Prerequisites and co-requisites |
- Basics of computer networking
- Basic Configuration of Cisco-Router und -Switches
- Hands-on experience with a Linux/Unix system: e.g. simple commands like pwd, cd, ls, chmod; access control system in Linux (rwx..)
- Basic user administration (access control, groups) in Linux
- Installation of rpm or deb packages (without detailed troubleshooting of problems)
- Basic network commands on a Linux and Windows system: ifconfig, ipconfig, arp -a
- Ability to work with a Windows system (also server): e.g. configure network; basic configuration of an AD domain controller
- Applied cryptology
- Database basics
- Programming knowledge (C)
- Basics of operating systems (processes, threads, memory protection, virtual memory)
- Basic knowledge of web programming
|
Course content |
Network security: attacks and (technical) countermeasures
- Layer 2 Attacks (arpspoof)
- DNS attacks
- Routing problems/attacks
- -- each with a focus on countermeasures
- Lab: Configuration of Firewall and IDS
Authentication and authorization systems/protocols
Cryptological/security protocols: SSL/TLS, IPsec, (Kerberos)
Problems and vulnerabilities of/with operating systems (focus on Linux)
Problems and typical weaknesses in SW development with C
Countermeasures
- Set-UID programs and problems with them (weaknesses)
- Environment variables and attacks on/with them
- Dirty COW vulnerability
- Buffer overflow
- Format String vulnerability
- possible return-to-libc
Exercises:
- https://seedsecuritylabs.org/ (Wenliang Du, syracuse Univ.)
- OS attacks and countermeasures
PKI Public Key Infrastructure:
- Certificates
- Configuration
- Attacks (e.g. MITM)
Trusted computing (TPM): Introduction
Secure/ Trusted/ Measured BootSecurity and Machine Learning/ Anomaly Detection: Introduction |
Learning outcomes |
In this course, the students receive implementation skills/ competence in:
- Security in computer networks
- PKI Public Key Infrastructure
- Authentication and Authorization systems; AAA
- Network Security
- Attacks and countermeasures
- Procedures and technologies (e.g. VPN, authentication technologies)
- Analysis and Configuration of security protocols: SSL/TLS, IPsec, 802.1x, RADIUS, if time permits: Kerberos
Students receive basic competence - if time permits - in:
- Security in the area of operating systems
- Trusted computing
- Secure and Trusted Boot
- Security and machine learning (anomaly detection)
|
Planned learning activities and teaching methods |
Lecture and seminar/labs using Packet Tracer and virtual machines (attendance is mandatory)
|
Assessment methods and criteria |
Final exam (60%) and assessment of practical work (40%).
For a positive grade, a minimum of 50% of the possible points must be achieved in each part of the examination.
Obligatory attendance in labs |
Comment |
Non applicable |
Recommended or required reading |
- Adams, Carlisle; Lloyd, Steve (2010): Understanding PKI: Concepts, Standards, and Deployment Considerations. Boston etc.: Pearson Education.
Boyle, Randy J.; Panko, Raymond R. (2014): Corporate Computer Security. 00004 Ed. Boston: Prentice Hall.
- William Stallings: "Cryptography and Network Security: Principles and Practice", Eighth Global Edition 2022
- Steffen Wendzel: "IT-Sicherheit für TCP/IP- und IoT-Netzwerke: Grundlagen, Konzepte, Protokolle, Härtung", 2021
- Chris Carthern, William Wilson : "Cisco Networks: Engineers' Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021
- Du, Wenliang (2019): Computer Security: A Hands-on Approach. 2. Wenliang Du.
- Garman, Jason (2003): Kerberos: The Definitive Guide. 1st Ed. Beijing ; Farnham: O'Reilly & Associates.
- Kurose, James; Keith, Ross (2016): Computer Networking: A Top-Down Approach, Global Edition. 7. Boston Columbus Indianapolis Amsterdam Cape Town: Prentice Hall.
- Pröhl, Mark (2011): Kerberos: Single Sign-on in gemischten Linux/Windows-Umgebungen. 1st Ed. Heidelberg: dpunkt.verlag GmbH.
- Richer, Justin; Sanso, Antonio (2017): OAuth 2 in Action. 1st Ed. Shelter Island, NY: Manning Publications.
- Seacord, Robert C. (2014): CERT® C Coding Standard, Second Edition, The: 98 Rules for Developing Safe, Reliable, and Secure Systems: 98 Rules for Developing Safe, Reliable, and ... Edition). 2 ed. Upper Saddle River, NJ: Addison-Wesley Professional.
|
Mode of delivery (face-to-face, distance learning) |
Classroom teaching, attendance is mandatory in the labs/seminars |