This course covers theory and practice of network security. Starting with general introduction of network security, this course focuses on Internet security. The first part addresses common security issues and countermeasures at each of the five layers from the TCP/IP protocol stack. Subsequently, Firewall and Intrusion Detection/ Prevention System are covered as two of the most common tools/technologies to protect a network. Finally, the course ends with special topics such as wireless network security, IoT security, etc.
- Explain common attacks and countermeasures in a networked system, particularly on the commonly used network protocols.
- Model, analyse and apply effective countermeasures for secure networked systems.
- Apply layered defense technologies to a secure network design.
- Design and optimise network design for given problem settings.
- Evaluate the security of an existing network design.
By the end of the course, students will be able to:
- Description of the fundamental concepts of network security, through proper threat modeling and security goal definition in a design project.
- Application of security countermeasures to design a secure networked system.
- Applications of security countermeasures to mitigate common attacks by demonstrating security level improvement of a vulnerable networked system.
- Application of layered defense technologies/tools and practical considerations for securing a complex network in a design project.
- Security assessment and optimisation of a given networked system through an experimental project.
- Demonstration of common attacks fro common network protocols, through successful packet sniffing and editing in a laboratory environment.
- Network protocol and the OSI model
- Packet sniffing and spoofing
- TCP protocol and attacks
- DNS protocol and attacks
- Public key infrastructure and TLS protocol
- Firewall and intrusion detection systems
- Web security
- Wireless security
- Security economy
Textbook(s) and/or Other Required Material
No textbook required. Recommended books are listed below.
- Ross Anderson, Security Engineering : A Guide to Building Dependable Distributed Systems, 2nd ed. Hoboken, NJ: John Wiley & Sons, 2008.
- Christof Paar and Jan Pelzl. Springer, Understanding Cryptography: A Textbook for Students and Practitioners, 1st ed. New York, NY: Springer, 2010.