CS494: Network Security

Spring 2019


Instructor: Jason Polakis, polakis [at] uic [dot] edu
Lectures: Tuesday and Thursday. 2pm - 3:15pm in Lecture Center A5
Office Hours: Thursday 3:30 - 4:30 in SEO 1239
TA Office Hours: Thursday 11 - 12 in SEO 118


Overview

As most modern software (including mobile apps and web services) relies on some form of network communication, obtaining a fundamental understanding of the security risks present in network communications is valuable for students across all areas of computer science. This course will cover the principles and practice of network security. We will provide an introduction to basic security principles, an overview of cryptographic foundations, followed by a discussion of network security applications. Given the ubiquitous nature of network communications in modern computing, we will cover a wide range of systems and applications, and the security threats that arise.


Prerequisites

CS450 (introduction to networking, or equivalent) is required as a pre-requisite or co-requisite, or instructor consent.


Class Participation

Class participation is strongly encouraged, as we will have reading assignments. We will be using iClickers for our classroom response system. These can be purchased at the bookstore or online. Older versions are fine, though you may not use a computer/tablet/phone version because of latency issues.


Grading

Grades will be determined as follows (subject to change):

  • Programming assignments: 40%
  • Reading assignments for class: 20%
  • Exams: 40%

TOPICS COVERED (tentative)

  • Principles of Communication Security (symmetric and public-key cryptography, hash functions etc.)
  • Network Security Infrastructure (DNSSEC, S-BGP, PKI etc)
  • Protocol Security (IP-SEC, SSH)
  • Wireless Security
  • Network Security Applications
    • E-mail security (PGP, S/MIME)
    • Cloud Security
    • TLS
  • Firewalls
  • Network Intrusion Detection
  • Distributed Denial of service (DDoS)
  • Botnets
  • Honeypots

Course Policies

Electronic Communication Policy

All electronic communication should take place on Piazza unless emails are specifically requested by the instructor. The instructor may, from time to time, respond to emails, but a response to one email does not guarantee a response to a second. Use Piazza!

Attendance Policy

Class attendance is strongly encouraged, as participation constitutes a considerable portion of the grade.

Collaboration Policy

Collaboration is not allowed unless mentioned explicitly in an assignment. Unauthorized collaboration is academic misconduct and will be treated as such.

Late Policy

You can submit a maximum of one assignment late (up to a week after their original due date) without penalty, but you must notify the TA using the late homework notification form. If you are going to use your late submission, you must use this form before the assignment is originally due. Extra credit will not be awarded for early turnins. Zero credit will be given in any of the following cases:

  • No assignment submitted.
  • An assignment submitted after the due date, without notifying the TA before hand.
  • An assignment submitted after the due date, after you’ve used your late submission.
  • An assignment submitted more than one week after the original due date.

Academic Integrity Policy

As an academic community, UIC is committed to providing an environment in which research, learning, and scholarship can flourish and in which all endeavors are guided by academic and professional integrity. All members of the campus community–students, staff, faculty, and administrators–share the responsibility of insuring that these standards are upheld so that such an environment exists. Instances of academic misconduct by students will be handled pursuant to the Student Disciplinary Policy.

The following are examples of academic misconduct.

  • Claiming someone else’s work as your own.
  • Searching for existing solutions to assignments.
  • Falsifying program output.
  • Sharing code or solutions with anyone other than the TA or instructor.
Consulting with your classmates on assignments is encouraged, except where noted. However, turn-ins are individual, and copying code from your classmates or other sources is considered plagiarism. For example, given the question “how did you do X?”, a great response would be “I used function Y, with W as the second argument. I tried Z first, but it doesn’t work.” An inappropriate response would be “here is my code, look for yourself.” You should never look at someone else's code, or show someone else your code.

To avoid suspicion of plagiarism, you must specify your sources together with all turned-in materials. List classmates you discussed your homework with and webpages from which you got inspiration. Plagiarism and cheating, as in copying the work of others, paying others to do your work, etc, is obviously prohibited, and will be reported. We will be running MOSS, an automated plagiarism detection tool, on all submissions.

There are consequences to cheating on two levels - the consequences for your grade, and the consequences at the university level. Within class, the first time cheating on a programming assignment or problem set will result in a 0 on the assignment. A second time on a programming assignment, or first time on an exam will result in failing the class. Cheating in a written exam will also result in failing the class. All academic integrity violations will be reported to the dean of students.


Religious Holidays

Students who wish to observe their religious holidays shall notify the faculty member by the tenth day of the semester of the date when they will be absent unless the religious holiday is observed on or before the tenth day of the semester. In such cases, the student shall notify the faculty member at least five days in advance of the date when he/she will be absent. The faculty member shall make every reasonable effort to honor the request, not penalize the student for missing the class, and if an examination or project is due during the absence, give the student an exam or assignment equivalent to the one completed by those students in attendance. If the student feels aggrieved, he/she may request remedy through the campus grievance procedure.


Academic Deadlines

See the academic calendar.


Grievance Procedures

UIC is committed to the most fundamental principles of academic freedom, equality of opportunity, and human dignity involving students and employees. Freedom from discrimination is a foundation for all decision making at UIC. Students are encouraged to study the University's Nondiscrimination Statement. Students are also urged to read the document Public Formal Grievance Procedures. Information on these policies and procedures is available on the University web pages of the Office of Access and Equality.


Course Evaluation

Because student ratings of instructors and courses provide very important feedback to instructors and are also used by administrators in evaluating instructors, it is extremely important for students to complete confidential course evaluations online known as the Campus Program for Student Evaluation of Teaching evaluation. You will receive an email from the Office of Faculty Affairs inviting you to complete your course evaluations and will receive an email confirmation when you have completed each one.

For more information, please refer to the UIC Course Evaluation Handbook.

Results for the “six core questions” will be published on the UIC course evaluation website.
 

Last Modified: December 2019