Network Security will teach you
the strategies the bad guys use to get in
how to effectively defend your network
how network protocols and vulnerabilities really work
both theory and hands-on knowledge
the background to evaluate and design you own security solutions
As a future security professional, you need to master both the theory of network systems and security protocols,
as well as understand how the bad guys try to exploit weaknesses and how you can prevent that.
Network Security and Advanced Network Security will give you the theoretical knowledge and hands-on experience to become a network security expert.
You will earn your final grade through homeworks and a final exam, but it is possible to substitute the exam by completing your own network security-related mini project throughout the quarter. See the syllabus PDF for details.
Physical Layer Security
How are telecom networks made? Protection strategies for cables, wireless links and physical installations. Network resilience planning strategies of network operators to withstand disasters and solve infrastructure dependencies. Benefits and limits of physical layer security: or how the bad guys can still tap into communication
Link Layer Security
How the Ethernet link layer works and why it is so insecure! Link layer protection strategies such as port security, VLANs or 802.1X, and how they are circumvented by attackers. Security principles, bad design decisions and attack vectors in wireless communication networks. The security of GSM and telecom networks.
Best network design practices. How to do network reconnaissance. Address spoofing and associated network attacks. Hijacking the DNS system and effective detection and protection techniques. Secure and Covert Tunnels. Security of the "magic glue" of the Internet: How BGP holds the Internet together and the vulnerabilities of the interdomain routing system.
Reconnaissance and attacks using the TCP protocol. Secure Sockets Layer and Chains of Trust. Side channel attacks on secure sockets.
Application and Web Security
Using software vulnerabilities to gain system access. Finding adversaries with Intrusion Detection Systems and Honeypots. Theory and Practice of Firewalls. Security of E-Mail and Real-Time Communication Protocols. Onion Routing and Anonymizing Proxies. How secure protocols leak exploitable metadata information.
Developing a threat and risk plan. Network incident response planning.
...enriched with many case studies, demos and hands-on exercises:Physical Layer: tap into copper and fiber optic cables
Link Layer: Detect and protect against CAM Table Attacks, 5 ways to compromize a WiFi network, IMSI Catchers and how to intercept GSM calls
Network Layer: Perform network reconnaissance, secure a DNS system against attacks
Transport Layer: Detect attackers exploiting heart bleed
Application Layer: See and analyze the real-time (!) attack traffic against TU - what sticks in our TU honeypot, determining the content of an SSL-encrypted web session (unpublished research), build a backdoor into a random number generator and read the content of encrypted traffic
Two audiences, two options
Which course is right for me?
- Learning Goal
- Teaching Method
- 2 per week
- Understanding of network security key concepts and principles
- Interactive lectures
- Basic understanding of networks,
no programming background required
- see demos in lecture
- Homeworks with textual questions on network security concepts and Exam*
(* Exam may be replaced with a software/hardware project)
IN4402 Advanced Network Security
- 3 per week (2 from ET4397, plus 1 additional)
- Theoretical understanding, ability to perform network detection and implement defenses
- Interactive lectures and labs
- Understanding of networks and strong programming background
- see demos and experiment on your own in labs
- Homeworks with conceptual questions and programming parts (Implementation of Network Defenses, Data Mining) and Exam
Frequently Asked Questions
Network Security is purely tele-lectured, there is no need to travel. If you want to take Advanced Network Security, there will be a few labs to attend in Delft. If there is enough interest from Twente, it will be possible to create a special "Twente lab day" where you can do all the labs in one day to minimize travel.
What happens in the vacation week?
Since Delft and Twente have different vacation weeks, the lecture during the vacation week will be recorded and available online.