[an error occurred while processing this directive] [an error occurred while processing this directive]
[an error occurred while processing this directive]
[an error occurred while processing this directive]

FIT5044 Network security - Semester 1, 2013

This unit aims to provide students with fundamental knowledge of network and information security. Topics to be covered include network components and services, network computer systems and security policy, security at different system layers, basic cryptography and information security, information security and communications, intrusion detection system, malicious code and detection and prevention systems, authentication systems, and wireless security.

Mode of Delivery

Caulfield (Day)

Contact Hours

2 hrs lectures/wk, 2 hrs laboratories/wk

Workload requirements

Students will be expected to spend a total of 12 hours per week during semester on this unit as follows:

  • two-hour lecture and
  • two-hour tutorial (or laboratory) (requiring advance preparation)
  • a minimum of 2-3 hours of personal study per one hour of contact time in order to satisfy the reading and assignment expectations.
  • You will need to allocate up to 8 hours per week in several weeks, for use of a computer, including time for group and individual assignments.

Unit Relationships

Prohibitions

CPE5002, CSE5210

Chief Examiner

Campus Lecturer

Caulfield

Phu Dung Le

Consultation hours: Thursday 3pm - 5pm

Tutors

Caulfield

Phu Dung Le

Consultation hours: Thursday 3pm - 5pm

Guy T.

Consultation hours: TBA

Stan Chen

Consultation hours: TBA

Academic Overview

Learning Outcomes

At the completion of this unit students will have -A knowledge and understanding of:
  • the fundamentals of Network Security issues including possible vulnerabilities in a computer system, software and hardware applications;
  • basic symmetric and asymmetric cryptography including symmetric and asymmetric crypto systems such as DES, RSA, RC4;
  • authentication systems;
  • computer malicious codes such as viruses, logic bombs, etc;
  • security design at different levels of OSI model, IPSec, SSL, and security at application layer;
  • firewalls and detection and prevention systems.

Unit Schedule

Week Activities Assessment
0   No formal assessment or activities are undertaken in week 0
1 Introduction to computer system security  
2 Information and Network Security  
3 Cryptography for Information and Network Security (two lectures: 3 & 4)  
4 Cryptography for Information and Network Security (continued)  
5 Introduction to Firewalls  
6 Security at the IP level : IPSec design and implementation  
7 Security at the Transport Layer: SSL and TLS design and implementation Assessment task 1 due 4pm Friday
8 Security at the Application Layer: Email security and Web security  
9 Introduction to Authentication Systems Assessment task 2 due 4pm Friday
10 Introduction to Wireless Security  
11 Introduction to Large System Security  
12 Informal test in the lecture Test during lecture
  SWOT VAC No formal assessment is undertaken in SWOT VAC. Assessment task 3 due 4pm Monday Week 14
  Examination period LINK to Assessment Policy: http://policy.monash.edu.au/policy-bank/
academic/education/assessment/
assessment-in-coursework-policy.html

*Unit Schedule details will be maintained and communicated to you via your learning system.

Assessment Summary

Assignments: 80%; Theoretical test: 20%

Assessment Task Value Due Date
Secure your computer system with private key, public key, hash functions and digital certificates 20% 4pm Friday Week 7
Set up and configure firewalls 25% 4pm Friday Week 9
Identify system vulnerabilities, demonstrate your attacks, and propose solutions to mitigate the attacks. 35% 4pm Monday Week 14
Test 20% Week 12 during lecture

Teaching Approach

Lecture and tutorials or problem classes
This teaching and learning approach provides facilitated learning, practical exploration and peer learning.

Assessment Requirements

Assessment Policy

Faculty Policy - Unit Assessment Hurdles (http://www.infotech.monash.edu.au/resources/staff/edgov/policies/assessment-examinations/unit-assessment-hurdles.html)

Academic Integrity - Please see the Demystifying Citing and Referencing tutorial at http://lib.monash.edu/tutorials/citing/

Assessment Tasks

Participation

IMPORTANT: You must read the assignment specs carefully and follow the instructions. The Unit Guide can only provide you general information.

The lecturer will not explain everything and students are expected to research the answers to some questions on their own. Some students may struggle with the assignments and lab exercises. If you are finding the unit difficult you must seek help as soon as possible or decide whether to choose another unit.

  • Assessment task 1
    Title:
    Secure your computer system with private key, public key, hash functions and digital certificates
    Description:
    You are required to learn the GPG/PGP package and implement a security policy to protect your network communications, stored data, and secure email messages and documents.

    You will need to be able to answer the following questions:

    1. How to generate private and public keys

    2. How to protect your private key and public key

    3. How to protect your signature

    4. How to secure messages exchanged between you and your friends

    5. How RSA was practically implemented in the package

    6. How secure RSA is in practice

    7. Compare RSA and other public key theories
    Weighting:
    20%
    Criteria for assessment:

    You need to be able to understand the theory and demonstrate your practical work to your tutor. If you fail to understand what you have done you will get Zero for the assignment.

    If you can demonstrate your practical work but do not completely understand the theory, you will get a Pass at the maximum.

    If you can demonstrate your practical work but understand 25% of the theory, you will get a Credit as the maximum. 

    If you can demonstrate your practical work and understand 50% of the theory, you will get a Distinction as the maximum. 

    If you can demonstrate your practical work and understand the theory well, you will get a High Distinction. 

