Difference between revisions of "MSc: Security of systems and networks"
N.zlatanov (talk | contribs) |
N.zlatanov (talk | contribs) |
||
Line 116: | Line 116: | ||
The main sections of the course and approximate hour distribution between them is as follows: |
The main sections of the course and approximate hour distribution between them is as follows: |
||
+ | {| class="wikitable" style="margin:auto" |
||
− | {| |
||
− | |+ |
+ | |+ |
− | !align="center"| '''Section''' |
||
− | ! '''Section Title''' |
||
− | !align="center"| '''Teaching Hours''' |
||
|- |
|- |
||
+ | ! Section !! Section Title !! Teaching Hours |
||
− | |align="center"| 1 |
||
− | | Intro, Booting, Operating Systems Essentials, and Computer Architecture |
||
− | |align="center"| 8 |
||
|- |
|- |
||
+ | | 1 || Classical and modern cryptography || 8 |
||
− | |align="center"| 2 |
||
− | | DNS, DNSSEC, DoH |
||
− | |align="center"| 14 |
||
|- |
|- |
||
+ | | 2 || Authentication and Kerberos || 8 |
||
− | |align="center"| 3 |
||
− | | Email |
||
− | |align="center"| 4 |
||
|- |
|- |
||
+ | | 3 || SSL, TLS, and IPSec || 10 |
||
− | |align="center"| 4 |
||
− | | ABNF, Deflating, Directory Services, Disks, Web, and Protocols |
||
− | |align="center"| 12 |
||
|- |
|- |
||
+ | | 4 || Covert channels and pattern matching-based network security (IDS/IPS) || 6 |
||
− | |align="center"| 5 |
||
+ | |- |
||
− | | Labs |
||
+ | | 5 || Quantum cryptography || 2 |
||
− | |align="center"| 56 |
||
+ | |- |
||
+ | | 6 || Labs|| 56 |
||
|} |
|} |
||
− | === Section 1 === |
+ | === Section 1 title: === |
+ | Classical and modern cryptography |
||
− | === Section title: === |
||
− | |||
− | Booting, Operating Systems, and Computer Architecture |
||
=== Topics covered in this section: === |
=== Topics covered in this section: === |
||
+ | |||
− | * Booting principles and disks |
||
+ | * Enigma |
||
− | * Essentials of operating systems |
||
+ | * Different substitution and transposition ciphers |
||
− | * Fundamentals of computer architecture |
||
+ | * Stream and block ciphers |
||
+ | * Data Encryption Standard (DES) |
||
+ | * Advanced Encryption Standard (AES) |
||
+ | * Diffie-Hellman key exchange |
||
+ | * Crypto math |
||
+ | * RSA |
||
+ | * Elliptic curve cryptography |
||
=== What forms of evaluation were used to test students’ performance in this section? === |
=== What forms of evaluation were used to test students’ performance in this section? === |
||
+ | |||
+ | {| class="wikitable" style="margin:auto" |
||
+ | |+ |
||
+ | |- |
||
+ | ! Form !! Yes/No |
||
+ | |- |
||
+ | | Development of individual parts of software product code || No |
||
+ | |- |
||
+ | | Homework and group projects || Yes |
||
+ | |- |
||
+ | | Midterm evaluation || No |
||
+ | |- |
||
+ | | Testing (written or computer based) || Yes |
||
+ | |- |
||
+ | | Reports || Yes |
||
+ | |- |
||
+ | | Essays || No |
||
+ | |- |
||
+ | | Oral polls || No |
||
+ | |- |
||
+ | | Discussions || Yes |
||
+ | |} |
||
− | <div class="tabular"> |
||
− | <span>|a|c|</span> & '''Yes/No'''<br /> |
||
− | Development of individual parts of software product code & 0<br /> |
||
− | Homework and group projects & 1<br /> |
||
− | Midterm evaluation & 0<br /> |
||
− | Testing (written or computer based) & 1<br /> |
||
− | Reports & 1<br /> |
||
− | Essays & 0<br /> |
||
− | Oral polls & 0<br /> |
||
− | Discussions & 1<br /> |
||
− | |||
− | |||
− | |||
− | </div> |
||
=== Typical questions for ongoing performance evaluation within this section === |
=== Typical questions for ongoing performance evaluation within this section === |
||
− | # |
+ | # How do different protocols work? |
+ | # What are the differences in stream and block ciphers from performance |
||
− | # How the disks are partitioned? |
||
+ | standpoint? |
||
− | # Explain UEFI booting |
||
+ | # How to measure the security of cryptographic algorithms? |
||
+ | # How to encrypt and decrypt with different asymmetric crypto algorithms? |
||
+ | # How to embedd backdoors in crypto algorithms? |
||
+ | # |
||
+ | # How to realize key exchange through diffie-hellman using traditional techniques and elliptic curve techniques? |
||
+ | # How to make security algorithms efficient? |
||
