Advanced security

• Course name: Advanced Security
• Course number:

Course characteristics

Key concepts of the class

• Wireless network security
• Software security

What is the purpose of this course?

In this course, server based and application based web attacks are thought in a simulated/test environment. We begin by exploring advanced techniques and attacks to which all modern-day complex applications may be vulnerable. We’ll learn about new web frameworks and web backends, then explore encryption as it relates to web applications, digging deep into practical cryptography used by the web, including techniques to identify the type of encryption in use within the application and methods for exploiting or abusing it.

Course Objectives Based on Bloom’s Taxonomy

- What should a student remember at the end of the course?

By the end of the course, the students should be able to recognize and define

• RF and Bluetooth security
• Database security/Wifi security
• Web vulnerabilities
• API security
• Software security
• Network security

- What should a student be able to understand at the end of the course?

By the end of the course, the students should be able to describe and explain (with examples)

• Web vulnerabilities
• WPA and WEP definition and differences 8
• Use of OWASP
• Software security

- What should a student be able to apply at the end of the course?

By the end of the course, the students should be able to apply

• Track application security against known standard OWASP and SANS categories
• To perform Bluetooth sniffer test.
• WPA implementation
• Testing security features within applications

Course evaluation

Course grade breakdown

		Proposed points
Labs/seminar classes	20	50
Interim performance assessment	30	0
Exams	50	50

If necessary, please indicate freely your course’s features in terms of students’ performance assessment: None

Grades range

Course grading range

		Proposed range
A. Excellent	90-100
B. Good	75-89
C. Satisfactory	60-74
D. Poor	0-59

If necessary, please indicate freely your course’s grading features: The semester starts with the default range as proposed in the Table [tab:MLCourseGradingRange], but it may change slightly (usually reduced) depending on how the semester progresses.

Resources and reference material

• Michael Sikorksi and Andrew Honig, Practical Malware Analysis by, 1nd Edition, Kindle Edition

Course Sections

The main sections of the course and approximate hour distribution between them is as follows:

Course Sections

Section	Section Title	Teaching Hours
1	Bluetooth security	12
2	Wifi security	12
3	Web security	12
4	Network security	12

Section 1

Section title:

Bluetooth security

Topics covered in this section:

• Bluetooth standard
• Bluetooth applications
• Bluetooth security

What forms of evaluation were used to test students’ performance in this section?

Typical questions for ongoing performance evaluation within this section

1. Explain an ad hoc networking
2. Explain frequency hoping
3. Establishing Piconets example
4. What is sniff mode?

Typical questions for seminar classes (labs) within this section

1. What are possible security flaws for common applications of the bluetooth technology?
2. What approaches are used to increase radio channel security and throughput?
3. How radio waves are propagated through environment?

Test questions for final assessment in this section

1. How radio waves are propagated through environment?
2. What is park mode?
3. How Service Discovery Protocol works?

Section 2

Section title:

Wifi security

Topics covered in this section:

• Eavesdropping
• DoS
• WEP / WPA / RSN

What forms of evaluation were used to test students’ performance in this section?

Typical questions for ongoing performance evaluation within this section

1. Define WEP issues!
2. Describe active attack.
3. TKIP?
4. AES-CCMP?

Typical questions for seminar classes (labs) within this section

1. Handoff-iapp (802.11f)
2. Pre-auth (802.11i)
3. EduRoam

Test questions for final assessment in this section

1. EduRoam?
2. Explain TLS handshake.
3. Differences between WEP and WPA?

Section 3

Section title:

Web security

Topics covered in this section:

• Security related web technologies.
• Same Origin Policy.
• Web Attacker Model

What forms of evaluation were used to test students’ performance in this section?

Typical questions for ongoing performance evaluation within this section

1. What is Same Origin Policy?
2. To which attack does SOP mitigate?
3. How the Document object model could be used for an attacker to manipulate the web browser data?

Typical questions for seminar classes (labs) within this section

1. Vulnerability analysis and exploitation for a given web application.
2. Write and deploy a WAF rules to mitigate a spicific web attack.

Test questions for final assessment in this section

1. Vulnerability analysis and exploitation for a given web application, explain.
2. How the Document object model could be used for an attacker to manipulate the web browser data?

Section 4

Section title:

Network security

Topics covered in this section:

• Network security policies and practices
• Nmap
• VPN
• IPsec

What forms of evaluation were used to test students’ performance in this section?

Typical questions for ongoing performance evaluation within this section

1. What is VPN?
2. IPsec?
3. Nmap?

Typical questions for seminar classes (labs) within this section

1. Exploit the difference between VPN and sock5.
2. Exploit IPsec effects on the performance of a networking device.
3. Why does nmap produce false-positive when scanning a windows host?
4. Can you improve nmap scanning technique? Elaborate!

Test questions for final assessment in this section

1. What are the difference between VPN and sock5
2. Does IPsec effects the performance of a networking device?
3. What does nmap produce when scanning a windows host?
4. Can you improve the scanning technique?