CS4331/5331: Network Security
Instructor: Dr. Sunho Lim (Ph.D., Assistant Professor)
Lecture 00
sunho.lim@ttu.edu
CS4331/5331: Network Security, Summer I 2021
1
Administration
Class Meetings:
M/T/W/R/F, 12:00 PM – 1:50 PM (Synchronous Online)
Recorded lectures will also be uploaded after the class
Class attendance is highly required.
A daily assignment (e.g., either review or quiz) will be assigned and it must be
completed before the due date, e.g., before the next class begins.
Instructor: Dr. Sunho Lim (Ph.D., Assistant Professor)
Office: 310 ENGCTR (Online)
Tentative office hours: M/W, 2:00 PM – 3:00 PM, or by appointment (email or
Zoom meeting)
E-mail: sunho.lim@ttu.edu
Class homepage,
TTU Blackboard
Check any update frequently
CS4331/5331: Network Security, Summer I 2021
2
Administration (cont.)
Class homepage, TTU Blackboard
“Summer 2021 TTU - CS-4331-102 & CS-5331-102 & CS-5331-D02”
Check any update frequently
Announcement
Post and email broadcasted from TTU Blackboard
Syllabus
Lecture Note
Recorded lecture
Homework
Submit through TTU Blackboard
Quiz & Exam
Quiz/Review/Exam
Submit through TTU Blackboard
Zoom
CS4331/5331: Network Security, Summer I 2021
3
Administration (cont.)
Required Textbook:
No required textbook but a couple of
reference books will be used
Highly recommend: Computer
Networking – A Top-Down
Approach, by J. F. Kurose and K. W.
Ross, 7th Edition, Pearson
Important concepts/materials will be
included in the lecture notes from
various sources.
CS4331/5331: Network Security, Summer I 2021
4
Administration (cont.)
References:
Network Security Essentials – Applications and
Standards, 6th Edition, W. Stallings, Pearson
Cryptography and Network Security –
Principles and Practices, 4th Edition, W. Stallings,
Pearson
CS4331/5331: Network Security, Summer I 2021
5
Administration (cont.)
References: (cont.)
Network Security – Private Communication in
a Public World, 2nd Edition, C. Kaufman, R.
Perlman, and M. Speciner, Person
Internet Security: A Hands-on Approach, 2nd
Edition, W. Du
Additional references or materials will be
included in the lecture note, or uploaded in the
Blackboard
CS4331/5331: Network Security, Summer I 2021
6
Course Description
Description:
This course will introduce the basic security risks, threats, countermeasures, and
applications in infrastructure-based networks. We will focus on the algorithms
and communication protocols embedded in the level of the link, network, transport,
and application layers.
Objectives:
The primary objective of this course is to introduce students the fundamental
principles of network security and its related techniques in infrastructure-based
networks.
Prerequisites:
Good background in computer science, good programming skill (e.g., Python or C),
or permission from the instructor
CS4331/5331: Network Security, Summer I 2021
7
Tentative Course Outline
Introduction of Network Security
Basic Cryptography
Authentication and Integrity
Secure Email
Secure Socket Layer
IPsec
Intruder Detection
Firewalls
Wireless Security
CS4331/5331: Network Security, Summer I 2021
8
Grading Policy
No make-up exam/quiz!
Midterm Exam: 20%
June 15th (Tuesday), 12:00 PM – 1:50 PM, online
Final Exam: 30%
July 2nd (Friday), 11:00 AM – 1:30 PM, online
Quiz/Review: 20%
Quiz/Review may not be announced in advance
Homework: 30%
Late homework/quiz/review will NOT be accepted:
Grade
A (90 – 100), B (80 - 89), C (70 - 79), D (60 - 69), and F (0 - 59)
CS4331/5331: Network Security, Summer I 2021
9
In addition,
Utilize office hours
Instructor: M/W 2:00 PM - 3:00 PM, by appointment (Email or Zoom meeting)
TA: Mahfuzur Rahman <mahfrahm@ttu.edu>
When you send an email,
Please use the course number, e.g., CS4331/5331, in the title
Must use TTU email account
CS4331/5331: Network Security, Summer I 2021
10
Basic Infrastructure-based Networks
Instructor: Dr. Sunho Lim (Ph.D., Assistant Professor)
Lecture 01
sunho.lim@ttu.edu
Adapted partially from Computer Networking – A Top-Down Approach, by J. F. Kurose and K. W. Ross,
7th Edition, Pearson
CS4331/5331: Network Security, Summer I 2021
11
What’s the Internet:
“Nuts and Bolts” View
螺母和螺栓,指具体内容
PC
server
millions of connected computing
devices: hosts = end systems
running application programs
wireless
laptop
cellular
handheld communication links
fiber, copper, radio, satellite
access
transmission rate =
points
bandwidth
wired
links
router
routers: forward packets (chunks of
data)
CS4331/5331: Network Security, Summer I 2021
12
Mobile network
Global ISP
Home network
Regional ISP
Institutional network
What’s the Internet:
“Nuts and Bolts” View (cont.)
Mobile network
protocols control sending, receiving of msgs
e.g., TCP, IP, HTTP, Ethernet, etc.
