Lecture: Network Security
You want to know how today’s attacks against networks work? You want to learn about countermeasures and how to secure your network? Then this is your lecture! The lecture introduces actual threats on and attacks against computer networks (e.g. worms, bot-nets). You will gain a practical insight into their functioning and damage potential. During the lecture, you will be hacking systems yourself, but also learn about security protocols and state-of-the-art defense measures, including Intrusion Detection Systems and Honeypots. So, if you are interested in network security and willing to work, we would be happy to see you in the first lecture.
Course:
- Responsible: Prof. Dr. Peter Martini, Dr. Jens Tölle
- Start: Thu, 17.04.2014
- Dates: Thu 16:30 - 18:00, weekly, LBH III.03a
- Course number: 612113201
Exercises:
- Responsible: Dr. Jens Tölle, Thomas Barabosch, Martin Lambertz, Rafael Uetz
- Start: Thu, 24.04.2014
- Dates: Thu 15:00 - 16:30, weekly, LBH II.27/27a
- Course number: 612213201
Other:
- Term: Master Computer Science, Diploma (Graduate)
- Requirements: Content of "High Performance Networking" is prerequisite. Basic programming skills (see below).
- Faculty: MA-INF 3201; Media Informatics; old DPO: B,C; new DPO: B
- Effort: 2.0 L + 2.0 E / 6CP(MA); 4CP(B-IT MI); 4CP(Diplom)
- Follow-up/Side-events: A seminar will take place at the end of the lecture period. Subsequent to lectures "Data Communication and Internet Technology" and "Network Security" participating in a lab is possible.
Announcements
There will be no lecture in the first week! The first lecture will be held on Thu, 17.04.2013. The first exercise will be held on Thu, 24.04.2013!
Remarks
Required Programming Skills
The lecture Network Security teaches security from a very practical point of view. This includes hands-on exercises, hacks and the development of countermeasures. For students participating in the lecture it is mandatory to have basic programming skills. We are providing a self-test, which shows the level of your skills and tells you if you are capable to deal with the practical tasks.
Application for an account in the Network Security Lab
Please see "Information on Tutorials/Exercises" below.
Slides and Presentations
Access to the files requires a username and a password. Both will be announced in the first lecture.
| Chapter | PDF-Files |
|---|---|
0 – Preface |  Slides 1-23 |
1 – Introduction | Slides 1-24 |
2 – Attack OverviewProtocol Attacks
| Slides 1-35 |
3 – Attack Vector SQL Injection
| Slides 1-19 |
4 – Cryptography
| Slides 1-74 |
5 – Building Secure ChannelsAuthentication and Encryption
Key Management
| Slides 1-27 |
6 – AuthenticationAuthentication Protocols
Authentication Frameworks
| Slides 1-43 |
7 – Network InfrastructureNetwork Infrastructure and Management
Layer 2 Security
| Slides 1-34 |
8 – Firewalls
| Slides 1-41 |
9 – Malware spreading
| Slides 1-66 |
10 – Botnets | Slides 1-17 |
11 – Attack Vector Buffer Overflow | Slides 1-37 |
Assignment Sheets
The PDF files can be viewed and printed with Adobe Reader. The program is 
available for free and installed on nearly all hosts of the institute.
Information on Tutorials/Exercises: Presentation [PDF] from 17.04.2014
Information on "SecLab", our security laboratory: Info sheet [PDF]
| Publication Date | PDF File | Supplementary Material | Submission Deadline | Scheduled Exercise | Handout |
|---|---|---|---|---|---|
| 24.04.2014 | Assignment Sheet 1 | attack-trace.pcap | 06.05.2014 23:59:59 CEST | 08.05.2014 15:00 | n/a |
| 08.05.2014 | Assignment Sheet 2 | 20.05.2014 23:59:59 CEST | 22.05.2014 15:00 | Exercise Meeting 2 | |
| 22.05.2014 | Assignment Sheet 3 | sniffer.py | 03.06.2014 23:59:59 CEST | 05.06.2014 15:00 | |
| 05.06.2014 | Assignment Sheet 4 | 17.06.2014 23:59:59 CEST | 18.06.2014 15:00 | ||
| 19.06.2014 | Assignment Sheet 5 | 01.07.2014 23:59:59 CEST | 03.07.2014 15:00 | ||
| 07.07.2014 | Assignment Sheet 6 | none, sheet is voluntary | 17.07.2014 15:00 | ||