NYU Internet Security Class
Fall '22 - ECE-GY 9383
General Information
Teaching staff:
Instructor: Prof. Danny Y. Huang (please reach out via Slack)
Course Assistants: Allan Luke Rebello, Jingyan Ran, Monisha Gnanaprakasam
Time:
Class: 14:00 - 16:30 every Thursday
Office hours:
Location:
In person attendance: Jacobs Hall (6 MetroTech) -- See Albert for the room number
Live streaming: https://nyu.zoom.us/j/94769131089 - The password is the classroom number with 3 digits.
Class Slack: https://join.slack.com/t/nyu-security-privacy/signup (NYU only)
Bring your computer and/or phone to class. We will try to be very interactive!
Evaluation
Format:
Labs and exams: submit through GradeScope
Project: presentation and report (PDF)
Distribution of points (adding to 100):
10 points - In-class quizzes. For each quiz, you'll be given 100% as long as you complete the quiz; otherwise, you'll be given 0. You can participate in the quizzes in person or over Zoom.
10 points - In-class open-Internet exam (September 15) on networking basics. You can take the exam in person or virtually, since the exam is on GradeScope. Each student is to complete the exam on their own.
60 points - Three labs in total; each lab account for 20 points. Students can work on labs individually or in groups no more than 4 people.
20 points - You have a choice to do EITHER a self-proposed project (presentation on December 8) OR a Danny-defined project (open-Internet, take-home).
Bonus points (please fill this out)
5 points - Consistently asking good questions and helping your classmates with their questions -- both in class and on Slack.
5 points - Attending a CSAW event, summarizing different papers/projects, and tweeting about the summary in an accurate yet easy-to-understand format (especially for a non-technical audience)
10 points - Submitting project evaluation report on all the project presentations on December 8. For each project (except your own), you'll discuss their strengths & weaknesses, and you'll discuss potential areas for improvement in the report. Each student submits a report individually.
Calculation of grade: The final grade will be calculated based on this method.
Missed deadlines: If you missed lab or exam deadlines for whatever reasons, you have a choice of scheduling a 10-minute Zoom call with Danny during the final exam period, where Danny will ask you relevant questions and you'll have to answer in real time (just like a technical interview).
Learning Objectives
Upon completion of this course you will have acquired the following knowledge:
A firm grasp on how networks are attacked and techniques used.
An understating of the inherent insecurity of networking and networking protocols.
Understand the fundamentals of secure network design
Foundation of the issues involved in providing secure network communications
Understand the underlying cryptography required for electronic commerce, secure communications, and authentication
Obtain a hands-on understanding of network security through laboratory work
Individual Work and Collaboration
In preparing your submissions for homework and laboratory projects you are authorized to use the textbook, your notes, websites, online documentation, and any other reference materials to which you have access. You may also discuss the assignment in general with other members of the class or with anyone else whom you believe can be of assistance (including possibly the instructor). While referring to third-party code can be helpful in devising your own solution, it is also extremely dangerous as it is all too easy to plagiarize without realizing it. It is for exactly this reason that viewing source code published online that may be relevant to a product is almost always strictly forbidden in corporate settings due to intellectual property concerns.
The work that you submit for grading must, however, be exclusively your own work. If you do obtain assistance from another individual, you must include an explicit note to that effect in your submission for the assignment. Further, all references used must be cited. This means that if you are using various websites for assistance in laboratory assignments and/or homework you must cite the exact URLs. In addition, any other printed material used must be explicitly cited. A non-exhaustive list of plagiarism examples include:
Copying third-party code verbatim that was published in an online source code repository, forum, or other reference site such as GitHub, GitLab, Stack Overflow, Wikipedia, or similar
Adapting an algorithm found in third-party code published online
Collaborating on code with other students, such as adapting code written by another student or working together on a shared code base at any point
Prerequisites
You are expected to have basic networking knowledge, such as the following:
Background in undergraduate or graduate networking.
Ethernet, IP, TCP, UDP, ports
Application protocols, such as HTTP, HTTPS, SSL/TLS, DNS
Although you are not expected to have a detailed understanding of the above (e.g., explaining how the TCP Window works), you should be able to at least describe the concepts at a high level and explain the relationships among the different concepts.
If you are not sure whether you have the prerequisite background knowledge, check out this sample quiz below. If you cannot comfortably answer the questions in the quiz, you are encouraged to take the following online courses for free prior to the start of the semester and learn about the concepts above.
Sample Quiz
Here is a sample quiz that tests your understanding of the basic knowledge required for this class. If you think you can comfortably answer all of the questions below, you are likely equipped with the prerequisite knowledge to excel in the class. Otherwise, feel free to take the online courses listed above and/or speak with the instructor.
Your friend, Alex, complains that she cannot access the Internet on her phone.
Let’s say Alex complains to you over the phone. What questions would you ask Alex to help her troubleshoot?
Let’s say you’re in the same room as Alex. You’re both wearing masks. What would you do to help Alex regain Internet connectivity?
On your desktop browser, you type “www.google.com” hit “enter”.
If you are intercepting all packets leaving and entering your computer, what types of packets do you expect to see?
Why do you see such packets?
Hint: Think about DNS, IP, TCP, and HTTP. Bonus points if you can answer with respect to TLS, CDNs, and/or data centers.
Online Courses
To learn the prerequisite materials, I recommend taking the following courses:
Google’s Networking Class on Coursera
You can audit the class for free.
Recommended contents from the Coursera course:
Watch all videos under “Week 1”, “Week 2”, “Week 3”, and “Week 4.
Optionally, watch all videos under “Week 5” and “Week 6”.
To complement the Coursea class above, check out the following YouTube videos from Princeton’s Networking Class
Videos 26-32: IP
Videos 33-34: Routing, autonomous systems
Videos 85-89: DNS
Videos 146-151: HTTP
Videos 154-159: CDNs
Textbooks
To supplment the online courses, read the following chapters of the Computer Networks Textbook (5th Edition) by Larry Peterson et al.
Chapter 2.6 - Ethernet
Chapter 3 - Inter-networking
Chapter 4 - Internet routing
Chapter 5.1 and 5.2 - UDP and TCP
Chapter 9.1.2 - HTTP
Chapter 9.3.1 - DNS
Inclusion Statement
The NYU Tandon School values an inclusive and equitable environment for all our students. I hope to foster a sense of community in this class and consider it a place where individuals of all backgrounds, beliefs, ethnicities, national origins, gender identities, sexual orientations, religious and political affiliations, and abilities will be treated with respect. It is my intent that all students’ learning needs be addressed both in and out of class, and that the diversity that students bring to this class be viewed as a resource, strength and benefit. If this standard is not being upheld, please feel free to speak with me.
Moses Center Statement of Disability
If you are a student with a disability who is requesting accommodations, please contact New York University’s Moses Center for Students with Disabilities at 212-998-4980 or mosescsd@nyu.edu. You must be registered with CSD to receive accommodations. Information about the Moses Center can be found at https://www.nyu.edu/students/communities-and-groups/student-accessibility.html. The Moses Center is located at 726 Broadway on the 2nd floor.
Title XI
Title IX makes it clear that violence and harassment based on sex and gender are civil rights offenses subject to the same kinds of accountability and the same kinds of support applied to offenses against other protected categories such as race, national origin, etc. If you or someone you know has been harassed or assaulted, you can find the appropriate resources: https://www.nyu.edu/about/policies-guidelines-compliance/equal-opportunity/title9.html