Network Security
(9 CFU)
Spring 2014
Exam results (updated on 21/2/2015)
The objective of this course is the study of the main security mechanisms and protocols used for securing communications and for protecting computer networks. In particular, the following topics will be focused: cryptography basics and algorithms, authentication mechanisms and digital signature, protocols for secure communications, main network threats, vulnerabilities, and countermeasures.
1) Basics of cryptography and
authentication mechanisms (4 CFU)
- Basics of symmetric
(classic) cryptography and examples of algorithms
(DES, 3DES, AES)
- Basics of asymmetric
cryptography and examples of algorithms(RSA,
Diffie-Hellman, DSA); advantages and disadvantages
- Hash and MAC functions (MD5,
SHA, HMAC)
- Authentication algorithms, based
on both symmetric and asymmetric
cryptography
- Key exchange, agreement,
distribution
- Digital signature, digital
certificates, certification authority,
Public Key Infrastructure, standard X.509, PGP (Pretty Good Privacy)
2) Security protocols (2 CFU)
- Protocols for authentication and
key exchange (Kerberos, AAA, RADIUS)
- Protocols for secure communications at IP layer (IPSec/AH/ESP), and
virtual private networks (VPNs)
- Protocols for secure communications at transport (SSL/TLS) and
application layer
3) Network vulnerabilities and
countermeasures (3 CFU)
- Vulnerabilities of TCP/IP
protocols, attacks and countermeasures (sniffing, network and port
scanning, spoofing, flooding, buffer overflow, etc.)
- Firewall (packet filtering, ALG, NAT, DMZ), examples of network
configurations; protocols for FW and NAT traversal (STUN e TURN)
- Intrusion Detection System (IDS)
- Anonymity networks
Basic knowledge of
communication architectures and TCP/IP
protocols is required.
Day
|
Time
|
Room
|
Tuesday
|
8:30 - 10:30
|
C
|
Wednesday
|
10:30 - 12:30
|
C
|
Thursday
|
16:30 - 18:30
|
8
|
Day
|
Time
|
Tuesday
|
11:00 - 13:00
|
Office: bulding 2, room 2/27 (Tel. 0521-90-5768)
Exam
|
Time
|
Place
|
first part
|
30/4/2014, 12:30 | room G |
second (final) part or exam | 10/6/2014, 14:30 | room O |
exam | 24/6/2014, 14:30 | room O |
exam | 8/7/2014, 14:30 | room O |
exam | 2/9/2014, 10:30 | room C |
exam | 17/9/2014, 10:30 | room C |
exam | 12/1/2015, 14:30 | room 8 |
exam | 18/2/2015, 10:30 | room 8 |
NB Those who already succeeded in one partial exam during the course, can complete the exam in any final exam day.
Results of the exam of the 18/2/2015, in pdf.
Results of the exam of the 12/1/2015, in pdf.
Please contact the professor in order to review your past exam or to register the exam result.Results of the exam of the 17/9/2014, in pdf.
Results of the exam of the 2/9/2014, in pdf.
Results of the exam of the 8/7/2014, in pdf.
Results of the exam of the 24/6/2014, in pdf.
Results of the exam on the second part (10/6/2014) and final, in pdf.
Results of the exam on the first part (30/4/2014), in pdf.
Please feel free to contact the professor to review the test and for any questions.
Material
|
Description
|
Introduction to network security | |
Cryptography: Introduction | |
Cryptography: Symmetric cryptography (secret key) | |
Sec-1-03 | Cryptography: Hash and MAC functions |
Sec-1-00 | Cryptography: Number theory basics |
Sec-1-04 | Cryptography: Asymmetric cryptography (public key) |
Sec-1-05 | Cryptography: peer entity authentication |
Sec-1-06 | Cryptography: key establishment |
Sec-1-07 | Cryptography: digital certificates, X.509, PGP |
Sec-2-01 | Protocols: AAA |
Sec-2-02 | Protocols: IPSec e IKE |
Sec-2-03 | Protocols: TLS |
Sec-3-01 | Network security: Vulnerabilities |
Sec-3-02 | Network security: Firewalls |
Sec-3-03 | Network security: Linux firewall |
Sec-3-04 | Network security: Intrusion Detection System |
Sec-3-05 | Network security: Anonymity Systems |
Material
|
Description
|
Exercises_part_I Exercises_part_I_[ITA] |
Some exercises on the first part of the course |
Solutions_part_I | Solutions of the exercises on the first part of the course |
Exercises_part_II Exercises_part_II_[ITA] |
Some exercises on the second part of the course |
Solutions_part_II | Solutions of the exercises on the second part of the course |
Material
|
Description
|
Sec-EX01 | Practice on cryptograpy and X.509 digital certificates |
Sec-EX02 | Practice on network sniffing and MITM attack |
Sec-EX02 | Practice on network scanning |
Sec-EX03 | Practice on firewalling |
Material
|
Description
|
Class slides in 1x format | |
BackTrack distribution web site | |
[1] W. Stallings, "Cryptography and Network Security: Principles and Practice" 5th Edition, Prentice Hall
[2] C. Kaufman, R. Perlman, M. Speciner, "Network Security: Private Communication in a Public World" 2nd Edition, Prentice Hall
[3] Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, "Handbook of Applied Cryptography", CRC Press, 5th printing, August 2001 (ISBN: 0-8493-8523-7)
[4] C. P. Pfleeger, S. L.
Pfleeger, "Security in Computing",
3th Edition, Prentice Hal, 2002