Network Security in Practice (Wintersemester 2010/2011)
Dozent: Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
Dr. Feng Cheng
(Internet-Technologien und -Systeme)
- Semesterwochenstunden: 4
- ECTS: 6
- Einschreibefrist: 1.10.2010 - 31.3.2011
- Lehrform: SP
- Belegungsart: Wahlpflichtmodul
Studiengänge & Module
- IT-Systems Engineering A
- IT-Systems Engineering B
- IT-Systems Engineering C
- IT-Systems Engineering D
(last update on 17.01.2010)
In this seminar, we focus on study of the security problems of networked systems or applications. Several network security technologies, such as, firewall, IDS/IPS, SSH, VPN, Application Layer Gateway, Network Scanning and Monitoring, etc. will be concerned in this seminar. Some known implementations, tools and methods, incl. commercial products/open source software, are expected to be reviewed and tested with certain practical deployment scenario. A comprehensive LAB-Manufactor platform is expected to be designed and implemented by the team with all the seminar participants.
Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!
- 28.10.2010 We had the second meeting o this seminar. Here are the slides!
- 21.10.2010 Welcome to the first meetin. Here you can find the slides!
- 25.08.2010 Web page of Seminar (at the HPI) is online.
Good knowledge in
- networking technologies (TCP/IP, Routing, ...)
- operating systems and software engineering
- security basics (e.g., lectures on "Internet Security - Weaknesses and Targets" or"Informationssicherheit", etc.)
- team work
- William R. Cheswick, Steven M. Bellovin, “Firewalls and Internet Security”, second Edition, Addison-Wesley, 2003.
- Andrew S. Tanenbaum, "Computer Networks", fourth edition, Prentice Hall PTR, 2003.
- Charlie Kaufman, Radia Perlman, and Mike Speciner. "Network Security: Private Communication in a Public World", second Edition, Prentice Hall PTR, 2002.
- Dafydd Stuttard, Marcus Pinto, "The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws", Wiley & Sons, 2007.
Lern- und Lehrformen
The interested students are expected to contribute with:
- Throughout investigation of the given topics (Phase I: Report and Presentation)
- Design and Implementation of attack scenarios (i.e., examples), where the security methods can be tested (Phase I: Presentation)
- The LAB-Manufactor platform (a virtual security experimental framework) which integrate scenarios from all the groups (Phase II: Report and Presentation)
The final evaluation will be based on: report, presentation, design, implementation, participation in the seminar.
This seminar has a limited number of participants! Up to 10 students can apply!
The seiminar will be divided into two phases. In the first phase, all the students will be distributed into 5 sub-teams (i.e., 2 for each), concentrating on 1-2 of the following topics. An invistigation report and a presentation (with the demonstration of the attack example) are expected for conclusing this phase. In the second phase, all the students will work in one team working on the LAB-Manufactor platform where the examples shown in the first phase can be integrated and demonstrated. A technical report (team) and a presentation with the demonstration of the running platform (team) are expected afterwards.
- Attack Category and Vulnerability Modeling (mandatory)
- Firewall: Principle and Limitation
- IDS/IPS: Challenges and Deployment
- Application Layer Gateway and its Examples
- Web Security and SSL/TLS
- Email Security: PGP, S/MIME, ......
- Secure Networked Storage
- SIP and Secure VoIP
- SSH Tunneling and Virtual Private Network (VPN)
- Secure Routing
- Network Scanning and Monitoring
- IPv6 and its Security
- Wireless Security
The seminar will start from the first week of the new semester. Regular meeting will be held every week or upon request.
- 21.10.2010 Introduction [slides]
- 21-28.10.2010 Team Building, Topic Assignment and Literature Recommendation (per Email)
- Enrolment Deadline
- Discussion Meeting (Topics, Organization and Plan)
- 04.11.2010 Discussion Meeting (Literatures,Tools and Scenarios)
- 11.11.2010 Discussion Meeting (Q&A, upon request)
- 18.11.2010 Discussion Meeting (Q&A, upon request)
- 25.11.2010 Discussion Meeting (Progress Report & Scenario Implementation)
- 02.12.2010 Discussion Meeting (Q&A, upon request)
- 09.12.2010 Phase I: Presentation & Demonstration (Investigation&Scenario)
- 16.12.2010 Discussion Meeting (Design of Integrated Framework)
- 23.12.2010 Merry Christmas:)
- 30.12.2010 Happy New Year:)
- 06.01.2011Discussion Meeting(Integrated Framework: Task distribution)
- 13.01.2011 Discussion Meeting (Q&A, upon request)
- 20.01.2011 Discussion Meeting (Q&A, upon request)
- 27.01.2011 Discussion Meeting (Q&A, upon request)
- 03.02.2011 Discussion Meeting (Q&A, upon request)
- 10.02.2011 Phase II: Presentation & Demonstration (Integrated Framework)
- 04.2011 Report (Phase I and II) Submission Deadline