Network Security in Practice (Wintersemester 2013/2014)
Dozent: Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
- Semesterwochenstunden: 4
- ECTS: 6
- Einschreibefrist: 1.10.2013 - 31.10.2013
- Lehrform: SP
- Belegungsart: Wahlpflichtmodul
Studiengänge, Modulgruppen & Module
- IT-Systems Engineering A
- IT-Systems Engineering B
- IT-Systems Engineering C
- IT-Systems Engineering D
(last update on 10.01.2014)
In this seminar, we focus on study of the security problems of networked systems or applications. Several network security technologies, such as, firewall, IDS/IPS, SSH, VPN, Application Layer Gateway, Network Scanning and Monitoring, IPv6, etc. will be concerned in this seminar. Some known implementations, tools and methods, incl. commercial products/open source software, are expected to be reviewed and tested with certain practical deployment scenario.
Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!
Good knowledge in
- networking technologies (TCP/IP, Routing, ...)
- operating systems and software engineering
- security basics (e.g., lectures on "Internet Security - Weaknesses and Targets" and "Informationssicherheit", etc.)
- William R. Cheswick, Steven M. Bellovin, “Firewalls and Internet Security”, second Edition, Addison-Wesley, 2003.
- Andrew S. Tanenbaum, "Computer Networks", fourth edition, Prentice Hall PTR, 2003.
- Charlie Kaufman, Radia Perlman, and Mike Speciner. "Network Security: Private Communication in a Public World", second Edition, Prentice Hall PTR, 2002.
- Dafydd Stuttard, Marcus Pinto, "The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws", Wiley & Sons, 2007.
- OPSCODE Project: "https://wiki.opscode.com/display/chef/Home", accessed in Septembe 2013.
- Social-Engineering Toolkits (SET) Project: https://www.trustedsec.com/downloads/social-engineer-toolkit/, accessed in Septembe 2013.
- Armitage Project: "http://www.fastandeasyhacking.com/", accessed in Septembe 2013.
- Hashcat Project: "http://hashcat.net/oclhashcat-plus/", accessed in Septembe 2013.
- Wifite Project: "http://code.google.com/p/wifite/", accessed in Septembe 2013.
- Wireshark Project: "http://www.wireshark.org/", accessed in Septembe 2013.
Lern- und Lehrformen
This seminar has a limited number of participants! Up to 16 students can apply!
All the students will work in a team (i.e., 2-3 for each), which will concentrate the research and investigation on 1-2 topics.
- Attack Category and Vulnerability Modeling
- Big Data and Security Analysis
- Honeypot and Hacker Tools
- IDS/IPS: Challenges and Deployment
- Network Scanning and Monitoring
- Secure Software Engineering and Coding
- Web Security and SSL/TLS
- Email Security: PGP, S/MIME, ......
- Cloud Security and Secure Networked Storage
- SIP and Secure VoIP
- SSH Tunneling and Virtual Private Network (VPN)
- Secure Routing
- IPv6, IPSec, and their Security
- Firewall: Principle and Limitation
- Wireless Security
The interested students are expected to contribute with:
- Throughout investigation of the given topics (Report and Presentation)
- Design and Implementation of attack scenarios, where the security methods can be tested
The final evaluation will be based on: report, presentation, design, implementation, participation in the seminar.
The seminar will start from the second week of WS2013/14. The first session will be held on Oct. 21, 2013 (Monday) in Room H-E.52. The detailed plan will be announced soon.
- 21.10.13 First session: Introduction (Slides)
- 25.10.13 Deadline: Official Registration by Frau Pamperin.
- 28.10.13 Second Session: Topic Introduction: Team building, initial materials and references (!!!12:30-14:00, H-E.52!!!)
- 10.01.14 First Phase: Presentation Session
- 10.03.14 Second Phase: Presentation Session
- 31.03.14 Submission of Deliverables (Reports/Slides/Codes)