Why is it possible to break into networked computer systems? What weaknesses are used? And what makes one protocol more secure than another? This course answers these questions and more. We begin the course by looking at weaknesses that have plagued networked systems for years. We then continue with countermeasures like firewalls and security protocols such as SSL, SSH and IPsec and investigate in detail what makes them secure. The course also gives a survey of cryptographic tools and explains how they can be utilized in protocols and applications, for example how to provide secure user authentication over a public network.
Knowledge about possible threats and countermeasures is important not only for the network security specialist but also for application programmers and everyone else who wants to understand what level of security a system and an application can offer. By knowing the problems, future systems can be designed to be much more secure and reliable than today.
The course covers many topics related to communications and network security:
- Network attacks, encryption and random number generation
- Analysis of weaknesses and attacks against common protocols such as TCP, UDP, IP, and ICMP. Denial of service (DOS) attacks. Scanning and operating system fingerprinting.
- Access control, authentication mechanisms, passwords, Radius, AAA, PKI, key distribution, Kerberos
- Identity management, certificates, X.509, revocation, smart cards, LDAP, OCSP
- Security protocols such as IPSec , SSL and SSH
- Security in wireless networks, WEP, WPA, IEEE 802.1x, EAP, TKIP
- Network design, firewalls, packet filters, proxies, NAT, tunnelling, ingress and egress filtering
- Virtual private networks (VPN), tunnelling protocols, segmentation and remote access
- Logs, alarms, syslog, SNMP
- Link level security, VLAN technology, security in ARP, DHCP and DNS.
The course consists of a series of lectures and laborative exercises. The laborative exercises focus on network scanning, building firewalls and study of common security protocols such as SSL
Prerequisites and selection
Successfully completed two years of studies within the subject Computer Science or equivalent. Specifically, the course DIT420 Computer Communication or equivalent is required. A course in Computer security such as DIT641 is recommended but not required. Applicants must prove their knowledge of English: English 6/English B from Swedish Upper Secondary School or the equivalent level of an internationally recognized test, for example TOEFL, IELTS.
Selection is based upon the number of credits from previous university studies, maximum 285 credits