Some of today's most damaging attacks on computer systems involve exploitation of network infrastructure, either as the target of attack or as a vehicle to attack end systems. This course provides an in-depth study of network attack techniques and methods to defend against them.
Lernziel
- Students are familiar with fundamental network-security concepts. - Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures. - Students can identify and assess vulnerabilities in software systems and network protocols. - Students have an in-depth understanding of a range of important state-of-the-art security technologies. - Students can implement network-security protocols based on cryptographic libraries.
Inhalt
The course will cover topics spanning four broad themes with a focus on the first two themes: (1) network defense mechanisms such as public-key infrastructures, TLS, VPNs, anonymous-communication systems, secure routing protocols, secure DNS systems, and network intrusion-detection systems; (2) network attacks such as hijacking, spoofing, denial-of-service (DoS), and distributed denial-of-service (DDoS) attacks; (3) analysis and inference topics such as traffic monitoring and network forensics; and (4) new technologies related to next-generation networks.
In addition, several guest lectures will provide in-depth insights into specific current real-world network-security topics.
Voraussetzungen / Besonderes
This lecture is intended for students with an interest in securing Internet communication services and network devices. Students are assumed to have knowledge in networking as taught in a communication networks lecture like 252-0064-00L or 227-0120-00L. Basic knowledge of information security or applied cryptography as taught in 252-0211-00L or 263-4660-00L is beneficial, but an overview of the most important cryptographic primitives will be provided at the beginning of the course. The course will involve several graded course projects. Students are expected to be familiar with a general-purpose or network programming language such as C/C++, Go, Python, or Rust.
Kompetenzen
Fachspezifische Kompetenzen
Konzepte und Theorien
geprüft
Verfahren und Technologien
geprüft
Methodenspezifische Kompetenzen
Analytische Kompetenzen
geprüft
Entscheidungsfindung
geprüft
Medien und digitale Technologien
geprüft
Problemlösung
geprüft
Projektmanagement
geprüft
Soziale Kompetenzen
Kommunikation
gefördert
Kooperation und Teamarbeit
gefördert
Kundenorientierung
gefördert
Menschenführung und Verantwortung
gefördert
Selbstdarstellung und soziale Einflussnahme
gefördert
Sensibilität für Vielfalt
gefördert
Verhandlung
gefördert
Persönliche Kompetenzen
Anpassung und Flexibilität
gefördert
Kreatives Denken
geprüft
Kritisches Denken
geprüft
Integrität und Arbeitsethik
gefördert
Selbstbewusstsein und Selbstreflexion
gefördert
Selbststeuerung und Selbstmanagement
geprüft
Leistungskontrolle
Information zur Leistungskontrolle (gültig bis die Lerneinheit neu gelesen wird)
Die Leistungskontrolle wird in jeder Session angeboten. Die Repetition ist ohne erneute Belegung der Lerneinheit möglich.
Prüfungsmodus
schriftlich 120 Minuten
Zusatzinformation zum Prüfungsmodus
75% of the grade is determined by the written exam, 25% of the grade is determined by several graded projects that need to be completed throughout the semester. The precise weight of each project will be announced at the beginning of the semester. Not handing in a project will result in a grade of 1 for that project.
Hilfsmittel schriftlich
No auxiliary material or devices are permitted.
Digitale Prüfung
Die Prüfung findet auf Geräten statt, die von der ETH Zürich zur Verfügung gestellt werden.
Diese Angaben können noch zu Semesterbeginn aktualisiert werden; verbindlich sind die Angaben auf dem Prüfungsplan.