John Kar-kin Zao ( 邵家健 )

PhD Harvard 1995, SMIEEE 2001

 

Tel.:   +886-3-5712121#54731 (Taiwan)

+1-617-491-8692          (USA)

Email: jkzao@csie.nctu.edu.tw    (Professional)

jkzao@post.harvard.edu    (Personal)

 

 

Teaching Courses

 

 

[The link bar feature is not available in this web]

 

 

94年上學期 ( 2005 / 09 – 2006 / 01 )

Internet Security: Mechanisms, Services, Protocols & Mechanisms ( 網路安全概論 )

Highlight

bullet

Duration:          17 weeks including lectures, experiments and final examination

bullet

Audience:         Undergraduate (junior or senior) and graduate students

bullet

Pre-requisites:  C programming; internet basics; operating system basics

bullet

Meetings:          Lectures (12 x 3 hrs) and experiments (4 x 3 hrs)

 

Abstract

This semester-long course explores three expanding areas of Internet security: communication security, information security and trustworthy computing. It also exams the hierarchical organization in each area based on the partition among mechanisms, services and management infrastructure. The course aims at achieving three goals:

bullet

Introduce the process of security system design consisting of vulnerability assessment, security architecture and system implementation

bullet

Explain the use of cryptography and communication technology in building interlocking security services through the examination of security protocols

bullet

Discuss development trends of security services, mechanisms and management in global information infrastructure

 

Agenda

The course will cover six topics:

bullet

Security System Design: Vulnerability Analysis, Policy Specification and Countermeasure Deployment

bullet

OSI Security Architecture: Services, Mechanisms and Protocol Mapping

bullet

Modern Cryptography, Overview

bullet

Communication Security and Security Protocols

bullet

Information Security and Trustworthy Computing

bullet

Security System Management

Four three-hour laboratory sessions will supplement weekly lectures to provide students with hand-on experience in specific security system techniques:

bullet

System Vulnerability Analysis with Password Cracking and Static System Scanning

bullet

Network Vulnerability Analysis with Protocol Analyzer and Network Scanners

bullet

Firewall/VPN Deployment and Management using NetFilter and FreeSwan

bullet

Intrusion Detection and Responses with DDoS Attack Simulation and Snort Analyzer

  

Format

bullet

Class interaction will consist of three hours of lectures every week and a three-hour laboratory session every three weeks (with a total of four sessions throughout the course).

bullet

Homework will consist of four bi-weekly problem sets aiming at deepening students understanding of course contents.

bullet

A three-hour final examination will be held at the end of the semester to assess students proficiency of the subject.

 

Grading

bullet

Problem Sets:                           4 x 5%  = 20%

bullet

Laboratory Sessions:                4 x 10%  = 40%

bullet

Final Examination:                               = 40%

 

Course Documents

Presentation Slides:

bullet

Lecture #0 - Course Overview

bullet

Lecture #1 - Internet Security Landscape

bullet

Lecture #2 - Security System Analysis & Planning

bullet

Lecture #3 - Communication Security, Services & Mechanisms

bullet

Lecture #4 - Secret Key Cryptography

Supplemental Materials:

bullet

Text, ComSec Ch1-3 (Ford)

 

Assignments

bullet

Assignment #1 – Security Analysis And Planning

 

Literature

Textbook:

bullet

Charles Kaufman, Mike Speciner, Radia Perlman, Network Security: Private Communication in a Public World, 2nd Ed., Pearson Education, April 2002

References:

bullet

Warwick Ford, Computer Communication Security: Principles, Standard Protocols & Techniques, Prentice Hall, September 1993

bullet

Ruixi Yuan, Timothy Strayer, Virtual Private Networks: Technology & Solution, Pearson Education, April 2001

bullet

Edward Amoroso, Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps & Response, Intrusion.Net Books, March 1999