Schedule

September 7: Introduction

Agenda:

• Why should we care about network security? 

• Common misconceptions of network security

• Examples of computer security issues and solutions

• Overall structure of the course

• Overview of labs and projects

Readings:

• Google’s Networking Class on Coursera. You can audit the class for free.

  • Watch all videos under “Week 1”, “Week 2”, “Week 3”, and “Week 4.

  • Optionally, watch all videos under “Week 5” and “Week 6”.

• https://www.csaw.io/

• https://www.theverge.com/2016/3/7/11173010/verizon-supercookie-fine-1-3-million-fcc 

• https://theintercept.com/2020/07/31/protests-surveillance-stingrays-dirtboxes-phone-tracking/ 

• https://en.wikipedia.org/wiki/IDN_homograph_attack# 

• https://www.cnn.com/2013/12/17/justice/massachusetts-harvard-hoax/index.html 

• https://inspector.engineering.nyu.edu/ 

[Zoom recording (NYU only)] [Slides]

September 14: How does the Internet work

Agenda:

• What happens when I visit "Google.com"?

• How to capture and analyze packets with Wireshark and Pandas

• Overview of protocols: IP, DHCP, ARP, DNS, TCP/UDP, HTTP, TLS

Readings:

• Google’s Networking Class on Coursera. You can audit the class for free.

  • Watch all videos under “Week 1”, “Week 2”, “Week 3”, and “Week 4.

  • Optionally, watch all videos under “Week 5” and “Week 6”.

• Read the following chapters of the Computer Networks Textbook (5th Edition) by Larry Peterson et al.

  • Chapter 2.6 - Ethernet

  • Chapter 3 - Inter-networking

  • Chapter 4 - Internet routing

  • Chapter 5.1 and 5.2 - UDP and TCP

  • Chapter 9.1.2 - HTTP

  • Chapter 9.3.1 - DNS

• Optionally, check out the following YouTube videos from Princeton’s Networking Class

  • Videos 26-32: IP

  • Videos 33-34: Routing, autonomous systems

  • Videos 85-89: DNS

  • Videos 146-151: HTTP

  • Videos 154-159: CDNs

[Zoom recording (NYU only)] [Slides]

September 21: Local network security issues

Agenda:

• In-class quiz: Networking Basics (2:15 - 2:45 pm)

• Scanning with nmap

• ARP spoofing

• DHCP starvation

Readings:

• https://www.imperva.com/learn/application-security/arp-spoofing/ 

• https://iotinspector.org/papers/ubicomp-20.pdf 

[Zoom recording (NYU only)]

September 28: Access to the local network

Agenda:

• Lab 1 announced. See GradeScope.

• ARP spoofing

  • Why does Bob flip back to the correct ARP table?

  • Does Bob know Alice is doing ARP spoofing?

  • Can Bob protect himself? DoH? VPN?

• DHCP starvation

• NAT

Readings:

• https://www.kali.org/tools/nmap/

• https://www.cbtnuggets.com/blog/technology/networking/what-is-a-dhcp-starvation-attack 

• https://tailscale.com/ 

[Zoom recording (NYU only)]

October 5: Beyond the local network

Agenda:

• DHCP Starvation vs ARP spoofing

• How VPN works. TailScale.

• Internet-exposed? NAT?

• Scanning with nmap. Shodan.

• BGP

Readings:

• https://www.cloudflare.com/learning/dns/what-is-dns/

• https://www.cloudflare.com/learning/security/glossary/what-is-bgp/ 

• https://zmap.io/paper.pdf 

• https://blog.cloudflare.com/october-2021-facebook-outage/ 

• https://tailscale.com/blog/how-nat-traversal-works/ 

• https://github.com/hwdsl2/setup-ipsec-vpn 

[Zoom recording (NYU only)]

October 12: Cryptography

Agenda:

• Guest lecture by Vijay Prakash

• CIA triad

• Historical cryptography & Kerckhoffs's principle of cryptography

• Cryptographic setting

• Modern cryptographic algorithms

• Block cipher & Stream cipher

• Symmetric and Asymmetric algorithms

• DES

• Diffie-Hellman

• RSA

• Digital signature

• Hashes

• Hash chaining

• MAC

Readings:

• https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c05.pdf

• Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices

• Fun comic: http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html

• The Code Book, by Simon Singh

[Zoom recording (NYU only)] [Slides]

October 19: TLS & Public Key Infrastructure

Agenda:

• Lab 1 due and review.

• Recap on RSA and DH

• HTTPS: A primer on web security

• PKI

• Let's Encrypt, Certificate Transparency

• Man-in-the-middling TLS connection

Readings:

• RSA and DH

  • RSA vs DH: https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/ 

  • RSA Calculator: https://umaranis.com/rsa_calculator_demo.html 

  • DH Calculator: http://www.dkerr.com/cgi-bin/modexp.pl 

  • Power Mod: https://www.omnicalculator.com/math/power-modulo 

  • RSA: https://www.cs.cornell.edu/courses/cs5430/2015sp/notes/rsa_sign_vs_dec.php 

• Cloudflare blogs

  • https://developers.cloudflare.com/fundamentals/internet/protocols/tls

  • https://www.cloudflare.com/learning/ssl/transport-layer-security-tls/

  • https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

• PKI

  • How LetsEncrypt works: https://letsencrypt.org/how-it-works/   

  • Introduction to PKI and TLS: https://www.youtube.com/watch?v=fuK-OAyfET4  

  • PKI: https://blog.cloudflare.com/how-to-build-your-own-public-key-infrastructure/ 

[Zoom recording (NYU only)]

October 26: Enterprise security

(Pfizer Auditorium is booked for another event. The class will be on Zoom.)

