CSC 774 Network Security

Spring 2004

(This page will be changed frequently. Check before class.)

Instructional Objectives (Updatd for final exam)

Documents for lab exercises

For nmap
For VPN

Schedule of Classes

Instructor:

Dr. Peng Ning

Office	250 Venture III, Centennial Campus
Office hours:	Mondays and Thursdays, 3:00pm - 4:00pm
Office phone:	(919) 513-4457
Fax:	(919)513-7447
Email address:	pning(at)ncsu.edu.
Homepage:	http://www.csc.ncsu.edu/faculty/ning

Teaching assistant:

Kun Sun

Office hours:	Tuesdays 2:00pm--4:00pm
Email address:	ksun3@ncsu.edu

Class location:

Room 150 Venture II, Centennial Campus

Day and time:

Mondays, Wednesdays, and Fridays 4:10pm -5:00pm.

Mailing list:

csc774-002@wolfware.ncsu.edu

Web page:

http://courses.ncsu.edu/csc774/lec/002

Message Board:

http://courses.ncsu.edu/csc774

Course Syllabus:

http://courses.ncsu.edu/csc774/lec/002/syllabus.pdf

Note on assignments:

You must use text editor (e.g. MS Word) to complete your homework. Handwritten submissions are not accepted. You should submit hard copies unless otherwise specified.

All work is to be performed individually unless otherwise specified. For the collaborative problems, you are encouraged to form teams of 1-3 members (of students in this class) to cooperate only on those problems. After discussing the problems, please write up your answers individually. Indicate the names of the other members in your team, if any.

You get no extra credit for working alone where collaboration is permitted.

In-Class Presentation:

Each student is required to give a presentation on a research paper assigned by the instructor. The list of papers can be accessed here.
Here is the grading form for the in-class presentation.

Term Paper :

Each student is required to complete a survey paper or a research paper. Each student needs to submit a proposal in the middle of the semester and the final version by the end of the semester. Both will be graded. Students can form teams, each with up to three members.

People who write research paper will be rewarded by getting 50 bonus points by default. In addition, there will be other bonus points depending on the quality of the proposal or the paper. However, you need to realize that it is more difficult to write an original research paper than a survey paper. You are encouraged to combine this effort with your current research. You are also encouraged to discuss your work with the instructor during his office hours or by appointment.

Requirements for term paper proposal

Requirements for final term paper

Research Paper
- You can work on original research problems. The outcome should be a paper with original technical contribution. Your grade on this will be judged on originality, soundness of the approach, and quality of presentation.
- You are encouraged to choose this if you are a PhD student or a master student that has to complete a thesis.
Survey Paper
- You can write a paper that surveys a particular field on information security. The outcome should be a paper that summarizes the trend in the field you have chosen. Your grade will be judged on the completeness of the survey, the quality of the trend analysis, and the quality of presentation.
Example Topic Areas (More will be posted):
- Topics related to wireless sensor networks
  - Key management
  - Secure data collection
  - Intrusion detection
  - Secure location discovery
  - Secure time synchronization
  - Efficient implementation
- Vulnerability Analysis
- Wireless Security
- Intrusion Detection
- Authentication
- Access Control
- Authorization
- DNS Security
- Digital Watermarking
- New Attacks

