• Got
    cyber criminals,
    or spies
    in your network?
  • You need
    3TU Cyber Security MSc Specialization Core Course

Next Start: February 2017 Teaching Quarter 3, 2016/2017

Network Security will teach you
the strategies the bad guys use to get in how to effectively defend your network how network protocols and vulnerabilities really work both theory and hands-on knowledge the background to evaluate and design you own security solutions

As a future security professional, you need to master both the theory of network systems and security protocols,
as well as understand how the bad guys try to exploit weaknesses and how you can prevent that.
Network Security and Advanced Network Security will give you the theoretical knowledge and hands-on experience to become a network security expert.

Labs, Demos and
Hands-On Tutorials
Exam or optional security mini project
Network Security Expert
Evaluation: The course will be conducted as a mix of interactive lectures and demos (both in Delft and Twente).
You will earn your final grade through homeworks and a final exam, but it is possible to substitute the exam by completing your own network security-related mini project throughout the quarter. See the syllabus PDF for details.

Course Content

Physical Layer Security

How are telecom networks made? Protection strategies for cables, wireless links and physical installations. Network resilience planning strategies of network operators to withstand disasters and solve infrastructure dependencies. Benefits and limits of physical layer security: or how the bad guys can still tap into communication

Link Layer Security

How the Ethernet link layer works and why it is so insecure! Link layer protection strategies such as port security, VLANs or 802.1X, and how they are circumvented by attackers. Security principles, bad design decisions and attack vectors in wireless communication networks. The security of GSM and telecom networks.

Network Layer

Best network design practices. How to do network reconnaissance. Address spoofing and associated network attacks. Hijacking the DNS system and effective detection and protection techniques. Secure and Covert Tunnels. Security of the "magic glue" of the Internet: How BGP holds the Internet together and the vulnerabilities of the interdomain routing system.

Transport Layer

Reconnaissance and attacks using the TCP protocol. Secure Sockets Layer and Chains of Trust. Side channel attacks on secure sockets.

Application and Web Security

Using software vulnerabilities to gain system access. Finding adversaries with Intrusion Detection Systems and Honeypots. Theory and Practice of Firewalls. Security of E-Mail and Real-Time Communication Protocols. Onion Routing and Anonymizing Proxies. How secure protocols leak exploitable metadata information.

Incident Management

Developing a threat and risk plan. Network incident response planning.

...enriched with many case studies, demos and hands-on exercises:

Physical Layer: tap into copper and fiber optic cables

Link Layer: Detect and protect against CAM Table Attacks, 5 ways to compromize a WiFi network, IMSI Catchers and how to intercept GSM calls

Network Layer: Perform network reconnaissance, secure a DNS system against attacks

Transport Layer: Detect attackers exploiting heart bleed

Application Layer: See and analyze the real-time (!) attack traffic against TU - what sticks in our TU honeypot, determining the content of an SSL-encrypted web session (unpublished research), build a backdoor into a random number generator and read the content of encrypted traffic

Two audiences, two options

As knowledge of network security has become essential for many disciplines and the course network security is listed in multiple study programs, there are now two variants that cater for the different backgrounds and needs. ET4397IN Network Security covers the concepts of network security, current vulnerabilities and appropriate countermeasures. Students are not required to program, both homeworks and final exam are textual questions on the key ideas. In IN4402 Advanced Network Security, students get in addition to the theory also the opportunity for studying vulnerabilities and countermeasures in networking systems and communication protocols in detail, including in-depth study of protocol security analysis as well as a handson implementation of defense mechanisms on actual systems.

Network Security

  • 2 per week
  • Understanding of network security key concepts and principles
  • Interactive lectures
  • Basic understanding of networks,
    no programming background required
  • see demos in lecture
  • Homeworks with textual questions on network security concepts and Exam*
    (* Exam may be replaced with a software/hardware project)

IN4402 Advanced Network Security

  • 3 per week (2 from ET4397, plus 1 additional)
  • Theoretical understanding, ability to perform network detection and implement defenses
  • Interactive lectures and labs
  • Understanding of networks and strong programming background
  • see demos and experiment on your own in labs
  • Homeworks with conceptual questions and programming parts (Implementation of Network Defenses, Data Mining) and Exam

Tentative schedule

Course are taught interactively, so content of lectures may slightly shift depending on our speed through the material:

Frequently Asked Questions

I'm in Twente, do I need to travel to Delft?
Network Security is purely tele-lectured, there is no need to travel. If you want to take Advanced Network Security, there will be a few labs to attend in Delft. If there is enough interest from Twente, it will be possible to create a special "Twente lab day" where you can do all the labs in one day to minimize travel.

What happens in the vacation week?
Since Delft and Twente have different vacation weeks, the lecture during the vacation week will be recorded and available online.