1 / 10

Network Security — Welcome and introduction

Network Security — Welcome and introduction. T-110.5241 Network security Nov-Dec 2013 Tuomas Aura Aalto University. Course learning objectives. Know common communications systems, classic security protocols and mechanisms, standard security solutions, and some of the latest stuff

daria
Télécharger la présentation

Network Security — Welcome and introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security — Welcome and introduction T-110.5241 Network security Nov-Dec 2013 Tuomas Aura Aalto University

  2. Course learning objectives • Know common communications systems, classic security protocols and mechanisms, standard security solutions, and some of the latest stuff • Understand network security technologies, their properties and limitations to be able to use them right • Understand a protocol engineer’s point of view to security • Be aware of the pitfalls in security engineering: things are not as simple as they look • Develop the adversarial mindsetof a security engineer • Learn to do basic security analysis of security protocols • Starting point for learning more on the job or in further studies • Additional goal: learning to read protocol standards

  3. Required background • Students are expected to understand: • Networking technologies: TCP/IP, 802.11etc. • Basic security concepts, e.g. T-110.4206 Information security technology • Basic cryptography, e.g. T-110.5211 Cryptosystems

  4. Lectures • Lecturer: Tuomas Aura • 13 lectures in Nov-Dec 2013 • Tuesdays 12:15-14 T6 • Thursdays 14:15-16 T3 • Attendance not mandatory but much of the material will only be covered in the lectures • No tutorial or exercise sessions

  5. Exercises • Six weekly exercises • Deadline on Sunday at 23:59; first deadline on 2012-11-10 • Exercises published in Noppa at least a week earlier • Reports to be returned to Rubyric • Course assistants • Aapo Kalliolaand Markku Antikainen • email: t-110.5241@tkk.fi • Course assistants available in the Playroom for advice and equipment: • Wednesdays 16:15-18 room A120 • Thursdays 16:15-18 room A120 • You must get 50% points on each exercise round to pass the course • Don’t panic: we want you to do well in the exercises • There’ll be an extra exercise round after the course to compensate for one or two failures • Email the course alias if you need a personal extension to a deadline

  6. Advice for the exercises • Try to solve all problems at least partly: even if it does not work, write a report explaining what you have tried and why • The goal in many of the exercises is to learn how to find information, so not everything is explained • There are always surprises with new software versions • Individual work: You are encouraged to discuss with other students but do not copy or even read the written answers of others students. Do all practical experiments independently and write your own code • You are allowed to cut and paste relevant short passages from standards, but mark them clearly as ”quotations” and give the source, e.g. [RFC 1234, section 5.6.7]

  7. Assessment • First examination 2013-12-19 • Exam registration is required and closes one week before the exam • Examination scope: lectures, protocol standards, recommended reading material, exercises, good general knowledge of the topic area • Exercises are mandatory: • Must get 50% of the points on each exercise to pass the course • Marking: • exam max. 30 points • exercises max 6 x 10 = 60 points • grading based on total points = exam + (exercises / 10) (total max 30+6=36 points) • Course feedback is mandatory in all T-110/T-109 courses

  8. Tentative course outline • Network security threats and goals • Security protocols, Kerberos • TLS / SSL internals • IPsec and its limitations • WLAN security: EAP, WPA2 • Cellular network security • Denial of service (AapoKalliola) • NFC application security (Sandeep Tamrakar) • Routing security (AapoKalliola) • Identity and discovery • Firewalls • Anonymity Some changes to this plan are likely. Security protocols Networks and systems

  9. Recommended reading • William Stallings,Network security essentials: applications and standards, 5th ed., Pearson Prentice Hall, 2013 (4th or 3rd ed. is also ok) • RFCs and standards, links from Wikipedia Old but has some interesting background information: • Kaufman, Perlman, and Speciner, Network security: PRIVATE communication in a PUBLIC world, Prentice-Hall, 2002

  10. Course feedback and development • Major revision of the course last year, only minor adjustments this year • Students asked for more point from the exercises; however, we did not change this because the exercise already make a big difference to the grades and to passing the course • Will replace the IDS exercise with protocol design • Will reduced the amount of work required by the last exercise • Other notes: • The handouts contain some slides that have been covered in other courses. These are intended as helpful reading material and no or little time is spent on them in the lectures.

More Related