Network Security in Practice (WS2009/10)

Project Seminar for Master Program (WS2009/2010)

(last update on 28.01.2010)

Abstract

In this seminar, we focus on study of the security problems of networked systems or applications. Several network security technologies, such as, firewall, IDS/IPS, SSH, VPN, Application Layer Gateway, Network Scanning and Monitoring, etc. will be concerned in this seminar. Some known implementations, tools and methods, incl. commercial products/open source software, are expected to be reviewed and tested with certain practical deployment scenario.

Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!

News

12.11.2009 The slides for today's seminar are now online!
05.11.2009 The seminar svn-repository has been built for sharing our literatures, brainstorming ideas, writing, architecture design, implementation codes, etc. Here is the link
05.11.2009 The email for "Team Building, Topic Assignment and Literature Recommendation" has been sent out. Please do not forget to officially subscribe the seminar by Ms. Seidler. The deadline for subscription is 06.11.2009.
04.11.2009 There is NO on-site seminar tomorrow(on 05.11.2009). An Email concerning "Team Building, Topic Assignment and Literature Recommendation" will be sent to all the interested participants tomorrow.
29.10.2009 Welcome to the first seminar. Here you can find the slides!
26.10.2009 Due to the HPI 10th Anniversary Celebration, there is no seminar on 19.11.2009
20.10.2009 NO on-site seminar in the first week (on 22.10.2009).
23.08.2009 Web page of Seminar (at the HPI) is online. Here is the link.
23.08.2009 Web page of Seminar (in the chair) is online.

Requirements

Good knowledge in

networking technologies (TCP/IP, Routing, ...)
operating systems and software engineering
security basics (e.g., lectures on "Internet Security - Weaknesses and Targets" and "Informationssicherheit", etc.)

This seminar has a limited number of participants! Up to 10 students can apply!

Topics

Attack Category and Vulnerability Modeling
Firewall: Principle and Limitation
IDS/IPS: Challenges and Deployment
Application Layer Gateway and its Examples
Web Security and SSL/TLS
Email Security: PGP, S/MIME, ......
Secure Networked Storage
SIP and Secure VoIP
SSH Tunneling and Virtual Private Network (VPN)
Secure Routing
Network Scanning and Monitoring
IPSec
IPv6 and its Security
Wireless Security
......

Grading

The interested students are expected to contribute with:

Throughout investigation of the given topics (Report and Presentation)
Design and Implementation of attack scenarios, where the security methods can be tested
A virtual security experimental framework which integrate scenarios from all the groups

The final evaluation will be based on: report, presentation, design, implementation, participation in the seminar.

Important Dates

The seminar will start one week after the semester is started. Regular meeting will be held every week or upon request.

29.10.2009 Introduction
05.11.2009 Team Building, Topic Assignment and Literature Recommendation (per Email)
06.11.2009 Enrolment Deadline
12.11.2009 Discussion Meeting (Topics, Organization and Plan)
19.11.2009 NO Seminar today due to the HPI Celebration!!!
26.11.2009 Discussion Meeting (Literatures,Tools and Scenarios)
03.12.2009 Discussion Meeting (Progress Report & Scenario Implementation)
10.12.2009 Q&A
17.12.2009 Discussion Meeting (Design of Integrated Framework)
24.12.2009 Merry Christmas:)
31.12.2009 Happy New Year:)
07.01.2010 Presentation & Demonstration (Investigation&Scenario)
14.01.2010 Discussion Meeting(Integrated Framework: Task distribution)
21.01.2010 Discussion Meeting (Q&A)
28.01.2010 Discussion Meeting (Q&A)
18.02.2010 Presentation & Demonstration (Integrated Framework)
04.2010 Report Submission Deadline