    Due date:
    4pm Friday Week 7
  • Assessment task 2
    Title:
    Set up and configure firewalls
    Description:
    You are required to set up, configure, and test your firewall using IPTABLES. You need to do the research and readings to be able to complete this assignment.

    Check your system services such as Web service, email service, ftp service, telnet, and ssh service to make sure they are installed and run.

    Then configure your firewall to:

    1. reject all ftp packets from external networks, but still allow internal ftp.

    2. allow ssh remote connections but deny telnet.

    3. deny ping.

    4. reject all traffic coming to port 21 and 80.

    5. reject all traffic coming to all UDP ports

    6. block all email coming in and out of your network. Internal email is allowed.

    7. block all traffic from two particular networks. You can pick any two networks you like and.

    8. allow traffic coming to port 80 but reject traffic coming out through port 80.

    Describe in detail how you test 1., 2., 3., 4., 5., 6., and 7. with real practical tests and/or with your gathered information from reliable sources.

    Discuss the advantages and disadvantages of firewalls with iptables.
    Weighting:
    25%
    Criteria for assessment:

    You need to be able to understand the theory and demonstrate your practical work to your tutor. If you fail to understand what you have done you will get Zero for the assignment.

    If you can demonstrate your practical work but do not completely understand the theory, you will get a Pass at the maximum.

    If you can demonstrate your practical work but understand 25% of the theory, you will get a Credit as the maximum. 

    If you can demonstrate your practical work and understand 50% of the theory, you will get a Distinction as the maximum. 

    If you can demonstrate your practical work and understand the theory well, you will get a High Distinction. 

    Due date:
    4pm Friday Week 9
  • Assessment task 3
    Title:
    Identify system vulnerabilities, demonstrate your attacks, and propose solutions to mitigate the attacks.
    Description:
    1. You are required to find at least three main vulnerabilities on either Windows or Unix systems, old or new, patched or un-patched.

    2. Once you have identified the vulnerabilities, you need to work out how possible attacks can be launched by exploiting those vulnerabilities.

    3. You are then required to demonstrate the possible attacks on your own system.

    4. Propose solutions to mitigate those attacks.
    Weighting:
    35%
    Criteria for assessment:

    If you complete 1. correctly, you will get maximum 10%.

    You will get 15% for 2. and 3. if you successfully complete 1. and explain correctly how attacks can be launched with demonstrations.

    10% will be given to good solutions to 4. (mitigate the attacks).

    Due date:
    4pm Monday Week 14
  • Assessment task 4
    Title:
    Test
    Description:
    The test will evaluate your understanding of the materials covered in the lectures and tutorials.

    It is an open book and consists multiple choice and short answer questions.
    Weighting:
    20%
    Criteria for assessment:

    Correct answers to questions (demonstrating good understanding of the learning material)

    Due date:
    Week 12 during lecture

Learning resources

Reading list

  • Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security - Private Communication in a Public World, 2nd Edition, Prentice Hall, 2002. ISBN 0-13-046019-2.
  • William Stallings, Cryptography and Network Security: Principles and Practices, Prentice-Hall, 2000. ISBN 0-13-016093-8.
  • Robert L. Ziegler, Linux Firewalls, New Riders, ASIN: 0735709009.
  • Greg Holden, Guide to Network Defense and Counter Measures, Thomson, ISBN: 0-619-13124-1.
  • Practical Unix Security, O'Reilly & Associate, Inc, Simson Garfinkle and Gene Spafford, ISBN: 0-937175-72-2.
  • Jack Kozoil, Intrusion Detection with Snort, SAMS, 157870281x.
  • Stephen Nortcutt, Network Intrusion Detection System: A analyst?s Handbook, Que, ASIN: 0735708681.
  • Adam Engst and Glenn Fleishman, The wireless Networking Starter Kit, Peachpit Press, ISBN: 0321174089.
  • Cyrus Peikari, Seth Fogie, Maximum Wireless Security, SAMS, ISBN: 0672324881.

Monash Library Unit Reading List
http://readinglists.lib.monash.edu/index.html

Feedback to you

Types of feedback you can expect to receive in this unit are:
  • Graded assignments with comments
  • Interviews

Extensions and penalties

Returning assignments

Assignment submission

It is a University requirement (http://www.policy.monash.edu/policy-bank/academic/education/conduct/plagiarism-procedures.html) for students to submit an assignment coversheet for each assessment item. Faculty Assignment coversheets can be found at http://www.infotech.monash.edu.au/resources/student/forms/. Please check with your Lecturer on the submission method for your assignment coversheet (e.g. attach a file to the online assignment submission, hand-in a hard copy, or use an online quiz).

Online submission

If Electronic Submission has been approved for your unit, please submit your work via the learning system for this unit, which you can access via links in the my.monash portal.

Required Resources

Please check with your lecturer before purchasing any Required Resources. Limited copies of prescribed texts are available for you to borrow in the library, and prescribed software is available in student labs.

Linux OS

Other Information

Policies

Graduate Attributes Policy

Student services

Monash University Library

Disability Liaison Unit

Students who have a disability or medical condition are welcome to contact the Disability Liaison Unit to discuss academic support services. Disability Liaison Officers (DLOs) visit all Victorian campuses on a regular basis.

Your feedback to Us

Previous Student Evaluations of this Unit

Based on student feedback most students like the assignments and lab exercises in this unit.

If you wish to view how previous students rated this unit, please go to
https://emuapps.monash.edu.au/unitevaluations/index.jsp

[an error occurred while processing this directive]