Some of today's most damaging attacks on computer systems involve exploitation of network infrastructure, either as the target of attack or as a vehicle to advance attacks on end systems. This course provides an in-depth study of network attack techniques and methods to defend against them. Topics include network- and transport-layer attacks and defenses; network intrusion detection; denial of service (DoS) and distributed denial-of-service (DDoS) detection and reaction; worm and virus propagation; tracing the source of attacks; traffic analysis; techniques for hiding the source or destination of network traffic; secure routing protocols; content poisoning attacks; and advanced techniques for reacting to network attacks. Prerequisites: Students must have passed Introduction to Information Security (14-741) and Fundamentals of Telecommunication Networks (14-740), or an equivalent set of courses offered at Carnegie Mellon (e.g., 18-730 and 15-441). In addition, solid background in C and UNIX programming will prove helpful for the several assignments this course involves. Please check with the instructor directly if you are concerned about the requirements.

Faculty and instructors who have taught this course in the past:
Patrick Tague