Schedule of classes

Date	Topics	Reading Assignment (Complete before class.)	Homework Assignment	Handouts
01/12/04	Topic 1. Course Introduction			Topic 1 Review of basic security concepts
01/14/04	Topic 2. Review of Cryptographic Techniques			Topic 2
01/16/04	Topic 2 (Cont'd) Topic 3. Internet Key Management	Paper #1. A. Aziz, “Simple Key Management for Internet Protocol (SKIP)”, in Proceedings of INET 95, June 1995. Paper #2.(Optional) H. Krawczyk “SKEME: a versatile secure key exchange mechanism for Internet,” in Proceedings of the Symposium on Network and Distributed System Security, Page(s): 114 –127, 1996.		Topic 3
01/19/04	No class (Martin Luther King Day)
01/21/04	Topic 3.(Cont'd)	Paper #3. H. Orman, “The OAKLEY Key Determination Protocol,” IETF Request For Comment 2412, November 1998. Paper #4. D. Maughan, M. Schertler, M. Schneider, and J. Turner, “Internet Security Association and Key Management Protocol (ISAKMP),” IETF Request For Comment 2408, November 1998.	HW1 Reference solution (Due by 2/9/04)
01/23/04	Topic 3 (Cont'd)
01/26/04	Class cancelled due to snow
01/28/04	Topic 3.1 IKE	Paper #5. D. Harkins, D. Carrel, “The Internet Key Exchange,” IETF Request For Comments 2409, November 1998.		Topic 3.1
01/30/04	Topic 3.1 (Cont'd)
02/02/04	Topic 4. Electronic Payment Systems Topic 4.1 NetBill	Benjamin Cox, J.D. Tygar, and Marvin Sirbu. "Netbill Security and Transaction Protocol," In The First USENIX Workshop on Electronic Commerce, pages 77--88, July 1995. See also the NetBill Project Website.		Topic 4.1
02/04/04	Guest lecture (Kun Sun)	Peng Ning and Kun Sun. How to Misuse AODV: A Case Study of Insider Attacks against Mobile Ad-Hoc Routing Protocols. In Proceedings of the 4th Annual IEEE Information Assurance Workshop, pages 60-67, West Point, June 2003.		slides
02/06/04	Guest lecture (Kun Sun)
02/09/04	Topic 4.1 (Cont'd) Topic 4.2 Micropayment	R.L. Rivest, A. Shamir, "PayWord and MicroMint: Two simple micropayment schemes," In Proceedings of Security Protocols Workshop, pages 69 - 87, 1996. Silvio Micali and Ronald Rivest. Micropayments revisited. In Bart Preneel, editor, Progress in Cryptology --- CT-RSA 2002, volume 2271 of Lecture Notes in Computer Science. Springer-Verlag, February 18-22 2002.		Topic 4.2
02/11/04	Topic 4.2 (Cont'd)		HW2 Solution (Due by 02/25/04)
02/13/04	Mid-term Exam #1	Topics 2-- 4.2	Grade Distribution
02/16/04	Review of Midterm Exam Topic 4.3 Fair Exchange	N. Asokan, M. Schunter, and M. Waidner."Optimistic Protocols for Fair Exchange," In Proceedings of 4th ACM Conference on Computer and Communications Security, Zurich, April 1997.		Topic 4.3
02/18/04	Topic 4.3 (Cont'd)
02/20/04	Topic 4.3 (Cont'd) Review of Intrusion Detection
02/23/04	Topic 5.1 Intrusion Alert Correlation	Peng Ning, Yun Cui, Douglas S. Reeves, "Constructing Attack Scenarios through Correlation of Intrusion Alerts," in Proceedings of the 9th ACM Conference on Computer & Communications Security, pages 245--254, Washington D.C., November 2002.		Topic 5.1
02/25/04	Topic 5.1 (Cont'd)
02/27/04	Class cancelled due to snor
03/01/04	Guest Lecture Dr. Mike Reiter CyLab, CMU (location: Room 107H, Park Shop, Main Campus)	Title: Security for, and by, converged mobile devices P. MacKenzie and M. K. Reiter. Delegation of cryptographic servers for capture-resilient devices. Distributed Computing 16(4):307–327, December 2003. doi:10.1007/s00446-003-0098-4 © Springer-Verlag P. MacKenzie and M. K. Reiter. Networked cryptographic devices resilient to capture. International Journal of Information Security 2(1):1–20, November 2003. doi:10.1007/s10207-003-0022-8 © Springer-Verlag M. K. Reiter, A. Samar, and C. Wang. The design and implementation of a JCA-compliant capture protection infrastructure. In Proceedings of the 22nd IEEE Symposium on Reliable Distributed Systems, October 2003. © IEEE
