Course Syllabus and Course Map

Summer 2020 (Session C)

CSE 548: Advanced Computer Network Security

Instructor Yuli Deng

Teaching Assistant Tariq M Nasim
Virtual Office Hours
Details provided in Live Events section below and on course’s Live
Events page
Content Questions Weekly discussion forums
Course Issues Course “Feedback” tool (blue button on every course page)
Technical Support Coursera Learner Help Center
NOTE: Please make sure you are logged in with your ASU email address so that
support personnel recognize you as an ASU degree student.
Private Support [email protected]
NOTE: When sending an email about this class, please include the prefix “CSE
548” in the subject line of your message.
Slack Channel TBD
NOTE: This channel is available in the ASU MCS Slack workspace (http://asu-
mcsonline.slack.com), which you must join/access using your ASURITE
credentials.

Course Description
With its focus on computer network security involving solutions in network virtualization,
programmable software networks, applied cryptography, system security, as well as machine
learning- and artificial intelligence-based solutions for network intrusion detection, this course
explores the necessary tools, techniques, and concepts of network security for modern computer
networks. It addresses both emerging technologies and research topics, primarily at the MAC layer
and above, and provides not only exposure to burgeoning areas of network security but also hands-
on experience in the virtual networking labs that are essential for advanced computer networks and
cybersecurity today and will be into the future.

Specific topics covered include:

● Packet filter firewalls

● Network intrusion detection/prevention
● Key management
1
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
 ● Attack analysis using attack graphs and attack trees
● Cloud network security
● Moving target defense in computer networks

Learning Outcomes
By completing this course, you will be able to:

● Explain basic security terminologies, models, architectures, and techniques.

● Apply proven methodologies to design secure networks that address enduring and emerging
issues.
● Apply network security standards and cryptography algorithms.
● Document the process of designing and implementing secure networking systems.
● Build a secure networking system to counter given network attacks.
● Adhere to standards of computer security ethics.
● Manage a network security establishment effort.
● Assess networking systems to identify security vulnerabilities.
● Represent security system setup and process results in written form. 
● Discuss cutting-edge network security research and development.

Estimated Workload/Time Commitment

15 - 20 hours per week

Required Prior Knowledge and Skills

Knowledge: Basic computer network concepts such as TCP/IP, packet switching, network services
architecture, network protocol stack (MAC layer and above), and basic network security concepts
such as encryption/decryption, authentication, access control, identity/key management
Skills: Python and HTML are required, while Java, C/C++ programming are beneficial

Technology
Hardware
No specific hardware is needed to successfully complete this course.

Software
No specialized software is needed to successfully complete this course. Knowing how to use the
Linux OS is a plus.

2
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
Textbook
No textbook is required for this course; however, the following textbook is recommended:

Software-Defined Networking and Security: From Theory to Practice. Dijiang Huang, Ankur
Chowdhary, and Sandeep Pisharody (CRC Press, 2018).

Important Course Dates

Class begins: Monday, May 18, 2020
Holidays: Monday, May 25 (Memorial Day); Friday, July 3 (Independence Day observed)
Final exam: Opens Thursday, July 9 12:01 AM; closes/must be completed by Sunday July 12, 2:45
AM (last appointment will be Saturday, July 11, 9:15 PM PHX)
NOTE: Because this session’s classes end on a Friday, we are opening the exam on Thursday and
extending the availability to the day after classes end, 7/11.
Class ends: Friday, July 10, 2020
Grades due: Sunday, July 12, 2020

Course Schedule by Week and Late Work

Unless otherwise noted, all graded work is due at 11:59 PM the Sunday ending the week for
which it is assigned.

Late work: A 25% late penalty will be added each day for graded work submitted after the
scheduled due date and time unless prior accommodations have been agreed to for extraordinary
circumstances.

Week Main Topic Begin Date End Date Graded Work

Due

1 Getting Started and Computer 5/18 5/24 5/24

Network Foundations

2 Security Foundations 5/25 5/31 5/31

3
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
 3 Virtual Networks 6/1 6/7 6/7

4 Software-Defined Networks and 6/8 6/14 6/14

Network Virtualization

5 Security Measurement 6/15 6/21 6/21

6 Anomaly Detection 6/22 6/28 6/28

7 Moving Target Defense 6/29 7/5 7/5

8 Closing the Course 7/6 7/10 7/10

Grade Breakdown
Course Work Quantity Format %

Participation/Discussion Forums/Live 8 Individual 5%

Events
Graded quizzes* 7 Individual 25%

Course Projects** 4 Individual 40%

Exam (final, covers Weeks 1 - 7) 1 Individual 30%

*The system will automatically drop your lowest graded quiz score.
**To request approval to include this course’s projects in your final MCS Portfolio, you must include
at least three (3) of the projects (but are welcome to include all four), which together will account for
at least 30% of your grade, which is the threshold for a project’s eligibility for inclusion as ONE
project in the final portfolio.

