Methods of Network Analysis

COURSE DESCRIPTION:
CYBV 326 provides students with a methodology for analyzing networks by examining
the network at its infrastructure, network, and applications layers; exploring how they
transfer data; investigating how network protocols work to enable communication; and
probing and analyzing how the lower-level network flayers support the upper ones.
Students will use hands-on labs and exercises to investigate and analyze network
fundamentals. CYBV 326 meets the National Security Agency (NSA) Center of
Academic Excellence in Cyber Operations (CAE-CO) academic requirements for
networking principles.
Prerequisites: None
REQUIRED TEXTS:
o Kurose, J., & Ross, K. (2021). Computer Networking, A Top-Down Approach,
Eighth Edition. Hoboken, NJ: Pearson. ISBN-13: 978-0135928608
o Supplemental readings and other resources as assigned on D2L throughout the
semester.
EXPECTED LEARNING OUTCOMES:
Upon completion of this course, students will be able to:
• Identify the major network components and protocols that enable communications
and data transfer.
• Define and describe the principal characteristics, functions, and protocols of the
Application Layer, Transport Layer, Network Layer, and Link Layer.
• Define and explain Wireless and mobile network architectures and protocols.
• Explain the principles of computer security.
• Exercise critical thinking strategies, including reasoning, problem-solving, analysis,
and evaluation by:
o Analyzing network traffic and their protocol and services
o Identifying and differentiating between connection and connectionless
protocols
o Enumerating network architectures through active and passive mapping and
scanning
o Using scanning techniques to determine the security posture of a network.
COURSE OBJECTIVES
During this course, students will:
• Understand network traffic concepts flowing across various mediums, such as wired
networks, wireless networks, and mobile networks.
• Understand how network traffic is formatted and sent across these networks.
• Understand, identify, and articulate attacks and mitigation strategies that occur
against various protocols and network layers.
• Be able to identify and analyze various elements of network traffic using network
sniffing tools such as Wireshark. Students will conduct weekly exercises to capture,
analyze, and develop a comprehensive report on their findings.
• Understand how network traffic is secured and how attackers can manipulate how
protocols and network structures work to develop and execute their attacks.
• Complete a comprehensive final project that requires students to develop a network
architecture, using a minimum of 20 concepts to describe how a traffic request
moves through the network, identity, describe, and provide mitigation techniques
for four attacks that may be executed at each of the four layers of the TCP/IP model.
EXPECTED COURSE WORKLOAD
Students should expect at least 4 hours of lecture and 5 hours of homework/exercises
each week for this course. Live synchronous lectures will be held each week. If a
student cannot attend the lecture, the lectures are recorded and can be viewed by the
student asynchronously.
REQUIREMENTS:
Requirements for the course are 13 quizzes plus a midterm, 3 research papers, a discussion post,
and a final examination. Students must draw on course lectures and assigned readings to
complete all course assignments and Labs. No late work will be accepted, so please ensure you
allot enough time to complete and turn in your work on time.
GRADING:
The final grade in the course will be based upon:
Introductory Discussion Post 0.5% See Course Schedule/D2L
(5 Points)
6 Content Quizzes, 7 PCAP Quizzes, and Midterm: 58.5% See Course Schedule/D2L
(6 Quizzes – 40 Points Each)
(7 PCAP Quizzes – 35 Points Each)
(Midterm – 100 Points)
Research Papers: 21% See Course Schedule/D2L
(3 Papers – 70 Points Each)
Final Examination: 20% See Course Schedule/D2L
(Final Examination – 200 points)
GRADING SCALE DISTRIBUTION
A 90 to 100 % 900 – 1000 Points A
B 80 to 89% 800 – 899 Points B
C 70 to 79% 700 – 799 Points C
D 60 to 69% 600 – 699 Points D
E Below 60% 0 – 599 Points E
COURSE SCHEDULE:
Week 1 – Computer Networks and the Internet
• Week 1 Learning Objectives – Upon completion, students will be able to
identify and describe:
o What the Internet is
o The network edge (access networks and physical media)
o The network core (packet switching and circuit switching)
o Delay, Loss, and throughput in Packet-Switched Networks
o Protocol layers and their service models
o Networks under attack
o History of computer networking and the Internet
• Week 1 Assignments
o Computer Networks and the Internet Lecture & Presentation
o Read Chapter 1 – Computer Networks and the Internet
o Computer Networks and the Internet Quiz
Week 2 – Computer Networks and the Internet
• Week 2 Learning Objectives – Upon completion, students will be able to
identify and describe:
o The uses of a packet sniffer
o Protocol layers within a Wireshark capture
o The various parts of Wireshark
o How to capture network traffic using Wireshark
o Interpret the results of the Wireshark capture.
