Prerequisites: This course is intended for students following a M.Sc. program in the area of Computer Science, but can also be followed by students who are at the end of their B.Sc. or at the start of their Ph.D. program. To follow this course, students should have a solid understanding of TCP/IP and some basic skills in programming (C or Java). In addition, students should be able to use Linux systems (Ubuntu) and set-up and maintain Virtual Machines (VirtualBox, Vagrant).
Motivation: In the past decades the growth of the Internet has been such, that a modern society without the Internet is hardly conceivable. Like the normal society, bad behaviour also takes place on the Internet. As a consequence, also on the Internet users must protect the security of their information exchanges as well as the systems that they connected to the Internet.
Synopsis: Internet security has multiple aspects. First, it is important to protect the confidentiality, authenticity and integrity of the data that is being exchanged; for that purpose a number of security protocols have been developed. Second, it is important to detect and mitigate malicious behaviour, to ensure the availability of systems and services connected to the Internet. Third, it is important to understand the techniques hackers use to break into (web) systems. This course focuses on all three aspects.
Learning outcomes: After following this course, the student can:
- Critically discuss, select and compare security mechanisms in communication protocols on the data link, network, transport and application layer.
- Identify, compare and discuss several security risks and countermeasures at the networked system level and the web.
- Understand attacks on web servers.
Lecturers: Prof. Dr. Ir. Aiko Pras (UT/EWI) and Dr. Anna Sperotto (UT/EWI)
Teaching method: The course is organised in the form of a Massive Online Open Course (MOOC) via https://learnintsec.org/. The MOOC runs twice a year: in the first (Q1) as well as the third quarter (Q3). It consists of three modules: 1) Internet Security Protocols (2EC), 2) Internet Security Attacks and Defence (2EC) and 3) Web security (1EC). For 4TU.CybSec students there will be short weekly (video) meetings to answer questions and provide feedback. These weekly meetings may also be used for guest presentations. For students outside the 4TU collaboration (parts of) the course will be provided as “MOOC-only”.
Examination: Weekly exercises via the MOOC platform; the web hacking assignment are those from Certified Secure (https://www.certifiedsecure.com). The exercises can be performed twice a year, in Q1 and Q3. There is no “classical exam”, but selected students may be invited for an oral or a remote video meeting (like Skype) to explain and defend the answers they provided via the MOOC platform.
Contents: Security protocols: WPA, IPSec, SSH, TLS, SSL, HTTPS, DNSSec. Attack and Defense: network monitoring, distributed denial-of-service attacks (DDoS), Reflection and amplification, DNS security, Intrusion detection, firewalls.