Network Security
(9 CFU)
Spring 2013
Exam results (updated on 4/3/2014)
The objective of this course is the study of the main security mechanisms and protocols used for securing communications and for protecting computer networks. In particular, the following topics will be focused: cryptography basics and algorithms, authentication mechanisms and digital signature, protocols for secure communications, main network threats, vulnerabilities, and countermeasures.
1) Basics of cryptography and authentication mechanisms
(4 CFU)
Basics of symmetric (classic) cryptography and examples of algorithms (DES,
3DES, AES)
Basics of asymmetric cryptography and examples of algorithms(RSA, Diffie-Hellman,
DSA); advantages and disadvantages
Hash and MAC functions (MD5, SHA, HMAC)
Authentication algorithms, based on both symmetric and asymmetric cryptography
Key exchange, agreement, distribution
Digital signature, digital certificates, certification authority, Public Key
Infrastructure, standard X.509, PGP (Pretty Good Privacy)
2) Security protocols (2 CFU)
Protocols for authentication and key exchange (Kerberos,
AAA, RADIUS)
Protocols for secure communications at IP layer (IPSec/AH/ESP), and virtual
private networks (VPNs)
Protocols for secure communications at transport (SSL/TLS) and application
layer
3) Network vulnerabilities and countermeasures (3 CFU)
Vulnerabilities of TCP/IP protocols, attacks and countermeasures
(sniffing, network and port scanning, spoofing, flooding, buffer overflow,
etc.)
Firewall (packet filtering, ALG, NAT, DMZ), examples of network configurations
Protocols for FW and NAT traversal (STUN e TURN)
Intrusion Detection System (IDS)
Anonymity networks
Basic knowledge of communication architectures and TCP/IP protocols is required.
Day
|
Time
|
Room
|
Tuesday
|
8:30 - 10:30
|
N
|
Wednesday
|
8:30 - 10:30
|
2
|
Thursday
|
10:30 - 12:30
|
2
|
Day
|
Time
|
Tuesday
|
11:00 - 13:00
|
Office: bulding 2, room 2/27 (Tel. 0521-90-5768)
Exam
|
Time
|
Place
|
first part
|
3/5/2013, 12:30
|
lecture room A
|
second (final) part |
11/6/2013, 9:00
|
lecture room P
|
exam |
21/6/2013, 10:30
|
lecture room E
|
exam |
8/7/2013, 10:30
|
lecture room I
|
exam | 2/9/2013, 10:30 |
lecture room I
|
exam | 16/9/2013, 10:30 |
lecture room C
|
exam | 16/1/2014, 16:30 |
lecture room B/5
|
exam | 19/2/2014, 10:30 |
lecture room B/4
|
NB Those who already succeeded in one partial exam during the course, can complete the exam in any final exam day.
Results of the exams of February 2014, in pdf.
Please contact the professor in order to register the exam.
Results of the exam of 16/1/2014, in pdf.
Results of the exam of 16/9/2013, in pdf.
Results of the exam of 2/9/2013, in pdf.
Results of the exam of 8/7/2013, in pdf.
Results of the exam of 21/6/2013, in pdf.
Results of the exam on the second part (11/6/2013) and final grades, in pdf.
Results of the exam on the first part (3/5/2013), in pdf.
Please feel free to contact the professor to review the test and for any questions.
Contact the professor to formalize the registration of the exam.
Material
|
Description
|
Introduction to network security | |
Cryptography: Introduction | |
Cryptography: Symmetric cryptography (secret key) | |
Cryptography: Cryptography basics | |
Cryptography: Hash and MAC functions | |
Cryptography: Asymmetric cryptography (public key) | |
Cryptography: peer entity authentication | |
Cryptography: key establishment | |
Cryptography: X.509/PKI PGP | |
Protocols: AAA | |
Protocols: IPSec e IKE | |
Protocols: TLS | |
Network security: Vulnerabilities | |
Network security: Firewalls | |
Network security: Linux firewall | |
Network security: Intrusion Detection System | |
Network security: Anonymity Systems | |
Protocols: OAuth |
Material
|
Description
|
Some exercises on the first part of the course | |
Solutions of the exercises on the first part of the course | |
Some exercises on the second part of the course | |
Solutions of the exercises on the second part of the course |
Material
|
Description
|
Practice on X.509 digital certificates | |
Practice on firewalling | |
Practice on network scanning | |
Exercise on OAuth | |
Material
|
Description
|
BackTrack distribution web site | |
Knoppix-STD's web site | |
[1] W. Stallings, "Cryptography and Network Security: Principles and Practice" 5th Edition, Prentice Hall
[2] C. Kaufman, R. Perlman, M. Speciner, "Network Security: Private Communication in a Public World" 2nd Edition, Prentice Hall
[3] Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, "Handbook of Applied Cryptography", CRC Press, 5th printing, August 2001 (ISBN: 0-8493-8523-7)
[4] C. P. Pfleeger, S. L. Pfleeger, "Security in Computing", 3th
Edition, Prentice Hal, 2002