Network and System Security

With more and more companies and institutions relying on systems connected to the public Internet, Internet systems security has become a major concern. The goal of this module is to provide an introduction to the process of networked system security. More specifically, this module reviews network and system security issues and threats, and give a broad view of network and system security services and mechanisms, whose understanding is essential in the design and implementation of security strategies for a networked environment.

Course Objectives

This module will provide students with an in-depthinsight of the process of networked system security. This comprisesrisks and threats evaluation, defense strategies, and the capability tounderstand the functionality of security tools and devices

Aftercompletion of this module the students will be not only capable ofobjectively evaluate the claims usually found amongst the hypesurrounding security products, but also capable of designing,implementing, evaluating and maintaining efficient security systems forthe protection of valuable digital assets.

Syllabus

The course covers a range of topics including:

Introduction
  • Security threats in the digital world
  • Security attacks, services and mechanisms
  • Information warfare model of security
Cryptographic Techniques
  • Encryption:
    • symmetric and asymmetric encryption
    • principles of cryptanalysis
    • message confidentiality
    • message authentication (including digital signatures)
  • Not the maths of Cryptography

Network Security:
  • Internet security protocols: IPSec, SSL/TLS, SET
  • Identification and authentification (including Kerboros and the AAA architecture)
  • Security in wireless environment
System Security:
  • Firewalls and intrusion detection.
  • Specific threats on end-systems:
    • viruses, worms, trojan horses, etc.
    • stack overflow
    • Code signing and software security models.

Elements of a secure digital society:
  • Privacy (including anonymity and pseudonymity)
  • Introduction to computer systems forensics

Assessment

This module is assessed by 100% coursework.

The coursework will be a mix of applied security techniques and written assessment in the form of an essay.

Recommended Reading

The reading material for thecourse is taken from selected papers and journal articles oncryptography and system security.

However, the following books are alsorecommended to provide additional context:

  • Hacker's Challenge 2 (M. Schiffman et al)
  • Hacking Exposed (S. McClure, J. Scambray, G. Kurtz)
  • Network Security Essentials (W. Stallings)
  • Building Linux and OpenBSD Firewalls (W. Sonnenreich, T. Yates)
  • Network Intrusion Detection (S. Northcutt)
  • Digital Evidence and Computer Crime (E. Casey)
  • Protocols for Secure Electronic Commerce (M. Sherif)
  • Information Warfare and Security (D. Denning)
  • E-Commerce Security (A. Ghosh)

Dates and Details

Lecturers: Dr Utz Roedig and Prof Laurent Mathy.