COMP4337/9337 Secured Wireless Network

 

SUBJECT OUTLINE

Session 1 2017

Schedule added 23th March 2017          

Last Updated 4th March 2017  

Date of Creation: 27th February 2017

Please check your email for an account on www.acadly.com for course Content Delivery and Learning. If you haven’t received any email, please send a note to LIC immediately


Staff Contact Details

 

Lecturer-in-charge:

Prof Sanjay Jha

Office: K-17, Room501A, Level 5

Phone: 9385 6471

E-mail: sanjay.jha@unsw.edu.au

Consulation Time: By appointment 

(Please acadly for general questions)

 

 

Guest Lecturer:  Dr Ralph Holz, Dr Hailun Tan

 

Teaching Assistants and Laboratory Co-ordinators:

Please check the subject/course website.

 

 


Course Information

Units of Credit: 6

Parallel Teaching: This is a combined undergraduate and postgraduate course. The written exams for the postgraduate students will contain some questions, which are different from the undergraduate exam, and will more challenging.

Pre-requisites: 

COMP3331/9331

 

 

Aims:

To provide an in-depth introduction to a wide range of topics in the field of Wireless Network Security.  To get a hands-on understanding of the security issues in wireless networks.  

 

Learning Outcomes: The following are the student learning outcomes:

 

 

 

 

Teaching Strategy:  The main objective of this course is to encourage students to be creative and being able to think outside the box. Students should be able to relate new ideas to previous knowledge or real world experience. The student experience will consist of lectures (2-3 hrs per week) for the first 7-8 weeks.  A set of review/quiz questions is provided to help reinforce the main ideas introduced during the lecture (There are no formal tutorials in this course). At least some part of assessment should be based on real world experiences. COMP9337 uses of hands on laboratory sessions aimed at supporting problem based learning to enhance student-learning experience.  The student experience will be supported by on-line access to materials. Finally, students will be required to complete a project by  analyzing security vulnerabilities and propose solution.  Students (groups) may also propose a project for approval. The project will demonstrate their capability of analyzing and developing security protocols/solutions for a variety of applications.



Course Schedule

 

Lectures:   2 - 3 hours per week for 7- 8 weeks, Wed 12:00 - 15:00, Venue:  Please check myUNSW. The lecture slot for the last few weeks will be used for final project related activities. Lecture notes will be available on the course webpage.

 

 

Laboratory sessions: 2-hour for 3 -4 weeks. One of  labs would be  PenTesting Wireless Networks, where all students are required to break a WEP and WPA/WPA2 network using tools such as Aircrack. Another lab is about running a MITM against TLS connections, where students use a range of different tools to setup a real attack scenario (rogue access point setup and many more interesting PenTest skills).  We also have labs on secret shared key generation using information theoretic method by measuring wireless RSSI. We may add additional labs this session. This will be advertised via a separate lab page linked from course home page   Students may be asked to work in groups.

 

Tutorials: There are no tutorials for this course.  

 

Consultations: In addition to lectures and labs, there will be an optional consultation slot. Check the web page for timings. Students having difficulty with these timings may negotiate for a different slot with the LIC. 

 

Lecture Topics: 

With exponential growth of the Internet, security of a network has become increasingly challenging. This subject will explore the security vulnerabilities in both fixed and wireless networks and cover the fundamental concepts and advanced issues with an emphasis on the Internet architecture and protocols. 

The following key concepts will be covered: Wireless Communications and Security overview, Review of Cryptographic techniques, 802.11 Technologies and legacy 802.11 Security: lessons learnt, Encryption Ciphers and Methods in Wireless Networks, Wireless Security Risks, Wireless Security Auditing and Pen Test Introduction,  IPSec and IP layer security,  PKI/X.509, Transport Layer Security/DTLS,   Intrusion Detection and Protection Systems, Network Firewalls, Secure Neighbor Discovery, Routing and Forwarding Security,  Authentication and Key Management in Wireless Networks/Sensor Networks,   Broadcast Security and Secure Code Dissemination,  Network Privacy and Anonymity, Security and Privacy in Location Services, Smart Grid and IoT security.

