types; f. Example firewall configurations; g. What firewalls can—and can’t—block)



Spring 2006 — CS 5950/6030: Computer Security and Information Assurance

If your friends are interested in taking a course on Computer Security, please direct them to the web page for CS 5950/6030Computer Security and Information Assurance course that I will teach in Spring 2006. The link is: http://www.cs.wmich.edu/~llilien/teaching/spring2006/cs5950-6030/index.html. Please note the course will be so similar to this course that nobody who took this course is allowed to register for my Spring 2006 course.

I hope to teach a graduate-level course on selected  Computer Security and Privacy topics in Fall 2006.



35)    11/21/05, F  –– 7.4.2. Intrusion Detection Systems – a. Introduction; b. Types of IDSs (Signature-based IDSs; Anomaly-based IDSs; Other IDSs); c. Goals for IDSs; d. IDS strengths and limitations –– 7.4.3. Secure E-Mail – a. Introduction; b. Security for e-mail; c. Design of PEM (Privacy-enhanced Electronic Mail); e. Example secure e-mail systems (PGP; S/MIME)

36)    11/28/05, M  ––

Section 8. Legal, Privacy, and Ethical Issues in Computer Security: 8.1. Basic Legal Issues – a.  Protecting Programs and Data; b. Information and the Law; c. Ownership Rights of Employees and Employers; d. Software Failures ///  8.2.            Computer Crime /// 8.3.                      Privacy /// 8.4. Ethics – a. Introduction to Ethics; b. Case Studies of Ethics; c. Codes of Professional Ethics

In-class project presentation.

37)    11/30/05, W  ––

In-class project presentations.

38)    12/2/05, F  ––

In-class project presentations.