Agenda:

• Quiz 2 in class (14:00-14:30). Quiz 2 will be based on Lab 1.

• Guest Lecture by Brandon Sloane

• Job Market: Are there jobs out there and how much do they pay?

• Industry Challenges: Blockchain, AI, VR, Quantum Computing, Regulatory Requirements

• Industry Trends: Passwordless Authentication (Fido/U2F/etc), ZeroTrust (micro-segmentation, continuous authentication)

• Firewalls, IPtables, IDS, IPS

Readings:

• https://www.isc2.org//-/media/ISC2/Research/2022-WorkForce-Study/ISC2-Cybersecurity-Workforce-Study.ashx 

• https://aws.amazon.com/managed-blockchain/ 

• https://fidoalliance.org/how-fido-works/

• https://en.wikipedia.org/wiki/WebAuthn

• https://www.nist.gov/publications/zero-trust-architecture [Scan, don't read]

• https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf [Scan, don't read]

[Zoom recording (NYU only)] [Slides]

November 2: TLS + PKI + Authentication

(Pfizer Auditorium is booked for another event. The class will be on Zoom.)

Agenda:

• Quiz 2 review

• HTTPS: A primer on web security

• PKI

• Let's Encrypt, Certificate Transparency

• Man-in-the-middling TLS connection

Readings:

• PKI

  • How LetsEncrypt works: https://letsencrypt.org/how-it-works/   

  • Introduction to PKI and TLS: https://www.youtube.com/watch?v=fuK-OAyfET4  

  • PKI: https://blog.cloudflare.com/how-to-build-your-own-public-key-infrastructure/ 

  • Certificate transparency: https://blog.cloudflare.com/introducing-certificate-transparency-and-nimbus/ 

[Zoom recording (NYU only)] [Slides]

November 9: Web security and privacy

Agenda:

• Signing

• Certificate transparency, wrapping up

• HTTP

• Cookies

• CSRF

• XSS

• Fingerprinting

Readings:

• https://victorzhou.com/blog/csrf/

• https://victorzhou.com/blog/xss/ 

• Entropy: https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy 

• https://coveryourtracks.eff.org/ 

• https://fingerprint.com/demo/ 

[Zoom recording (NYU only)]

November 16: Web privacy continued

Agenda:

• Lab 2 due (soft deadline) and review in class

• Web privacy, continued

• ToR

Readings:

• https://dl.acm.org/doi/10.1145/2660267.2660347 

• https://hdanny.org/static/ccs-19.pdf 

• https://www.esat.kuleuven.be/cosic/publications/article-2556.pdf 

[Zoom recording (NYU only)]

November 30: Tunnels

Agenda:

• Lab 2 due (hard deadline)

• Quiz 3 in class

• Zero-trust

• OAuth

• Firewall + IPTables

• Tunnels (e.g., SSH, IPSec, WireGuard, TailScale)

Readings:

• TailScale: 

  • How it works: https://tailscale.com/blog/how-tailscale-works/ 

  • CLI: https://tailscale.com/kb/1080/cli/ 

• Zero-trust: 

  • https://tailscale.com/blog/2019-09-10-zero-trust/

  • https://tailscale.com/kb/1123/zero-trust/ 

• OAuth 2.0:

  • https://darutk.medium.com/the-simplest-guide-to-oauth-2-0-8c71bd9a15bb 

  • https://darutk.medium.com/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85 

• IPTables and MITMproxy

  • https://docs.mitmproxy.org/stable/howto-transparent/ 

  • https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules 

• Bitcoin: https://docs.google.com/presentation/d/1KZPybiI9x4CA-MmO_dsOCQXVDZ5VY5D-ReRnQpUglRU/edit#slide=id.g35e71de504_0_0 

December 7: Malware, eCrime and abuse

Agenda:

• ToR

• Ransomware

• Cryptocurrencies

• Botnets

Readings:

• Tor

  • https://community.torproject.org/relay/relays-requirements/

  • https://community.torproject.org/onion-services/overview/ 

• Click Trajectory: https://cseweb.ucsd.edu/~savage/papers/Oakland11.pdf 

• Ransomware: https://hdanny.org/static/oakland-18.pdf 

December 14: Project Presentation + Quiz

This session will NOT be livestreamed.

All presentations will be in person. There will be six groups of presentations. Each group will give a ten-minute talk, followed by about five minutes of Q&A. We will spend about 100 minutes on the presentations. The remaining 50 minutes will be to wrap up the lecture on ransomware and other malware, and with concluding remarks.

Danny highly encourages everyone to attend in person and provide constructive feedback to individual groups. Extra credits will be awarded; please see this form.

Agenda:

• Lab 3 due

• In-class Quiz 4

• Project presentations:

  • TBD

• Ransomware + Malware

• Ethics: censhorship and malware takedown

• Conclusion