Note: This is a tentative list.  Some of these topics will be covered via Guest lecture.

Lecture Schedule: The following table lists the tentative weekly schedule. Students will be informed of any changes during the lecture and by announcements on the notices page.

Week

Date

Topics

2

8th March

  1. Course Overview,
  2. Wireless Communications and Security Overview

3

15th March

  1. 802.11 Technologies and legacy 802.11 Security: lessons learnt
  2. Encryption Ciphers and Methods in Wireless Networks.

4

22th March

  1. Wireless Basics
  2. Introduction to Bluetooth Security

Lab 1 (Please note some labs are on Tuesdays)

5

29th March

  1. PKI and Transport Layer Security, DTLS


 5


5th April

  1. IPSec, Comparison with TLS

Lab 2 (Please note one labs are on Tuesdays 4th April)

 6

12thApril

  1. Authentication and Authorisation in WLAN, 801.X EAP
  2. Quiz – 1  (in Class open book)

7

19th April

 Non-teaching Week

8

26th April

Broadcast Authentication, Merkle Tree

Lab3 (please note that Lab falling on 24th April to be done on 2nd May)

9

3rd May

Guest Lecture (Dr Ralph Holz)

10

10th May

Information Theoretic/Phy Layer Security

11

17th May

 Quiz – 2  (in Class open book)

12

24th May

 Project Discussions

13

31st May

 Project submission/Demo

 

A detailed course schedule will be available via course webpage.


Student Resources

Textbook: This course does not have a prescribed textbook. Most of the content presented will multiple books, on-line materials, conference proceedings, journal articles, etc. A list of references related to each week's lecture content will be made available on the course webpage. Students are expected to read articles/papers as directed.

 

Reference Texts:

The following is a list of reference textbooks, which may be useful. Students are not required to purchase these.

 

Lecture notes will have reference to appropriate sections (and other material)


Software Availability:

TBA



Back to top


 

Assessment

There will be 3 assessment components as described below:

 

1 - Lab Asssignments.  After completion of labs, students will be ask to perform some task in their own time and submit for marking. Please check lab page for details. Check the Labs link on the course webpage for the exam schedule. The lab assessment will be marked out of 20 marks. Each student must attend the lab ONLY in his/her allocated lab session.

 

2 – Project  (20 marks)

 

There will be a security analysis  part.  This project will be done in a group of two. You will have 3-4 weeks to finish this project.  It is likely that project will require a short report and a demo. Please check the details and specification will be announced on course web site.

 

Project deadlines will be advertised mid-semester.. 

 

(Note: that we could readjust the marking components between lab assignments and project in consultation with class)

 

Subject policy on project: The projects are an integral part of the assessment. Make sure that you submit your work on time. Follow the submission directions in the project carefully. Late submissions will be penalised according to the rules specified in the assignment specifications.

 

3 – Attendance and class participation including Quizzes:  This component will contribute to a maximum of 20 marks. Attendance in lectures is mandatory.

 

4   Final Examination. The format and details will be announced. The exam will take place during the university exam period. This component will contribute to a maximum of 40 marks.  Students must score at least 20 marks in the final exam to pass this subject.

 

 


Academic Honesty and Plagiarism

All submissions are routinely subject to scrutiny for similarities with other students' assignments. If you copy from another person, or get an unreasonable amount of help from a friend (so your assignment begins to look like theirs), or if you work very closely with someone, there is a good chance we will detect it. When we do, you will be penalised. At the very least, you will lose some or all marks for that assignment. In the past, students have been automatically failed for submitting stolen assignments. Further details of the School plagiarism policy can be found here. (You acknowledged receipt of these rules when you obtained your CSE computer account, and the link above is for your convenience so that you can review the rules now.)

