National University of Sciences and Technology
Home | Back
IS-821 Advanced Network/Web Security
Campus MCS
Programs PG
Session Fall Semester 2016
Course Title Advanced Network/Web Security
Course Code IS-821
Credit Hours 3+0
Pre-Requisutes Computer Networks Knowledge
Course Objectives Objective: To understand network security threats and countermeasures.

Outcome: At the end of the course the students will be able to configure and apply the security techniques in real world scenarios.
Detail Content
  • The Threat Environment: Attackers and their Attacks Basic Security Terminology, Employee and Ex-Employee threats, Traditional External Attacks, The Criminal Era, Cyberware and Cyberterror, A Constantly Changing Threat Environment.
  • DDoS and Traceback TCP Handshake, IP Spoofing & SYN Flood, Distributed DoS (DDoS) Attacks, Prevention and Detection, Trace back, Input Debugging, Controlled Flooding, ICMP Trace back, Probabilistic Marking, Botnets.Elements of Cryptography Introduction, Cryptographic Systems, VPN, SSL/TLS, WAN Security, Ethernet Security, Wireless Security.
  • IP Security IPSec architecture & concepts, IPSec authentication header, IPSec encapsulating security payload, Key Management –Concepts, Manual Exchange, Internet Key Exchange, IPSec Strengths & Weaknesses, Implementation of IPSec
  • Access Controls Org and Human Controls, Physical Access and Security, Biometric Authentication, Cryptographic Authentication, Authorization, Central Authentication, Directory Servers, Full Identification Management.
  • Firewalls Introduction, Typical Configuration, Static Packet Filtering, State full Packet Filter, NAT, Application Proxy firewall and Content Filtering, Firewall Architecture, Encrypted Tunnels, Firewall Management.
  • Intrusion Detection & Prevention Systems Elements of Intrusion Detection, Approaches, Misuse Detection, Anomaly Detection, Monitoring Networks and Hosts, Audit Data Preprocessing, Host-based IDSs, Network IDSs, Antivirus Filtering and Unified Threat Management, Intrusion Response for Threats.
  • Web Application Security General Application Security Issues, WWW and E-Commerce Security, Email Security, User
    • Application Security.
  • Java Security Applets Versus Applications, Application Security, Applet Security, Java Versus Active X, Executable Content Security, Basic Java Security Architecture, Byte code verifier, Class loader, Security manager
    • Corporate Computer and Network Security, Second Edition by Raymond R. Panko, Prentice Hall, 2010.
    • Network security: PRIVATE communication in a PUBLIC world by Kaufman, Perlman, and Speciner
    • William R. Cheswick and Steven M. Bellovin, Firewalls and Internet Security, Addison-Wesley, 1994. ISBN 0-201-63357-4
Text/Ref Books
Time Schedule
Faculty/Resource Person Def Emp Col Dr Imran Rashid