Credits: 10 EC (5 EC of NeS-Delft included)
Prerequisites: Security and Cryptography (IN4191)
Motivation: Communication and networking systems are a key enabler for today’s society. This course provides a comprehensive review of the most important concepts, attack and defense methods, and best practices in computer and network security. Its goal is to equip students with the necessary background to understand the functioning of communication systems and services, and to critically reflect upon and improve the security of computer and communication systems.
Synopsis: Advanced Network Security covers the concepts of communication and network security across the seven layers of the OSI stack, as well as the principles of incident management and response.
Learning outcomes: Students will acquire:
- An understanding of threats and vulnerabilities at each layer of the OSI stack;
- The ability to select and customize controls depending on the operational context of a communication system;
- Practical skills in discovering attacks in networking hardware, and know how to configure systems to withstand these incidents;
- The ability to analyse protocols in RFCs and translate them within the context of an IPS module for security checking;
Lecturer: Dr Christian Doerr (TUD)
Contact hours: 7 hours per week lectures, 2-3 hours lab depending on week.
Examination: 30% exam, 50% term project and exercise sheets as well as 20% lab work.
Contents: Physical Layer (Intercepting and Wiretapping Traffic, Router Modifications, Network Planning, SLRG, Infrastructure Dependencies, Facility Security and Secure Hardwar); Link Layer (Switch Architecture, CAM Flooding, VLANs, ARP Spoofing, 802.11, WEP/WPA(2), 802.1X, WPAN networks, Mobile communications and Telecom Systems); Network Layer (Network Design Practices and Security Consideration, Security Service Topologies, Remote Reconnaissance, IP Spoofing, Fragmentation and Amplification Attacks, VPN and Secure Tunnels, Traffic Interception, DHCP, DNS Poisoning, DNSSec, Firewalls and Network Diodes, Interdomain Security and BGP); Transport Layer (TCP attacks, concepts of SSL and TLS, recent TLS vulnerabilities); Application Layer (Application Fingerprinting, Intrusion Detection Systems, NG-Firewalls, Honeypots, L7 vs L4 encryption, e-mail security, security in real-time communication, side-channel attacks against secure traffic, anonymizing proxies); Incident management (Threat Intelligence, Business Contingency Planning, Incident Response Planning, Crises Management and Operations Management).
Core text: Christian Doerr, “Network Security in Theory and Practice”, 2017.