=== Typical questions for seminar classes (labs) within this section === |
=== Typical questions for seminar classes (labs) within this section === |
||
+ | # Make enigma machine with pringle box |
||
− | # Demonstrating the knowledge of booting |
||
+ | # Assess the security of different setups of RSA |
||
− | # Analyze assembly code at a basic level |
||
+ | # Implement man in the middle attack |
||
− | # Demonstrate the system and library calls in operating systems |
||
+ | # Implement addition over elliptic curves |
||
+ | # Solve crypto math problems |
||
=== Test questions for final assessment in this section === |
=== Test questions for final assessment in this section === |
||
Line 188: | Line 200: | ||
# Same as above |
# Same as above |
||
− | === Section 2 === |
+ | === Section 2 title: === |
+ | Authentication |
||
− | === Section title: === |
||
− | |||
− | DNS, DNSSEC, and DoH |
||
=== Topics covered in this section: === |
=== Topics covered in this section: === |
||
+ | * Kerberos |
||
− | * DNS |
||
+ | * Passwords |
||
− | * DNSSEC |
||
+ | * Biometrics |
||
− | * DoH |
||
+ | * Authentication and key agreement protocols |
||
+ | * Rainbow tables |
||
+ | * Protocol development |
||
=== What forms of evaluation were used to test students’ performance in this section? === |
=== What forms of evaluation were used to test students’ performance in this section? === |
||
− | + | {| class="wikitable" style="margin:auto" |
|
+ | |+ |
||
− | |||
+ | |- |
||
− | <span>|a|c|</span> & '''Yes/No'''<br /> |
||
+ | ! Form !! Yes/No |
||
− | Development of individual parts of software product code & 0<br /> |
||
+ | |- |
||
− | Homework and group projects & 1<br /> |
||
+ | | Development of individual parts of software product code || No |
||
− | Midterm evaluation & 0<br /> |
||
+ | |- |
||
− | Testing (written or computer based) & 1<br /> |
||
+ | | Homework and group projects || Yes |
||
− | Reports & 1<br /> |
||
+ | |- |
||
− | Essays & 0<br /> |
||
+ | | Midterm evaluation || No |
||
− | Oral polls & 0<br /> |
||
+ | |- |
||
− | Discussions & 1<br /> |
||
+ | | Testing (written or computer based) || Yes |
||
− | |||
+ | |- |
||
+ | | Reports || Yes |
||
+ | |- |
||
+ | | Essays || No |
||
+ | |- |
||
+ | | Oral polls || No |
||
+ | |- |
||
+ | | Discussions || Yes |
||
+ | |} |
||
− | </div> |
||
=== Typical questions for ongoing performance evaluation within this section === |
=== Typical questions for ongoing performance evaluation within this section === |
||
+ | # What are pros and cons of using symmetric and asymmetric cryptographic |
||
− | # Hows does DNS query get resolved? |
||
+ | mechanisms for authentication? |
||
− | # What is iterative and recursive DNS server? |
||
+ | # What is man in the middle attack? |
||
− | # How does wildcard work in DNS? |
||
+ | # Develop home-grown authentication mechanisms? |
||
− | # What is zone walking in secure DNS? |
||
+ | # How Kerberos reduces the communication overhead? |
||
− | # What is delegation in DNS? |
||
+ | # Where is shibboleth used? |
||
− | # What is NSEC and NSEC3 records in DNSSEC? |
||
− | # What is the difference between DNSSEC and DoH? |
||
=== Typical questions for seminar classes (labs) within this section === |
=== Typical questions for seminar classes (labs) within this section === |
||
+ | # Implement different variants of authentication protocols |
||
− | # Configure DNS, DNSSEC, and DoH (with specific tasks) |
||
+ | # Find out security flaws in authentication protocols |
||
+ | # Identify shortcomings of different protocols |
||
=== Test questions for final assessment in this section === |
=== Test questions for final assessment in this section === |
||
+ | # Same as above |
||
− | # How does DNS query get resolved in DNS? |
||
− | # How zones are formed? |
||
− | # How delegation works in DNS? |
||
− | # How resource records are verified in DNSSEC? |
||
− | # What is meant by zone walking and how is it avoided? |
||
− | # Why do we need DNSSEC where we can use simple DNS over HTTPS? |
||
− | |||
− | === Section 3 === |
||
− | === Section title: === |
+ | === Section 3 title: === |
+ | SSL, TLS, and IPSec |
||
− | Email |
||
=== Topics covered in this section: === |