4
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
Grade Scale
Consistent with CIDSE policy, you must have a cumulative grade of at least 80% to earn a “B” in
this course, and 67% (“C”) to earn credit for this course. The following cutoffs will be used to
generate your letter grade:

A+ ≥95%

A ≥90%

A- ≥87%

B+ ≥84%

B ≥80%

B- ≥77%

C+ ≥72%

C ≥67%

D ≥50%

E < 50%

NOTE: For more information about grading, visit ASU’s Grades & Records webpage.

5
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
Assessment Details and Settings
The table below summarizes what you can expect to encounter in the course’s assessments.

Content Type Description Time Limit # of Feedback

Attempts
Practice quizzes – Each module includes Knowledge None Unlimited Full (score,
Knowledge Check Check practice quizzes, which cover correct/incorrect
only each module’s topic. The system choices,
may present a different selection of explanations)
questions to you after your first
attempt. These quizzes do not
contribute toward your final score in
the class.
Practice quizzes – Each unit includes a Unit/Weekly None Unlimited Full (score,
Unit/Weekly practice quiz, which covers the entire correct/incorrect
unit. These practice quizzes choices,
immediately precede the graded explanations)
Unit/Weekly quizzes. The system may
present a different selection of
questions to you after your first
attempt. These quizzes do not
contribute toward your final score in
the class.
Graded quizzes – Units 1-7 include one graded quiz that 90 minutes 1 Partial (score and
Unit/Weekly covers the entire unit and counts correct/incorrect
toward your final score in the course. choices)
NOTE: The lowest quiz score will be
automatically dropped.
Projects You will be required to complete four None n/a Full (score and
individual projects throughout the evaluation of the
course. These projects will be project’s
completed in the virtual networks completeness
platform ThoTh Lab. and outcomes)
Exams You will have one (1) proctored exam, 135 minutes 1 Limited (score
a final, taken in the course with total (2 only)
ProctorU, a live, remote proctoring hours plus
service that allows students to take 15 minutes

6
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
 exams online while ensuring the start-up with
integrity of the exam for the institution. proctor)
The exam will be available for three
(3) days. Additional information is
provided in the Course Map, Week 1’s
“Course Exams” reading, exam-
specific instructions in Week 8, and
the MCS Onboarding Course).
ProctorU appointments must be made
at least 72 hours prior to exam time to
avoid a scheduling fee.

7
CSE548: Advanced Computer Network Security (Summer C, 2020)
Updated 5/16/2020 – SUBJECT TO CHANGE.
Live Events/Virtual Office Hours
This course will offer several live event/virtual office hour sessions each week, all of
which will be hosted on Zoom. These sessions have an open, “drop-in” format to
provide everyone an opportunity to meet with the course instructor and/or teaching
assistants as well as classmates to ask questions and learn more about course topics
and assignments

Live events/virtual office hours may be joined using a computer or a mobile device. iOS
devices, however, are not fully supported at this time. To join from an iOS device, use
the Zoom app and paste in the session URL. Using other mobile operating systems or a
computer, simply open the Coursera app, navigate to “Live Events,” and click the active
link to join.

Event Dates and Times

All events will run for one hour. Times shown are Arizona.
Day Start Time Hosted By
Sat
Sun
Mon
Tue 9:00 AM Yuli
Wed 4:00 PM Tariq
Thu
Fri 5:00 PM Yuli

Also watch for announcements and check the Live Events page in the course.

Note: These events will be recorded and the instructor’s events will be uploaded to the
course by the end of the day following each event. Look for the “Weekly Live
Event/Office Hour Recordings” section at the end of each week.

For ASU and MCS policies and procedures, refer to the MCS Graduate Handbook.

Course Map
Week 1 | Unit 1: Getting Started and Computer Network Foundations
Learning Objectives
1.1 Describe computer network infrastructure components and set-up, including network
protocol layer models
1.2 Illustrate networking concepts such as devices’ OSI and TCP/IP protocol stack layers and
packet encapsulation and decapsulation

8
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
1.3 Differentiate between the uses, network layers, and related concepts of MAC and IP
addresses
1.4 Differentiate between IPv6 and IPv4
1.5 Illustrate the use of port number
1.6 Illustrate physical, logical and overlay networks
1.7 Explain the purpose and functionality of computer networking services such as DHCP,
ARP, DNS, and NAT
1.8 Illustrate the packet processing procedure of using iptables
1.9 Describe intradomain and interdomain network routing

Modules
Module 1: Getting Started
Module 2: Computer Network Basics and Infrastructure
Module 3: Network Addresses
Module 4: Computer Networking Services