• Week 2 Assignments
o Week 2 PCAP Quiz
Week 3 – Application Layer
• Week 3 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Principles of network applications
o The Web and HTTP
o Electronic Mail and the Internet
o DNS – The Internet’s Directory Service
o Peer-to-Peer Applications
o Video Streaming and Content Distribution Networks
• Week 3 Assignments
o Network Layer Lecture & Presentation
o Read Chapter 2 – Application Layer
o Application Layer Quiz
Week 4 – Application Layer
• Week 4 Learning Objectives – Upon completion, students will be able to
identify and describe:
o HyperText Transfer Protocol (HTTP)
o Domain Name System (DNS)
o DNS Vulnerabilities
o nslookup
• Week 4 Assignments
o Week 4 PCAP Quiz
o Paper 1 Research Paper
Week 5 – Transportation Layer
• Week 5 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Transport-Layer Services
o Multiplexing and Demultiplexing
o Connectionless Transport: UDP
o Principles of Reliable Data Transfer
o Connection-Oriented Transport: TCP
o Flow Control
o Principles of Congestion Control
o TCP Congestion Control
• Week 5 Assignments
o Transport Layer Lecture & Presentation
o Read Chapter 3 – Transport Layer
o Transportation Layer Quiz
Week 6 – Transportation Layer
• Week 6 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Analyze network traffic at the transport layer.
o Analyze congestion control mechanisms.
o Vulnerabilities associated with UDP and TCP
o How TCP connections end
• Week 6 Assignments
o Week 6 PCAP Quiz
Week 7 – Network Layer: Data Plane & Control Plane
• Week 7 Learning Objectives – Upon completion, students will be able to
identify and describe:
o The Network Layer
o Routers
o The Internet Protocol (IP): IPv4, Addressing, IPv6
o Generalized Forwarding and Software Defined Networking (SDN)
o Routing Algorithms
o Intra-AS Routing on the Internet: OSPF
o Routing Among the ISPs: BGP
o The SDN Control Plane
o Internet Control Message Protocol (ICMP)
o Network Management and Simple Network Management Protocol
(SNMP)
• Week 7 Assignments
o Network Layer Lecture & Presentation
o Read Chapter 4, The Network Layer: Data Plane / Chapter 5, The
Network Layer: Control Plane
o MIDTERM EXAM
o Paper 1 Research Paper due
Week 8 – Network Layer: Data Plane & Control Plane
• Week 8 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Network traffic at the network layer
o How Ping and Traceroute work
o Attacks that utilize ICMP
o Why ping would not work.
• Week 8 Assignments
o Week 8 PCAP Quiz
o Paper 2 Research Paper
Week 9 – Link Layer and LANs
• Week 9 Learning Objectives – Upon completion, students will be able to
identify and describe:
o The Link Layer
o Error-Detection and –Correction Techniques
o Multiple Access Links and Protocols
o Switched Local Area Networks
o Link Virtualization: A Network as a Link Layer
o Data Center Networking
• Week 9 Assignments
o Link Layer Lecture & Presentation
o Read Chapter 6, The Link Layer and LANs
o Link Layer and LANs Quiz
Week 10 – Link Layer and LANs
• Week 10 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Analyze traffic at the data link layer.
o Address Resolution Protocol (ARP)
o Attacks that use ARP
o How to change the MAC address on a computer and how this could be
used for attacks.
