University of Gujrat

Department of Information Technology

Title Network Security

Code IT-312

Credit Hours 3.0

Prerequisite Data Communications and Networks

Instructor

• Gain insight into the field of cryptography, and network and

Aims and Objectives
web security.
• Understand design principles for the planning of secure
networks.
• Understand security weaknesses and implementation of security
measures in E-mail, IP addressing, web and networks in general.
• Understand Public Key systems and protocols and their
implementations in various networks.
1. Network Security Essentials by William Stallings, Prentice
Text Books Hall, 3rd Edition

Reference Books 1. Corporate Computer and Network Security by Raymond Panko

United States Edition, Prentice Hall, 2004
2. Corporate Computer and Network Security by Raymond
Panko United States Edition, Prentice Hall, 2003
3. Cryptography and Network Security: Principles and Practice
Third Edition, Prentice Hall, 2002
4. Security in Computing by Charles P. Pfleeger and Shari
Lawrence Pfleeger, Third Edition, Prentice Hall, 2002.

Assessment Criteria Sessional 25% Mid 25% Final 50%

 Quizzes 10%

Assignments 5%

Project/Presentation 10%

Sixteen-week lecture plan

Week Lecture Topic

• Introduction to Network Security, Information security, network security.
1 Computer security, Security Trends, OSI Security Architecture, Security
1 Attacks, Security Services, Security Mechanisms, A model for Network Security
• Symmetric encryption principles, Shift cipher, Rot-13 cipher, Ceasar
2
cipher
3 • Cryptography, Cryptanalysis techniques,
2
4 • cryptanalytic attacks, substitution ciphers, monoalphabetic ciphers,
5 • Polyalphabetic ciphers, brute force search
3
6 • fiestel cipher structure, Data Encryption Standard

7 • DES
4
8 • DES
9 • Cipher Block Modes of Operations
5
10 • CBM
11 • Secret key cryptography, key distribution scenario and issues, PRNGs
6
12 • Public key cryptography
• Diffie-hellman key agreement, exchange and its security, public key
13
7 applications
14 • Quiz # 2

8 15,16 Mid Term

17 • RSA, Digital signature
9
18 • RSA Security
19 • Secret sharing, Threshold based SS
10
20 • Blakley’s scheme, Entity authentication
11 21 • S-MIME
 IP Security
22
Internetworking and Internet Protocols , IP Security Overview,, IPSec Services
23 • Web Security, Threats and approaches, SSL
12
24 • Legal and ethical aspects
• System Security, Intruders, Intrusion Detection, Audit Records,
25
Statistical Anomaly detection
13
• Rule based intrusion detection, Distributed intrusion detection,
26
honeypots,
27 • Password management, protection, Strategies to choose password
14
28 • Malicious Softwares
29 • Firewall, Types of firewalls
Working of firewalls
15
30 Firewall Design Principles, Firewall Characteristics ,Types of
Firewalls ,Firewall Configuration
31 • Project Presentations
16
32 • Final Term

Definition - What does Brute Force Attack mean?

A brute force attack is a trial-and-error method used to obtain information such as a user
password or personal identification number (PIN). In a brute force attack, automated
software is used to generate a large number of consecutive guesses as to the value of the
desired data. Brute force attacks may be used by criminals to crack encrypted data, or by
security analysts to test an organization's network security.
A brute force attack is also known as brute force cracking or simply brute force.