We are aware that a lot of learning takes place in student conversations, and don't wish to discourage those. However, it is important, for both those helping others and those being helped, not to provide/accept any programming language code in writing, as this is apt to be used exactly as is, and lead to plagiarism penalties for both the supplier and the copier of the codes. Write something on a piece of paper, by all means, but tear it up/take it away when the discussion is over.

If you are new to studying in Australia, be aware that attitudes to plagiarism at UNSW may be different from those in your home country. Make sure you are clear about the rules here at UNSW. In brief, and for the purposes of COMP4337/9337, plagiarism includes copying or obtaining all, or a substantial part, of the material for your assignment, whether programming language code, or written or graphical report material, without written acknowledgement in your assignment from:

  1. a location on the internet;
  2. a book, article or other written document (whether published or unpublished) whether electronic or on paper or other medium;
  3. another student, whether in your class or another class;
  4. a non-student (e.g. from someone who writes assignments for money)

Note also that there is a big difference between being able to understand someone else's code, and writing that code yourself from scratch. A computer programmer has to be able to write code from scratch. The assignments provide opportunities for you to develop the skills necessary to write your own networking code. Use these opportunities!

Further details on the CSE student plagiarism policy can be found here.

Back to top


Special Considerations / Supplementary Examination

The following cases may be considered:

(1) A student has submitted a fully documented request for Special Consideration within 7 days of the assignments or examination. The medical or other evidence is clearly of a nature to affect the student's performance seriously (minor ailments such as cold, headache - unless chronic, or severe enough to require prescribed medication, will not be considered). Feeling 'unwell', for instance does not excuse a poor result. In simple terms, not all applications are automatically accepted.

(2) A student's performance during the semester, particularly in the lab and research reports has been of satisfactory standard. Students who perform poorly in such assessment components will not be granted a supplementary exam.

(3) A supplementary assessment will be arranged at a suitable time by the lecturer-in-charge.

 

Re-Assessment Policy: Due care is taken to mark all assessment components fairly and appropriately. Therefore, it is unlikely that marks will be changed after a re-assessment. However, students who still feel that the mark they received does not reflect their performance have the right to apply for re-assessment. The re-assessment procedure may be in one of the following form and MUST be applied via NewSouth Q in the Chancellary within 14 days after notification of results of assessment. Please note that re-assessment or re-marking of a piece of work may result in marks to go up or down. Further details can be found from UNSW student guide at following site: http://www.student.unsw.edu.au/port/p_nsradar.html

Back to top


Course Evaluation and Development

Student feedback on this course, and on the lecturing in this course, will be gathered via an online questionnaire, which will be e-mailed to all students towards the end of the session. Student feedback is taken seriously, and continual improvements are made to the course based in part on this feedback. The course questionnaire results go to the Head of the School of Computer Science and Engineering, who reads the results and follows up in cases where action is clearly needed

In addition feedback will also be gathered mid-way through the session to gauge the student experience and make any quick changes if required to improve student learning.

Students found labs, assignments/projects more interesting. There were several complaints about too much assessment and lack of enthusiasm for research report. This session, we will be replacing programming project and  research project with an open ended project involving security assessment of various wireless IoT products.  Also, we will be simplifying submission requirement for lab assignments to make them more effective.  There will be some reorganization of lecture material for better flow.


Communications via E-Mail

(1)All students MUST read 'Notices' from the course web-site for any updates or notices regularly. Students must also check their school e-mail regularly for announcements regarding this course.  Please note that we are using a new portal www.acadly.com for course delivery and improved learning.

(2) Students must follow the proper communication channels:-

(a)The official course mailing address (cs4337@cse.unsw.edu.au) should only be used for students who have personal problems and wish to seek help from LIC or Administrator on confidential basis. Please allow up to a few days to receive a reply. If it's urgent, use the consultation hours.

(b) Please use your official UNSW email to communicate in relation to this subject matters.  Make sure that your student-id and names are identifiable.

(c) Do not send direct emails to LIC, Administrator, etc. via their personal email addresses. Emails received at private accounts will not be read and automatically deleted without reply


Further Information

 

Back to top