Week 1 – To Do
❏ Complete “Get to Know Your Classmates” (discussion forum assignment)
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)
❏ Create your ProctorU account (if you do not already have one)

WEEK 1 – Due by 5/24/20

❏ Getting Started Quiz
❏ Unit 1 Graded Quiz

Week 2 | Unit 2: Security Foundations

Learning Objectives
2.1 Explain pros and cons of specific firewall architectures, including those pertaining to
deployment
2.2 Differentiate between stateful and stateless firewalls
2.3 Devise effective packet filtering firewalls such as iptables
2.4 Explain metrics intrusion detection and prevention systems such as FN, FP, TP, and TN
2.5 Differentiate among specific sniffing models, protocols, and tools
2.6 Design verifiable snort rules
2.7 Identify cryptology classifications
2.8 Explain cryptographic concepts such as symmetric cipher solutions, hash functions, Diffie-
Hellman key agreement protocol, RSA-based cryptosystem, and key management solutions
based on KDC and CA approaches
2.9 Illustrate how to use symmetric and asymmetric crypto approaches to achieve security
features such as confidentiality, authentication (origin integrity and data integrity), and their
combination

Modules
9
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
Module 1: Firewalls
Module 2: Intrusion Detection Systems
Module 3: Basics of Applied Cryptography

Week 2 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)

WEEK 2 – Due by 5/31/20

❏ Unit 2 Graded Quiz
❏ Project 1: Packet Filter Firewall (iptables)

Week 3 | Unit 3: Virtual Networks

Learning Objectives
3.1 Explain relationships between physical networks, logical networks, network
overlays, and network virtualization
3.2 Explain the concepts of tunneling, switch, bridge, and basic modules of linux bridge
and open virtual switch (OVS)
3.3 Illustrate how spanning tree protocol (STP) works
3.4 Explain how VLAN and VxLAN work in different use scenarios
3.5 Describe basic modules of linux bridge and open virtual switch (OVS)
3.6 Describe how L2TP and GRE tunneling protocols work, including running at
different network layers and design considerations
Illustrate SSL/TLS protocol procedures and achieved security features based on
exchanged messages
3.7 Describe IPSec protocol architecture, operations and traffic processing procedure
3.8 Illustrate IKE operation, phases and modes involved in IKE protocols, as well as the
uses of security association and security policies
3.9 Explain AH and ESP protocols and their use scenarios

Modules
Module 1: Virtual Network Foundations
Module 2: IP Security

WEEK 3 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)

WEEK 3 – Due by 6/7/20

❏ Unit 3 Graded Quiz

Week 4 | Unit 4: Software Defined Networks and Network Function

Virtualization
10
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
Learning Objectives
4.1 Describe the basic functions of routers and routing protocols
4.2 Explain the concept of Software Defined Network (SDN) and its architecture
4.3 Describe Openflow protocol, flow rules, and packet processing using Openflow
4.4 Illustrate how to set up a simple Open Virtual Switch (OVS) network
4.5 Explain the relationship between Network Function Virtualization (NFV) and SDN
4.6 Illustrate how the major open source platforms Openstack and Kubernetes contain
SDN and NFV components
4.7 Illustrate SDN and NFV security issues and potential solutions

Modules
Module 1: Distributed Network Routing
Module 2: Network Function Virtualization

WEEK 4 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)

WEEK 4 – Due by 6/14/20

❏ Unit 4 Graded Quiz
❏ Project 2: SDN-Based Stateless Firewall

Week 5 | Unit 5: Security Measurement

Learning Objectives
5.1 Explain what security measurement refers to
5.1 Explain how to use CVSS security metrics to measure a vulnerability
5.1 Explain the cyber Kill Chain model
5.1 Illustrate how to generate and use a graph-based measurement model
5.1 Evaluate attack scenarios based on given probability assignments of attack graphs,
attack trees, and attack countermeasure trees

Modules
Module 1: Introduction to Models
Module 2: Attack Graph and Attack Tree
Module 3: Attack Countermeasure Tree

WEEK 5 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)

WEEK 5 – Due by 6/21/20

❏ Unit 5 Graded Quiz

11
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
Week 6 | Unit 6: Anomaly Detection
Learning Objectives
6.1 Explain anomaly detection
6.2 Differentiate among the three major types of anomalies (point, contextual, and
collective)
6.3 Evaluate anomaly detection scenarios
6.4 Illustrate supervised and semi-supervised classification techniques
6.5 Describe the basic concept of neural networks for machine learning
6.6 Use feedforward neural networks (FNN) as an example to illustrate the procedure
for establishing an anomaly detection solution
6.7 Use FNN to build a basic anomaly detection model for a given network traffic data
set