03/03/04	Topic 5.2 Dealing with Attacks Missed by IDSs	Peng Ning, Dingbang Xu, Christopher G. Healey, and Robert A. St. Amant, "Building Attack Scenarios through Integration of Complementary Alert Correlation Methods," in Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04), pages 97--111, February, 2004.		Topic 5.2 (handout, with animation)
03/05/04	Topic 6 Broadcast Authentication Topic 6.1 TESLA and EMSS	A. Perrig, R. Canetti, D. Song, and D. Tygar, “Efficient Authentication and Signing of Multicast Streams over Lossy Channels,” in Proc. of IEEE Security and Privacy Symposium, May 2000. (Optional) A. Perrig, R. Canetti, D. Song, and D. Tygar, “Efficient and Secure Source Authentication for Multicast,” in Proceedings of Network and Distributed System Security Symposium, February 2001.		Topic 6.1
03/08/04	No class (Spring Break)
03/10/04	No class (Spring Break)
03/12/04	No class (Spring Break)
03/15/04	Topic 6.1 (Cont'd) Topic 7 Group Key Management Topic 7.1 Group Key Agreement	M. Steiner, G. Tsudik, and M. Waidner, “Diffie-Hellman Key Distribution Extended to Group Communication,” in Proceedings of the 3rd ACM Conference on Computer and Communications Security, pages 31--37, 1996.	HW3 Solution (Due by 03/29/04)	Topic 7.1
03/17/04	Topic 7.1 (Cont'd)
03/19/04	Topic 7.2 Group Key Distribution	Suvo Mittra, "Iolus: a framework for scalable secure multicasting," In Proceedings of the ACM SIGCOMM '97, pages 277 - 288, 1997.		Topic 7.2
03/22/04	Topic 7.2 (Cont'd)	Chung Kei Wong, Mohamed Gouda, Simon S. Lam, "Secure group communications using key graphs," In Proceedings of SIGCOMM '98, Pages: 68 - 79.		Topic 7.2-2
03/24/04	Topic 7.2 (Cont'd)		Research proposal due.
03/26/04	Mid-term Exam #2	Topics 4.3--7.2	Grade Distribution Solution
03/29/04	Topic 8. Security in MANET Topic 8.1 Secure Ad-Hoc Routing Protocols	Y. Hu, A. Perrig, and D. B. Johnson, “Ariadne: A Secure On-Demand Routing Protocol for Ad-Hoc Networks,” in Proceedings of the Eighth Annual International Conference on Mobile Computing and Networking (MobiCom 2002), September, 2002.		Topic 8.1
03/31/04	Review of mid-term exam #2
04/02/04	Topic 8.1 (Cont'd)			About in-class presentation
04/05/04	Topic 8.2 Detecting Misbehaving Nodes	S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior in mobile ad hoc networks,” in Proceedings of the Sixth annual ACM/IEEE International Conference on Mobile Computing and Networking, pages 255 -- 265, 2000.	HW4 Solution (Due by 04/019/04)	Topic 8.2
04/07/04	Topic 9. Security in Sensor Networks Topic 9.1 Key Predistribution in Sensor Networks	L. Eschenauer and V. D. Gligor, "A key-management scheme for distributed sensor networks," in Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 41--47, November, 2002.		Topic 9.1-1
04/09/04	No class (Easter break)
04/12/04	Topic 9.1 (Cont'd)	D. Liu and P. Ning, “Establishing Pairwise Keys in Distributed Sensor Networks,” in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS '03), pages 52--61, Washington D.C., October, 2003.		Topic 9.1-2
04/14/04	Advanced Topics	1. Bartosz Przydatek, Dawn Song, Adrian Perrig, "SIA: Secure Information Aggregation in Sensor Networks", In Proceedings of ACM SenSys 2003. 2. Sencun Zhu, Sanjeev Setia, Sushil Jajodia, and Peng Ning, "An Interleaved Hop-by-Hop Authentication Scheme for Filtering False Data in Sensor Networks," To appear in the Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, May 2004. 3. Fan Ye, Haiyun Luo, Songwu Lu, Lixia Zhang, ``Statistical En-route Detection and Filtering of Injected False Data in Sensor Networks,'' to appear in IEEE INFOCOM 2004	HW5 (Given in the message board; Due by 04/30/04)	Nikhil Baradwaj Qinghua Zhang Li Yang
04/16/04	Advanced Topics	4. H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” in Proceedings of IEEE Symposium on Research in Security and Privacy, pages 197—213, May 2003. 5. Wenliang Du, Jing Deng, Yunghsiang S. Han, Shigang Chen and Pramod Varshney. "A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge," To appear in IEEE INFOCOM'04, March 7-11, 2004, Hongkong, China. 6. Donggang Liu, Peng Ning, "Location-Based Pairwise Key Establishments for Static Sensor Networks," in 2003 ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN '03), October 2003.		Arvind Soni Annika Edwards Angana Ghosh
