1 / 10

Network Security — Welcome and introduction

Network Security — Welcome and introduction. T-110.5241 Network security Nov-Dec 2012 Tuomas Aura Aalto University. Course learning objectives. Know common communications systems, classic security protocols and mechanisms, standard security solutions, and some of the latest stuff

glynn
Download Presentation

Network Security — Welcome and introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security — Welcome and introduction T-110.5241 Network security Nov-Dec 2012 Tuomas Aura Aalto University

  2. Course learning objectives • Know common communications systems, classic security protocols and mechanisms, standard security solutions, and some of the latest stuff • Understand network security technologies, their properties and limitations to be able to use them right • Understand a protocol engineer’s point of view to security • Be aware of the pitfalls in security engineering: things are not as simple as they look • Develop the adversarial mindsetof a security engineer • Learn to do basic security analysis of security protocols • Starting point for learning more on the job or in further studies • Additional goal: learning to read protocol standards

  3. Required background • Students are expected to understand: • Networking technologies: TCP/IP, 802.11etc. • Basic security concepts, e.g. T-110.4206 Information security technology • Basic cryptography, e.g. T-110.5211 Cryptosystems

  4. Lectures • Lecturer: Tuomas Aura • 13 lectures in Nov-Dec 2012 • Tuesdays 12:15-14 T7 • Thursdays 14:15-16 T6 (no lecture on December 6) • Attendance not mandatory but much of the material will only be covered in the lectures • No tutorial or exercise sessions

  5. Exercises • Six weekly exercises • Deadline on Sunday at 23:59; first deadline on 2012-11-11 • Exercises published in Noppa at least a week earlier • Reports to be returned to Rubyric • Course assistants • Aapo Kalliolaand MahyaIlaghi • email: t-110.5241@tkk.fi • Course assistants available in the Playroom for advice and equipment: • Wednesdays 16:15-18 room A120 • Thursdays 16:15-18 room A120 • You must get 50% points for each exercise round to pass the course • Don’t panic: there’ll be a way to compensate for one to two failures

  6. Advice for the exercises • Try to solve all problems at least partly: even if it does not work, write a report explaining what you have tried and why • The goal in many of the exercises is to learn how to find information, so not everything is explained • Individual work: You are encouraged to discuss with other students but do not copy or even read the written answers of others students. Do all practical experiments independently and write your own code • You are allowed to cut and paste relevant short passages from standards, but mark them clearly as ”quotations” and give the source, e.g. [RFC 1234, section 5.6.7]

  7. Assessment • First examination 2012-12-17 • Exam registration is required and one week before the exam date • Examination scope: lectures, protocol standards, recommended reading material, exercises, good general knowledge of the topic area • Exercises are mandatory: • Must get 50% of the points on on each exercise to pass the course • Marking: • exam max. 30 points • exercises max 6 x 10 = 60 points • grading based on total points = exam + (exercises / 10) (total max 30+6=36 points) • Course feedback is mandatory in all T-110/T-109 courses

  8. Tentative course outline • Network security threats and goals • Security protocol design and flaws • TLS / SSL internals • IPsec and its limitations • Kerberos, RPC security • WLAN security: EAP, WPA2 • NFC application security (SandeepTamrakar) • Denial of service (AapoKalliola) • Cellular network security (Alf Zugenmaier) • Cellular network security (Alf Zugenmaier) • Firewalls • Routing security (AapoKalliola) • Anonymity Changes to this plan are likely. Security protocols Networks and systems

  9. Recommended reading • William Stallings,Network security essentials: applications and standards, 4th ed., Pearson Prentice Hall, 2010 (or 3rd ed.) • RFCs and standards, links from Wikipedia Old but has some interesting background information: • Kaufman, Perlman, and Speciner, Network security: PRIVATE communication in a PUBLIC world, Prentice-Hall, 2002

  10. Course feedback and development • The main development this year: ~40% new material and guest lecturers: • Routing security, NFC application security, cellular security • There were problems with the exercise organization last year, and many details have been changed: • Smaller number of exercises and plan to publish them early to make it easier of students to schedule their work • Exercises are now mandatory to emphasize their importance • Option to do exercises in period III dropped: delaying caused more problems to students than it solved • Other notes: • The handouts contain slides that have been covered in other courses. These are intended as helpful reading materialand no or little time is spent on them in the lectures.

More Related