=== Topics covered in this section: === |
||
+ | * SSL, TLS |
||
− | * Email architecture |
||
+ | * IPSec |
||
− | * Spam management |
||
=== What forms of evaluation were used to test students’ performance in this section? === |
=== What forms of evaluation were used to test students’ performance in this section? === |
||
− | <div class="tabular"> |
||
− | |||
− | <span>|a|c|</span> & '''Yes/No'''<br /> |
||
− | Development of individual parts of software product code & 0<br /> |
||
− | Homework and group projects & 1<br /> |
||
− | Midterm evaluation & 0<br /> |
||
− | Testing (written or computer based) & 1<br /> |
||
− | Reports & 1<br /> |
||
− | Essays & 0<br /> |
||
− | Oral polls & 0<br /> |
||
− | Discussions & 1<br /> |
||
+ | {| class="wikitable" style="margin:auto" |
||
+ | |+ |
||
+ | |- |
||
+ | ! Form !! Yes/No |
||
+ | |- |
||
+ | | Development of individual parts of software product code || No |
||
+ | |- |
||
+ | | Homework and group projects || Yes |
||
+ | |- |
||
+ | | Midterm evaluation || No |
||
+ | |- |
||
+ | | Testing (written or computer based) || Yes |
||
+ | |- |
||
+ | | Reports || Yes |
||
+ | |- |
||
+ | | Essays || No |
||
+ | |- |
||
+ | | Oral polls || No |
||
+ | |- |
||
+ | | Discussions || Yes |
||
+ | |} |
||
− | </div> |
||
=== Typical questions for ongoing performance evaluation within this section === |
=== Typical questions for ongoing performance evaluation within this section === |
||
+ | # How does SSL and TLS work? |
||
− | # What are different protocols used in email? |
||
+ | # HOw does SSL and TLS combine symmetric and asymmetric cryptography? |
||
− | # What are the different agents used in email system? |
||
+ | # Why IPSec is so over-engineered? and what are the security flaws? |
||
− | # How to avoid spamming in email? |
||
+ | # What are different components of IPSec |
||
− | # How to configure email servers? |
||
=== Typical questions for seminar classes (labs) within this section === |
=== Typical questions for seminar classes (labs) within this section === |
||
+ | # Implement IPSec |
||
− | # Configure email server |
||
+ | # Assess the security of SSL and TLS handshakes |
||
− | # Configure anti-spamming techniques |
||
=== Test questions for final assessment in this section === |
=== Test questions for final assessment in this section === |
||
+ | # Same as above |
||
− | # What are different agents and their roles in email architecture? |
||
− | # How MX records work? |
||
− | # How to configure different anti-spamming policies? |
||
− | === Section 4 === |
+ | === Section 4 title: === |
+ | Covert channels and pattern-matching based networks security |
||
− | === Section title: === |
||
− | |||
− | Directory, Web, Protocol, ABNF and Deflating |
||
=== Topics covered in this section: === |
=== Topics covered in this section: === |
||
+ | * Secure UEFI booting |
||
− | * Directory services |
||
+ | * Pattern matching-based network security with focus on IDS and IPS |
||
− | * Web |
||
+ | * Covering different existing tools such as Yara, Snort, Suricata, and Bro for rules definition and deployment |
||
− | * Protocols |
||
+ | * Covert channels and their role in different layers |
||
− | * ABNF |
||
+ | * Existing techniques in implementing covert channels |
||
− | * Deflating |
||
=== What forms of evaluation were used to test students’ performance in this section? === |
=== What forms of evaluation were used to test students’ performance in this section? === |
||
− | |||
− | <div class="tabular"> |
||
− | |||
− | <span>|a|c|</span> & '''Yes/No'''<br /> |
||
− | Development of individual parts of software product code & 0<br /> |
||
− | Homework and group projects & 1<br /> |
||
− | Midterm evaluation & 0<br /> |
||
− | Testing (written or computer based) & 1<br /> |
||
− | Reports & 1<br /> |
||
− | Essays & 0<br /> |
||
− | Oral polls & 0<br /> |
||
− | Discussions & 1<br /> |
||
+ | {| class="wikitable" style="margin:auto" |
||
+ | |+ |
||
+ | |- |
||
+ | ! Form !! Yes/No |
||
+ | |- |
||
+ | | Development of individual parts of software product code || No |
||
+ | |- |
||
+ | | Homework and group projects || Yes |
||
+ | |- |
||
+ | | Midterm evaluation || No |
||
+ | |- |
||
+ | | Testing (written or computer based) || Yes |
