Overview
CS 598MCC is a graduate course covering advanced topics in network security. Its goals are:
- To gain a deep understanding of the underlying algorithms,
operational challenges, and systems that make up modern networks, as
well as challenges and solutions in securing their function.
- To understand how to engage in networking and security research.
- To investigate novel ideas in network security through a semester-long research project.
Every
aspect of our society, from business and financial transactions,
education and research, medicine, to power grid and other societal
infrastructures, is tightly coupled with the functioning of the
Internet and its constituent networks. Unfortunately, the power of a
single individual to cause harm to computer networks is enormous, and
accelerating, with network attacks becoming commonplace, network crime
comprising a $100 billion industry, and with entire governments funding
cyberwarfare. A battle between good and evil is brewing, the likes of
which we have never seen, and it is unclear who is going to win in the
end.
This class will teach advanced underlying principles of
building secure and trustworthy computer networks. This course will
provide a deep understanding of how modern networks are designed, their
weak points, and both traditional and future approaches to make them
resilient. Students will undertake a research project, with the goal of
publishing in a top conference. Lecture topics will include:
- Physical
network security. How to build mechanically resilient networks,
including advanced overview of modern copper, wireless, and optical
media technologies and laying techniques, and mechanisms to make them
resilient to wiretapping, crosstalk, jamming, disasters, wildlife, and
nature.
- Router mechanisms for security. Algorithms used within
router, switch, and intrusion detection system designs to scan,
forward, classify, and analyze packets. Forwarding and lookup
architectures, matching algorithms, scheduling algorithms, pattern
matching algorithms, and how they are used in practice.
- Data
center and enterprise network security. How to build resilient LANs,
including advanced overview of modern LAN technologies (trunking,
autoconfiguration, encapsulation, firewalls and ACLs, addressing,
broadcast failover, and lookup) and components, as well as attacks and
countermeasures.
- ISP network security. How core Internet
routing works, including relevant routing and redistribution protocols,
BGP policy configuration and policy routing, intra- vs inter-domain
routing, route reflection, traffic engineering. How to defensively
configure your network. Designing robust network topologies: commonly
used topologies, and topology optimization algorithms.
- The big
picture. Environmental and physical plant security, Internet law,
governmental regulation and standards bodies, philosophical foundations
and ethics.
- Hot topics in network security. Security of
software-defined networks, cyberwarfare and military network security,
security of big data, Internet security architectures, network
verification, malware, and more.
- Lecture time: TTh 12:30 - 1:45
- Location: 1109 SC