• Week 10 Assignments
o Week 10 PCAP Quiz
Week 11 – Wireless and Mobile Networks / Multimedia Networking
• Week 11 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Wireless Links and Network Characteristics
o Cellular Internet Access o Mobility Management: Principles
o Mobile IP
o Managing Mobility in Cellular Networks
o Wireless and Mobility’s impact on Higher-Level Protocols
o Multimedia Networking Applications
o Streaming Stored Video
o Voice-over-IP
o Protocols for Real-Time Conversational Applications
o Network Support for Multimedia
• Week 11 Assignments
o Wireless / Multimedia Lecture & Presentation
o Read Chapter 7, Wireless and Mobile Networks / Chapter 9,
Multimedia Networking
o Wireless and Mobile Networks / Multimedia Networking Quiz
Week 12 – Wireless and Mobile Networks / Multimedia Networking
• Week 12 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Analyze wireless traffic.
o Beacon Frames
o Association / Disassociation
o Probe Request / Response
o Attacks associated with wireless or mobile networks.
o Vulnerabilities with multimedia services
• Week 12 Assignments
o Week 12 PCAP Quiz
o Paper 3 Research Paper
o Paper 2 Research Paper Due
Week 13 – Security in Computer Networks
• Week 13 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Network Security
o Principles of Cryptography
o Message Integrity and Digital Signatures
o End-Point Authentication
o Securing Email
o Securing TCP Connections: SSL/TLS
o Network Layer Security: IPSEC and Virtual Private Networks (VPNs)
o Securing Wireless LANs
o Operational Security: Firewalls and Intrusion Detection Systems
(IDS)/Intrusion Prevention Systems (IPS)
• Week 13 Assignments
o Security in Computer Networks Lecture & Presentation
o Read Chapter 8, Security in Computer Networks
o Security in Computer Networks Quiz
Week 14 – Security in Computer Networks
• Week 14 Learning Objectives – Upon completion, students will be able to
identify and describe:
o Analyze encrypted network traffic.
o SSL / TLS
o Key exchange
o Diffie Hellman
o Client-side / Service Side attacks
o How to secure connections with a web server
• Week 14 Assignments Week 14 PCAP Quiz
Week 15 – Final Project
• Develop a Network Architecture – Upon completion, students will be able
to identify and describe:
o Network design with various devices
o Community-accepted network architecture symbology
o Community-accepted network diagram tools
• Explain Resource Requests – Upon completion, students will be able to
identify and describe:
o How data traverses a network at each layer of the OSI model
o Ports and protocols
o Protocol data units (PDU)
o Network Communication
• Explain Network Attacks – Upon completion, students will be able to
identify and describe:
o Relevant network attacks and how the attack works.
o Impact on Confidentiality, Integrity, Availability
o Mitigation techniques for known network attacks
• Paper 3 Research Paper Due.
__________________________________________________________________________________
University of Arizona Final Examination Policy: Final Exams | Office of the Registrar (arizona.edu)
and Final Exam Schedule http://www.registrar.arizona.edu/schedules/finals.htm
Grading Policy:
University policy regarding grades and grading systems is available at:
http://catalog.arizona.edu/policy/grades-and-grading-system
Requests for incompletes (I) and withdrawal (W) must be made in accordance with university policies
which are available at http://catalog.arizona.edu/policy/grades-and-grading-system#incomplete and
http://catalog.arizona.edu/policy/grades-and-grading-system#Withdrawal respectively.
Classroom Behavior Policy:
To foster a positive learning environment, students and instructors have a shared responsibility. We want
a safe, welcoming, and inclusive environment where all of us feel comfortable with each other and where
we can challenge ourselves to succeed. To that end, our focus is on the tasks at hand and not on
extraneous activities (e.g., texting, chatting, reading a newspaper, making phone calls, web surfing, etc.).
