NETWORKS, SYSTEMS AND WEB SECURITY

CSE5NSW

2015

Credit points: 15

Subject outline

This subject begins with an overview of the Open Systems Interconnection (OSI) architecture and security attacks on system services, and a discussion of different existing security mechanisms. The main focus includes cryptography, system security, network and web security. The students learn: (1) cryptographic algorithms and protocols, underlying network security applications including symmetric-key and public-key encryption methods, hash functions, digital signatures and key exchange; (2) intrusion detection systems and firewalls that can be used to protect a computer system from security threats, such as intruders, viruses, and worm; (3) the use of cryptographic algorithms and security protocols for providing network and internet security in terms of user authentcaiton/identification, IP security and Web security. Students will also learn advanced information security through research papers, including mathematical cryptoanalysis on symmetric-key and public-key encryption algorithms.

SchoolSchool Engineering&Mathematical Sciences

Credit points15

Subject Co-ordinatorSomnath Ghosh

Available to Study Abroad StudentsYes

Subject year levelYear Level 5 - Masters

Exchange StudentsYes

Subject particulars

Subject rules

Prerequisites CSE2NEF or CSE5NEF And Enrolment in one of the following courses: SMIT, SMITCN, SMICT, SMCSC, SMBBS, SGBBS, SGCS, SGIT, or SMTNE.

Co-requisitesN/A

Incompatible subjects CSE3NSW AND Students in the following courses are not permitted to enrol: SBCS, SBIT, SBCSGT, SVCSE, SZCSC, SBITP and SBBIY.

Equivalent subjectsN/A

Special conditionsN/A

Graduate capabilities & intended learning outcomes

01. Apply the methodologies in regard to system-level security issues, including the threat of and counter-measures for intruders and viruses, and the use of firewalls and trusted systems.

Activities:
Two (1-hour) lectures on the topics of security attacks, security serivces and the OSI model. Two lectures on intrusion detection and malicious software. Two lectures on firewalls and tursted systems. Four (1-hour) associated tutorial sessions where students are given short and application problem statements and they are required to apply the technologies learned in class in relation to the problem statements.

02. Describe cryptographic algorithms (including the mathematical aspects) and protocols underlying network security applications, including encryption, hash functions, digital signatures, and key exchange.

Activities:
Three lectures on conventioanl (single-key) encryption. 1.5 lectures on message confidentiality. Three lectures on public-key cryptography. 1.5 lectures on message authenticaiton. Two associated tutorial sessions for each of the topics: Single-key Encryption, Hash Functions, Digital Signatures, and Key Exchange. In each topic students will be given short and application problem statements for discussions. In addition students are required to complete cryptoanalysis exercises.

03. Identify techniques for analysing security and privacy issues by using important network security tools and applications, including Kerberos, PGP, and IPSec, SSL/TLS.

Activities:
Three lectures on authentication applications and Kerberos. Three lectures on X.509 and PGP. Three lectures on IP security and web security. Two associated tutorial sessions for each of the topics: Kerberos, PGP, IPSec, and SSL/TLS. In each topic students will be given short and application problem statements for discussions.

04. Identify possible risks and ethical and social considerations relevant to information privacy and security issues.

Activities:
Two tutorial sessions discuss ethical and social issues in relation to information security using two ethical case studies (Case #3 and #16) from the Australian Computer Society

Subject options

Select to view your study options…

Start date between: and    Key dates

Melbourne, 2015, Semester 2, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Enrolment information

Subject Instance Co-ordinatorSomnath Ghosh

Class requirements

Lecture Week: 31 - 43
Two 1.0 hours lecture per week on weekdays during the day from week 31 to week 43 and delivered via face-to-face.

Practical Week: 31 - 43
One 2.0 hours practical per week on weekdays during the day from week 31 to week 43 and delivered via face-to-face.

Assessments

Assessment elementComments% ILO*
Weekly problem solving workshopsThe weekly workshops aim to engage students and encourage them to participate in learning activities on a regular basis.10 01, 02, 03, 04
Programming assignmentThe programming assignment will require the students to implement a simple cryptographic/crypto-analysis algorithm studied in the first half of the semester. It will be a small programming task requiring design and testing of a program not longer than 300 lines in the commonly used programming languages (C/C++/Java) in the Department.10 02, 03
Exam (3 hours)Hurdle requirement: in order to pass the subject, students must obtain an overall pass grade in the first instance, and obtain at least 50% in both the examination and the aggregated internal assessment components (weekly problem solving workshops, programming assignment and mid-semester test).60 01, 02, 03, 04
Mid-semester testThe mid-semester test will be a based on the material covered in Weeks 1 to 6. It will be designed to test the concepts and algoriths through small problems. It will be a short test of 40 minute duration conducted in a lecture slot in Week 7.20 01, 02, 03, 04