Some of today's most damaging attacks on computer systems involve exploitation of network infrastructure, either as the target of attack or as a vehicle to attack end systems. This course provides an in-depth study of network attack techniques and methods to defend against them.
- Students are familiar with fundamental network-security concepts. - Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures. - Students can identify and assess vulnerabilities in software systems and network protocols. - Students have an in-depth understanding of a range of important state-of-the-art security technologies. - Students can implement network-security protocols based on cryptographic libraries.
The course will cover topics spanning four broad themes with a focus on the first two themes: (1) network defense mechanisms such as public-key infrastructures, TLS, VPNs, anonymous-communication systems, secure routing protocols, secure DNS systems, and network intrusion-detection systems; (2) network attacks such as hijacking, spoofing, denial-of-service (DoS), and distributed denial-of-service (DDoS) attacks; (3) analysis and inference topics such as traffic monitoring and network forensics; and (4) new technologies related to next-generation networks.
In addition, several guest lectures will provide in-depth insights into specific current real-world network-security topics.
Prerequisites / Notice
This lecture is intended for students with an interest in securing Internet communication services and network devices. Students are assumed to have knowledge in networking as taught in a communication networks lecture like 252-0064-00L or 227-0120-00L. Basic knowledge of information security or applied cryptography as taught in 252-0211-00L or 263-4660-00L is beneficial, but an overview of the most important cryptographic primitives will be provided at the beginning of the course. The course will involve several graded course projects. Students are expected to be familiar with a general-purpose or network programming language such as C/C++, Go, Python, or Rust.
Concepts and Theories
Techniques and Technologies
Media and Digital Technologies
Cooperation and Teamwork
Leadership and Responsibility
Self-presentation and Social Influence
Sensitivity to Diversity
Adaptability and Flexibility
Integrity and Work Ethics
Self-awareness and Self-reflection
Self-direction and Self-management
Performance assessment information (valid until the course unit is held again)
The performance assessment is offered every session. Repetition possible without re-enrolling for the course unit.
Mode of examination
written 120 minutes
Additional information on mode of examination
75% of the grade is determined by the written exam, 25% of the grade is determined by several graded projects that need to be completed throughout the semester. The precise weight of each project will be announced at the beginning of the semester. Not handing in a project will result in a grade of 1 for that project.
No auxiliary material or devices are permitted.
The examination may take place on the computer.
This information can be updated until the beginning of the semester; information on the examination timetable is binding.