Network Security - Private Communication in a Public World , by Charlie Kaufman, Radia Perlman and Mike Speciner, 2nd Edition, Prentice Hall, 2002

Cryptography and Network Security , by William Stallings, 3 rd Edition, Prentice Hall, 2003


Writing Secure Code , Michael Howard and David LeBlanc, Microsoft Press, 2002.

Security in Computing , Charles Pfleeger, Shari Lawrence Pfleeger, 3rd Edition, Prentice Hall, 2002.

Firewalls and Internet Security: Repelling the Wily Hacker , 2 nd edition, by William R. Cheswick , Steven M. Bellovin , and Aviel D. Rubin , Addison Wesley, 2003

Lecture Notes on Cryptography , by S. Goldwasser and M. Bellare, available online at



  • Understand the fundamental principles and underlying technologies of information security and assurance;
  • Illustrate the security principles with the state-of-the-art security technologies and products through case studies.


  • Required: EECS 213 or any equivalent computer systems introductory courses or instructor approval.
  • Highly recommended: EECS 340 or equivalent networking introductory course


  1. Motivation and overview of computer security
    1. Security definition, policy, mechanisms, services and models
  2. Introduction to cryptography, symmetric/asymmetric encryption
    1. Secret key case study: DES/AES algorithms
    2. Public key case study: RSA
    3. One-way hash function and message digests: MD5, SHA2
  3. Software security
    1. Buffer overflow, heap overflow and string format bugs
    2. Detection techniques: static program analysis vs. run-time detection
  4. Operating system security techniques
    1. Dealing with bad (legacy) codes: sandboxing
    2. Multi-level security, file system security
  5. Authentication, access control, public key infrastructure (PKI, briefly)
    1. Case study: Kerberos
  6. Internet vulnerability
    1. Denial-of-service attacks
    2. viruses, worms, Trojan horses
  7. Securing the Internet
    1. Intrusion detection systems (IDSs): host- vs. network- based, signature vs. statistical detection
    2. Case study: Snort and Bro
    3. Firewalls, VPN and IPsec
  8. Web and wireless network security
    1. Case study: SSL/TLS


  • Using cryptographic software (like PGP) for secure data transfer and authentication
  • Exploit of buffer overflow bugs and format string bugs which count for most notorious viruses/worms;
  • Using and configuring a signature-based intrusion detection system (like snort), and implementing a tiny statistics-based IDS system to detect denial-of-service attacks and port scans with real router traffic (code templates and algorithms will be provided).


  • Participation 10%
  • Homework 10%
  • Projects 40%
  • Mid-term Exam 20%
  • Final Exam 20%

COURSE OBJECTIVES: When a student completes this course, s/he should be able to:

  • Understand the basic principles for information and communication security, and be able to apply these principles to evaluate and criticize information system security properties
  • Be able to use some important and popular security tools, like encryption, digital signatures, firewalls, intrusion detection systems (IDS)
  • Be able to identify the vulnerability of the Internet systems and recognize the mechanisms of the attacks, and apply them to design and evaluate counter-measure tools

more news