||
+ | |- |
||
+ | | Reports || Yes |
||
+ | |- |
||
+ | | Essays || No |
||
+ | |- |
||
+ | | Oral polls || No |
||
+ | |- |
||
+ | | Discussions || Yes |
||
+ | |} |
||
− | </div> |
||
=== Typical questions for ongoing performance evaluation within this section === |
=== Typical questions for ongoing performance evaluation within this section === |
||
+ | # How does IDS and IPS work in a network setup, which configuration is used and which layers do they work? |
||
− | # How directory services are implemented? |
||
+ | # How does the rule set work in different tools such as Suricata, Snort, Bro, and Yara? |
||
− | # How permissions are set? |
||
+ | # How to create a covert channel and different layers of network protocol |
||
− | # How disk partitions are made? |
||
+ | stack? |
||
− | # How different web protocols work? |
||
+ | # Which layer is ideal for creating a covert channel? |
||
− | # How network packets are management in a standard way through ABNF? |
||
+ | # What are the current state of the art regarding covert channel in different layers? |
||
− | # How to write new formats through ABNF? |
||
=== Typical questions for seminar classes (labs) within this section === |
=== Typical questions for seminar classes (labs) within this section === |
||
+ | # TO BE ADDED |
||
− | # Implement different web services |
||
− | # Configure active directory |
||
=== Test questions for final assessment in this section === |
=== Test questions for final assessment in this section === |
Revision as of 16:03, 21 July 2022
Security of systems and networks
- Course name: Security of systems and networks (SSN)
- Course number: SNE-08
Course characteristics
Key concepts of the class
- Network security
- Applied cryptography
- Security protocols
- Internet security
What is the purpose of this course?
This course will cover the fundamentals of security, security protocols, and their applications in real-world. The topics covered in this course include applied cryptography, authentication, passwords, practical security, social aspects of security, SSL/TLS, email security, PKI, and IPSec. Furthermore, this course will strengthen the security knowledge of the students and guide them in the right direction for their upcoming research projects and advanced courses. The course is divided into two parts. The first part will cover the theory and handson practice of the concepts taught at class. And the second part of the course will focus on the course projects. The student will work on a security project by using the concepts taught in the class.
Prerequisites
- No specific prerequisites are mandated.
Recommendations for students on how to succeed in the course
References:
- Read the book
- Follows the lectures
Course Objectives Based on Bloom’s Taxonomy
What should a student remember at the end of the course?
By the end of the course, the students should be able to:
- Identify different Internet applications and understand their working principles from the protocols point of view
- Demonstrate the acquired knowledge and skills in classical internet applications including DNS, Email, and Directory services.
- Able to write regular expressions and context-free grammar that are essential in Internet applications and information exchange through the networks
- Able to partition disks and remember the booting principles as well as secure booting
What should a student be able to understand at the end of the course?
By the end of the course, the students should be able to:
- Demonstrate the acquired knowledge and skills in applied cryptography (symmetric and asymmetric cryptography),
- Operate classical enigma machine, encode and decode messages with it
- Demonstrate the working knowledge of famous cryptographic algorithms and discuss their shortcomings
- Demonstrate and operate the already implemented security protocols over internet,
- Reason about the problems in the security of networked systems and current internet and their existing solutions,
- Solve mathematical problems (especially in number theory),
- And Demonstrate the knowledge and discuss basic quantum cryptography concepts.
What should a student be able to apply at the end of the course?
