Transcript Network Security

Network Security —
Welcome and introduction
T-110.5241 Network security
Nov-Dec 2012
Tuomas Aura
Aalto University
Course learning objectives
Know common communications systems, classic
security protocols and mechanisms, standard security
solutions, and some of the latest stuff
Understand network security technologies, their
properties and limitations to be able to use them right
Understand a protocol engineer’s point of view to security
Be aware of the pitfalls in security engineering: things are not
as simple as they look
Develop the adversarial mindset of a security engineer
Learn to do basic security analysis of security protocols
Starting point for learning more on the job or in further
studies
Additional goal: learning to read protocol standards
2
Required background
Students are expected to understand:
Networking technologies: TCP/IP, 802.11 etc.
Basic security concepts, e.g. T-110.4206 Information
security technology
Basic cryptography, e.g. T-110.5211 Cryptosystems
3
Lectures
Lecturer: Tuomas Aura
13 lectures in Nov-Dec 2012
Tuesdays 12:15-14 T7
Thursdays 14:15-16 T6
(no lecture on December 6)
Attendance not mandatory but much of the
material will only be covered in the lectures
No tutorial or exercise sessions
4
Exercises
Six weekly exercises
Deadline on Sunday at 23:59; first deadline on 2012-11-11
Exercises published in Noppa at least a week earlier
Reports to be returned to Rubyric
Course assistants
Aapo Kalliola and Mahya Ilaghi
email: [email protected]
Course assistants available in the Playroom for advice and
equipment:
Wednesdays 16:15-18 room A120
Thursdays 16:15-18 room A120
You must get 50% points for each exercise round to pass the
course
Don’t panic: there’ll be a way to compensate for one to two failures
5
Advice for the exercises
Try to solve all problems at least partly: even if it does
not work, write a report explaining what you have tried
and why
The goal in many of the exercises is to learn how to find
information, so not everything is explained
Individual work: You are encouraged to discuss with
other students but do not copy or even read the written
answers of others students. Do all practical experiments
independently and write your own code
You are allowed to cut and paste relevant short
passages from standards, but mark them clearly as
”quotations” and give the source, e.g. [RFC 1234,
section 5.6.7]
6
Assessment
First examination 2012-12-17
Exam registration is required and one week before the exam date
Examination scope: lectures, protocol standards,
recommended reading material, exercises, good general
knowledge of the topic area
Exercises are mandatory:
Must get 50% of the points on on each exercise to pass the course
Marking:
exam max. 30 points
exercises max 6 x 10 = 60 points
grading based on
total points = exam + (exercises / 10)
(total max 30+6=36 points)
Course feedback is mandatory in all T-110/T-109 courses
7
Tentative course outline
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
Network security threats and goals
Security protocol design and flaws
TLS / SSL internals
IPsec and its limitations
Kerberos, RPC security
WLAN security: EAP, WPA2
NFC application security (Sandeep Tamrakar)
Denial of service (Aapo Kalliola)
Cellular network security (Alf Zugenmaier)
Cellular network security (Alf Zugenmaier)
Firewalls
Routing security (Aapo Kalliola)
Anonymity
Security
protocols
Networks
and systems
Changes to this plan are likely.
8
Recommended reading
William Stallings, Network security essentials:
applications and standards, 4th ed., Pearson
Prentice Hall, 2010 (or 3rd ed.)
RFCs and standards, links from Wikipedia
Old but has some interesting background information:
Kaufman, Perlman, and Speciner, Network security: PRIVATE
communication in a PUBLIC world, Prentice-Hall, 2002
9
Course feedback and development
The main development this year: ~40% new material
and guest lecturers:
Routing security, NFC application security, cellular security
There were problems with the exercise organization last
year, and many details have been changed:
Smaller number of exercises and plan to publish them early to
make it easier of students to schedule their work
Exercises are now mandatory to emphasize their importance
Option to do exercises in period III dropped: delaying caused
more problems to students than it solved
Other notes:
The handouts contain slides that have been covered in other
courses. These are intended as helpful reading material and no
or little time is spent on them in the lectures.
10