Internet: “network of networks”
loosely hierarchical
public Internet versus private intranet
Global ISP
Home network
Regional ISP
Internet standards
RFC: Request for comments
IETF: Internet Engineering Task Force
Institutional network
CS4331/5331: Network Security, Summer I 2021
13
What’s the Internet:
A Service View
Mobile network
communication infrastructure enables distributed
applications:
Web, VoIP, email, games, e-commerce, file
sharing
communication services provided to apps:
reliable data delivery from source to
destination
“best effort” (unreliable) data delivery
CS4331/5331: Network Security, Summer I 2021
14
Global ISP
Home network
Regional ISP
Institutional network
Protocol?
A network protocol defines the format, order of msgs
sent and received among network entities, and
actions taken on msg transmission, and/or
receipt of a msg or other event.
network protocols:
machines rather than humans
all communication activity in Internet
governed by protocols
human protocols:
“what’s the time?”
“I have a question”
introductions
… specific msgs sent
… specific actions taken when msgs
received, or other events
Hi
TCP connection
request
TCP connection
response
Hi
Get http://www.awl.com/kurose-ross
Got the
time?
2:00
<file>
time
CS4331/5331: Network Security, Summer I 2021
Q: a protocol for cutting a pizza equally?
15
Processor Vs. Process
Multi-programming
Single CPU with multiple programs?
The OS creates a PROCESS for
each program
Control the switching of these
processes
What is a process?
The execution in program! ???
ACTIVITY!!
CS4331/5331: Network Security, Summer I 2021
16
Network Structure
network edge:
hosts: clients and servers
servers often in data centers
access networks, physical media:
wired, wireless communication links
connect an end system to the first
router
network core:
interconnected routers
network of networks
CS4331/5331: Network Security, Summer I 2021
17
Network Structure:
The Network Edge
end systems (hosts):
run application programs
e.g. Web, email
at “edge of network”
client/server model
client host requests, receives service from
always-on server
e.g. Web browser/server; email client/server
peer-peer model:
minimal (or no) use of dedicated servers
e.g. Skype, BitTorrent
CS4331/5331: Network Security, Summer I 2021
18
peer-peer
client/server
Access Networks and Physical Media
Q: How to connect end systems to edge router?
physical medium
residential access nets – e.g., coaxial cable
institutional access networks (school,
company) – e.g., fiber optics
mobile access networks – e.g., radio
channels
Keep in mind:
bandwidth (bits per second) of access
network?
shared or dedicated?
CS4331/5331: Network Security, Summer I 2021
19
Access Networks and Physical Media:
Sending Packets of Data
host sending function:
take application message
break into smaller chunks, known as
packets, of length L bits
transmits packet into access network at
transmission rate R
link transmission rate, a.k.a., link
capacity, or link bandwidth
two packets,
L bits each
2 1
R: link transmission rate
host
packet
transmission
delay
=
time needed to
transmit L-bit
packet into link
=
L (bits)
R (bits/sec)
1-20
CS4331/5331: Network Security, Summer I 2021
20
Why Layering?
dealing with complex systems
explicit structure allows identification, relationship of complex system’s pieces
modularization eases maintenance, updating of system
change of implementation of layer’s service is transparent to the rest of system
layering – potential drawback?
one layer may duplicate low-layer functionality
functionality at one layer may need information in another layer
violate the goal of separation of layers
CS4331/5331: Network Security, Summer I 2021
21
Layering of Airline Functionality
ticket (purchase)
ticket (complain)
baggage (check)
baggage (claim
gates (load)
gates (unload)
gate
runway (takeoff)
runway (land)
takeoff/landing
airplane routing
airplane routing
airplane routing
departure
airport
airplane routing
airplane routing
intermediate air-traffic
control centers
arrival
airport
Layers: each layer implements a service
via its own internal-layer actions
relying on services provided by layer below
CS4331/5331: Network Security, Summer I 2021
22
ticket
baggage
Internet Protocol Stack
Application:
supporting network applications
FTP, SMTP, HTTP
Transport:
process-process data transfer
TCP, UDP
Network:
routing of datagrams from source to destination
IP, routing protocols
Link:
data transfer between neighboring network elements
PPP, Ethernet
Physical:
bits “on the wire”
application
transport
network
link
physical
CS4331/5331: Network Security, Summer I 2021
23
source
message
segment
M
Ht
M
datagram Hn Ht
M
frame Hl Hn Ht
M
application
transport
network
link
physical
Encapsulation
link
physical
switch
destination
M
Ht
M
Hn Ht
M
Hl Hn Ht
M
application
transport
network
link
physical
CS4331/5331: Network Security, Summer I 2021
24
Hn Ht
M
Hl Hn Ht
M
network
link
physical
Hn Ht
M
router
Encapsulation
(cont.)
source
message
segment
datagram
frame
M
Ht
M
Hn Ht
M
Hl Hn Ht
M
application
transport
network
link
physical
link
physical
switch
M
Ht
M
Hn Ht
M
Hl Hn Ht
M
destination
Hn Ht
M
application
transport
network
link
physical
Hl Hn Ht
M
network
link
physical
Hn Ht
router
CS4331/5331: Network Security, Summer I 2021
25
Another Simple Reference Model
Application
Application
Transport
Transport
Network
Network
Data Link
Data Link
Data Link
Physical
Physical
Physical
Physical
CS4331/5331: Network Security, Summer I 2021
26
Network
Network
Data Link
Radio
M
Medium
0