Modules
Module 1: Anomaly Detection Models
Module 2: Feedforward Neural Networks

WEEK 6 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)
❏ If you haven’t already, schedule your final exam and complete the system test with
ProctorU

WEEK 6 – Due by 6/28/20

❏ Unit 6 Graded Quiz
❏ Project 3: SDN-Based DoS Attacks and Mitigation

Week 7 | Unit 7: Moving Target Defense

Learning Objectives
7.1 Explain the motivation for and key concepts of software-defined networking
7.2 Describe primary considerations associated with virtualizing security infrastructure
7.3 Illustrate how to use SDN for MTD
7.4 Illustrate how to use attack graph or MTD countermeasure selection
7.5 Illustrate how to use SDN-based distributed firewall to simplify attack-graph based security
analysis/measurement
7.6 Describe the security service function chaining
7.7 Examine the policy checking and resolving for SDN-based security system
7.8 Evaluate methods of defeating port scanning attacks
7.9 Explain the persistence and fast resumption of TCP-based applications
7.10 Illustrate address space layout randomization to counter buffer overflow attacks

Modules
12
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
Module 1: Introduction to Moving Target Defense
Module 2: Software-Defined Networking Approach
Module 3: MTD Case Studies

WEEK 7 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)
❏ If you haven’t already, schedule your final exam and complete the system test with
ProctorU
❏ Study for final exam – covers Units 1 – 7 (Weeks 1 – 7)

WEEK 7 – Due by 7/5/20

❏ Unit 7 Graded Quiz

Week 8 | Unit 8: Closing the Course and Final Exam

Learning Objectives
8.1 Describe the current software defined system (SDx) and development trend
8.2 Name several development movements of SDx
8.3 Describe the research and challenges of SDx

Modules
Module 1: Happening Now and Future Directions
Module 2: Final Course Deliverables and Exam

WEEK 8 – To Do
❏ Attend and/or watch recorded Live Event/Virtual Office Hour(s)
❏ Study for final exam – covers Units 1 – 7 (Weeks 1 – 7)
❏ Complete course evaluation survey

WEEK 8 – Due by 7/10/20

❏ Project 4: Machine Learning-Based Anomaly Detection Solutions
❏ Final exam
Opens: Thursday, July 9, 12:01 AM (Phx)
Closes: Sunday, July 12, 2:45 AM (Phx)
Last available appointment: Saturday, July 11, 9:15 PM Phx

NOTICES:
1) Because this session’s classes end on a Friday, we are opening the exam
on Thursday and extending the availability to the day after classes end, 7/11.
2) You must schedule your exam at least 72 hours prior to your desired
appointment to avoid having to pay a late-scheduling fee.
3) Conduct a ProctorU system test PRIOR to your exam appointment.

13
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
 Covers: Weeks (Units) 1 – 7
Duration: 135 minutes (120 minutes + 15 minutes for start-up with proctor)
Format: TBD
Grading: TBD

Allowed materials:

• One side of one sheet of 8.5x11 paper of hand-written notes

• One sheet (both sides) of 8.5x11 paper to use as scratch paper.

NOTE: Use of supplemental electronic devices (calculators, etc.) will not be

permitted during the exam. No bathroom breaks will be allowed.

Creator

Dijiang Huang

Dr. Dijiang Huang is an associate professor in the School of Computing Informatics and
Decision Systems Engineering. He teaches Computer Network and Security (CSE468) at
the undergraduate level and Advanced Computer Network and Security (CSE548) at the
graduate levels. In addition, he had taught computer science courses such as Computer
Networks (CSE434), Cloud Computing (CSE 546), Concepts of Computer Science and
Data Structure (CSE 205), Data Structures and Algorithm (CSE 310), and Introduction to
Computer Science and Engineering (CSE 101) at Arizona State University. Dr. Huang
received his Bachelor of Science degree in Telecommunications from Beijing University
of Posts & Telecommunications, China, and his Computer Science and
Telecommunications Master of Science degree and Ph.D. from the University of Missouri-
Kansas City.

Dr. Huang's research interests are in computer and network security, mobile ad hoc
networks, network virtualization, and mobile cloud computing. His research is supported
by the federal agencies NSF, ONR, ARO, and NATO, and organizations such as

14
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.
Consortium of Embedded System (CES), Kern Family Foundation, Hewlett-Packard, and
China Mobile. He is a recipient of ONR Young Investigator Award and HP Innovation
Research Program (IRP) Award, a Distinguished Lecturer of IEEE ComSoc, and a co-
founder of Athena Network Solutions LLC (ATHENETS) and CyNET LLC. He currently
leads the Secure Networking and Computing (SNAC) research group at ASU.

15
CSE548: Advanced Computer Network Security (Summer C, 2020)
5/13/2020 – SUBJECT TO CHANGE.