By the end of the course, the students should be able to apply:
- Crypt-analyze ciphertext and decrypt through frequency analysis and other important techniques
- Design security protocols
- Find security flaws in security protocols
- Get hands-on experience of the existing enterprise cryptographic algorithms and use them in projects,
- Demonstrate the skill of finding out security issues in networked systems and internet technologies,
Course evaluation
The acquired knowledge will be evaluated via labs, a project, and the exam, with points as in the following table:
Type of Evaluation | Points |
---|---|
Labs/seminar classes | 35 |
Project | 35 |
Exam | 30 |
Grades range
The grades will be given according to the following table:
Grade | Range of points |
---|---|
A. Excellent | 90-100 |
B. Good | 75-89 |
C. Satisfactory | 60-74 |
D. Poor | 0-59 |
Resources and reference material
- Lecture slides
- Book
- Links to the online material will be provided (if any)
Course Sections
The main sections of the course and approximate hour distribution between them is as follows:
Section | Section Title | Teaching Hours |
---|---|---|
1 | Classical and modern cryptography | 8 |
2 | Authentication and Kerberos | 8 |
3 | SSL, TLS, and IPSec | 10 |
4 | Covert channels and pattern matching-based network security (IDS/IPS) | 6 |
5 | Quantum cryptography | 2 |
6 | Labs | 56 |
Section 1 title:
Classical and modern cryptography
Topics covered in this section:
- Enigma
- Different substitution and transposition ciphers
- Stream and block ciphers
- Data Encryption Standard (DES)
- Advanced Encryption Standard (AES)
- Diffie-Hellman key exchange
- Crypto math
- RSA
- Elliptic curve cryptography
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | No |
Homework and group projects | Yes |
Midterm evaluation | No |
Testing (written or computer based) | Yes |
Reports | Yes |
Essays | No |
Oral polls | No |
Discussions | Yes |
Typical questions for ongoing performance evaluation within this section
- How do different protocols work?
- What are the differences in stream and block ciphers from performance
standpoint?
- How to measure the security of cryptographic algorithms?
- How to encrypt and decrypt with different asymmetric crypto algorithms?
- How to embedd backdoors in crypto algorithms?
- How to realize key exchange through diffie-hellman using traditional techniques and elliptic curve techniques?
- How to make security algorithms efficient?
Typical questions for seminar classes (labs) within this section
- Make enigma machine with pringle box
- Assess the security of different setups of RSA
- Implement man in the middle attack
- Implement addition over elliptic curves
- Solve crypto math problems
Test questions for final assessment in this section
- Same as above
Section 2 title:
Authentication
Topics covered in this section:
- Kerberos
- Passwords
- Biometrics
- Authentication and key agreement protocols
- Rainbow tables
- Protocol development
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | No |
Homework and group projects | Yes |
Midterm evaluation | No |
Testing (written or computer based) | Yes |
Reports | Yes |
Essays | No |
Oral polls | No |
Discussions | Yes |
Typical questions for ongoing performance evaluation within this section
- What are pros and cons of using symmetric and asymmetric cryptographic
mechanisms for authentication?
- What is man in the middle attack?
- Develop home-grown authentication mechanisms?
- How Kerberos reduces the communication overhead?
- Where is shibboleth used?
Typical questions for seminar classes (labs) within this section
- Implement different variants of authentication protocols
- Find out security flaws in authentication protocols
- Identify shortcomings of different protocols
Test questions for final assessment in this section
- Same as above
Section 3 title:
SSL, TLS, and IPSec
Topics covered in this section:
- SSL, TLS
- IPSec
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | No |
Homework and group projects | Yes |
Midterm evaluation | No |
Testing (written or computer based) | Yes |
Reports | Yes |
Essays | No |
Oral polls | No |
Discussions | Yes |
Typical questions for ongoing performance evaluation within this section
- How does SSL and TLS work?
- HOw does SSL and TLS combine symmetric and asymmetric cryptography?
- Why IPSec is so over-engineered? and what are the security flaws?
- What are different components of IPSec
Typical questions for seminar classes (labs) within this section
- Implement IPSec
- Assess the security of SSL and TLS handshakes
Test questions for final assessment in this section
- Same as above
Section 4 title:
Covert channels and pattern-matching based networks security
Topics covered in this section:
- Secure UEFI booting
- Pattern matching-based network security with focus on IDS and IPS
- Covering different existing tools such as Yara, Snort, Suricata, and Bro for rules definition and deployment
- Covert channels and their role in different layers
- Existing techniques in implementing covert channels
What forms of evaluation were used to test students’ performance in this section?
Form | Yes/No |
---|---|
Development of individual parts of software product code | No |
Homework and group projects | Yes |
Midterm evaluation | No |
Testing (written or computer based) | Yes |
Reports | Yes |
Essays | No |
Oral polls | No |
Discussions | Yes |
Typical questions for ongoing performance evaluation within this section
- How does IDS and IPS work in a network setup, which configuration is used and which layers do they work?
- How does the rule set work in different tools such as Suricata, Snort, Bro, and Yara?
- How to create a covert channel and different layers of network protocol
stack?
- Which layer is ideal for creating a covert channel?
- What are the current state of the art regarding covert channel in different layers?
Typical questions for seminar classes (labs) within this section
- TO BE ADDED
Test questions for final assessment in this section
- As above