Threatening Behavior Policy:
The UA Threatening Behavior by Students Policy prohibits threats of physical harm to any member of the
University community, including to oneself. See: http://policy.arizona.edu/education-and-studentaffairs/threatening-behavior-students
Accessibility and Accommodations:
At the University of Arizona we strive to make learning experiences as accessible as possible. If you
anticipate or experience barriers based on disability or pregnancy, please contact the Disability Resource
Center (520-621-3268, https://drc.arizona.edu/) to establish reasonable accommodations.
Code of Academic Integrity as described in the UA General Catalog:
Students are encouraged to share intellectual views and discuss freely the principles and applications of
course materials. However, graded work/exercises must be the product of independent effort unless
otherwise instructed. Students are expected to adhere to the UA Code of Academic Integrity as described
in the UA General Catalog. https://deanofstudents.arizona.edu/policies/code-academic-integrity
The University Libraries have some excellent tips for avoiding plagiarism available at:
http://new.library.arizona.edu/research/citing/plagiarism
All written work is submitted to Turnitin, an anti-plagiarism application that compares submitted
assignments to a comprehensive database that includes all published and internet sources as well of
hundreds of thousands of student papers. You will be able to see for yourself what percentage of your
written work is considered “non-original” once you have submitted it to the appropriate Dropbox in D2L.
My position on plagiarism is non-negotiable—any written work that is plagiarized will result in a failure
for that assignment and possibly the course. Please familiarize yourself with the rules regarding
plagiarism.
Selling class notes and/or other course materials to other students or to a third party for resale is not
permitted without the instructor’s express written consent. Violations to this and other course rules are
subject to the Code of Academic Integrity and may result in course sanctions. Additionally, students who
use D2L or UA e-mail to sell or buy these copyrighted materials are subject to Code of Conduct
Violations for misuse of student e-mail addresses. This conduct may also constitute copyright
infringement.
UA Nondiscrimination and Anti-Harassment Policy:
The University is committed to creating and maintaining an environment free of discrimination; see
http://policy.arizona.edu/human-resources/nondiscrimination-and-anti-harassment-policy. Our classroom
is a place where everyone is encouraged to express well-formed opinions and their reasons for those
opinions. We also want to create a tolerant and open environment where such opinions can be expressed
without resorting to bullying or discrimination of others.
Absence and Class Participation Policy:
The UA’s policy concerning Class Attendance and Participation is available at:
https://catalog.arizona.edu/policy/class-attendance-and-participation
The UA policy regarding absences for any sincerely held religious belief, observance or practice will be
accommodated where reasonable, http://policy.arizona.edu/human-resources/religious-accommodationpolicy.
Absences pre-approved by the UA Dean of Students (or Dean Designee) will be honored. See:
https://deanofstudents.arizona.edu/policies/attendance-policies-and-practices
Student and Administrative Drops Policy:
Any student who intends to drop or withdraw from a course must follow the deadlines and processes.
https://catalog.arizona.edu/policy/change-of-schedule
Additional Resources for Students:
UA Academic policies and procedures are available at:
h
Academic Advising:
If you have questions about your academic progress this semester, please reach out to your academic
advisor (https://advising.arizona.edu/advisors/major). Contact the Advising Resource Center
(https://advising.arizona.edu/) for all general advising questions and referral assistance. Call 520-626-
8667 or email to advising@.arizona.edu
Life Challenges:
If you are experiencing unexpected barriers to your success in your courses, please note the Dean of
Students Office is a central support resource for all students and may be helpful. The Dean of Students
Office can be reached at (520) 621-2057 or DOS-deanofstudents@email.arizona.edu.
Physical and Mental-Health Challenges:
If you are facing physical or mental health challenges this semester, please note that Campus Health
provides quality medical and mental health care. For medical appointments, call (520) 621-9202. For
After Hours care, call (520) 570-7898. For the Counseling & Psych Services (CAPS) 24/7 hotline, call
a

*Subject to Change Statement
Information in the course syllabus, other than the grade and absence policy, may be subject to change
with advance notice, as deemed appropriate by the instructor.