04/19/04	Advanced Topics	7. Wenliang Du, Jing Deng, Yunghsiang S. Han, and Pramod Varshney. "A Witness-Based Approach For Data Fusion Assurance In Wireless Sensor Network," in Proceedings of the IEEE 2003 Global Communications Conference (GLOBECOM). San Francisco, CA, USA. December 1-5, 2003. 8. S. Banerjee and B. Bhattacharjee, "Scalable Secure Group Communication over IP Mulitcast," in Proceedings of Internation Conference on Network Protocols, November, 2001. 9. Dalit Naor, Moni Naor, Jeff Lotspiech, "Revocation and Tracing Schemes for Stateless Receivers", in Lecture Notes in Computer Science, volume 2139, pages 41--??, 2001.		Mithun Acharya Pierre Mouallem Yan Zhai
04/21/04	Advanced Topics	10. G. Ateniese and M. Steiner and G. Tsudik, "Authenticated Group Key Agreement and Friends," in Proceedings of the 5th ACM Conference on Computer and Communications Security, pages 17 -- 26, 1998. 11. Donggang Liu, Peng Ning, Kun Sun, "Efficient Self-Healing Group Key Distribution with Revocation Capability," in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS '03), pages 231--240, Washington D.C., October, 2003. Course Evaluation		Jaideep Mahalati Rick Flynn
04/23/04	Advanced Topics	12. Adrian Perrig, "The BiBa One-Time Signature and Broadcast Authentication Protocol," in Proceedings of the ACM Conference on Computer and Communications Security, November, 2001. 13.Leonid Reyzin and Natan Reyzin, "Better than BiBa: Short One-time Signatures with Fast Signing and Verifying," in Proceedings of 7th Australasian Conference on Information Security and Privacy, 2002. 14. Chris Karlof, Naveen Sastry, Yaping Li, Adrian Perrig, and J.D. Tygar, "Distillation Codes and Applications to DoS Resistant Multicast Authentication", In Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04), February 2004.		Rott Adsadawuttijaroen Michael Lee Pratik Shah
04/26/04	Advanced Topics	15. Adrian Perrig and Robert Szewczyk and Victor Wen and David Culler and J.D. Tygar, "SPINS: Security Protocols for Sensor Networks," in Proceedings of Seventh Annual International Conference on Mobile Computing and Networks, July 2001. 16. Donggang Liu, Peng Ning, "Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks," in Proceedings of the 10th Annual Network and Distributed System Security Symposium, pages 263-276, February 2003. 17. Dawn Song, David Zuckerman, and J. D. Tygar, "Expander Graphs for Digital Stream Authentication and Robust Overlay Networks," in Proceedings of the 2002 IEEE Symposium on Security and Privacy.		Tanu Sharma Richard Reid Julie Starr
04/28/04	Advanced Topics	18. D. Balfanz and D.K. Smetters and P. Stewart and H.C. Wong, "Talking to Strangers: Authentication in Ad-Hoc Wireless Networks," in Proceedings of 2002 Symposium on Network and Distributed Systems Security (NDSS '02), February 2002. 19. Lingxuan Hu and David Evans, "Using Directional Antennas to Prevent Wormhole Attacks," In Proceedings of NDSS '04. 20. S. Buchegger and J. L. Boudec, "Performance Analysis of the CONFIDANT Protocol (Cooperation of Nodes: Fairness in Dynamic Ad-hoc Networks)," in Proceedings of The Third ACM International Symposium on Mobile Ad Hoc Networking and Computing, pages 226--236, June, 2002.		Phu Dinh Ishan Kapoor Srinath Anantharaju
04/30/04	Advanced Topics Final review	21. Yih-Chun Hu, Adrian Perrig, and David B. Johnson. "Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks," In Proceedings of the INFOCOM 2003. 22. Yih-Chun Hu, Adrian Perrig, David Johnson, "Efficient Security Mechanisms for Routing Protocols", In Proceedings of NDSS 2003.	Research paper due.	Qiao Xu Qing Zhang
05/07/04	Final Exam (1pm - 4pm)

Peng Ning