NETWORK SECURITY

Academic year
2022/2023 Syllabus of previous years
Official course title
NETWORK SECURITY
Course code
CM0627 (AF:398302 AR:215022)
Modality
On campus classes
ECTS credits
6
Degree level
Master's Degree Programme (DM270)
Educational sector code
ING-INF/05
Period
2nd Semester
Course year
1
Where
VENEZIA
Moodle
Go to Moodle page
The course examines the security aspects of the most used network protocols, with attention to the data link, network and transport layers of the ISO/OSI stack.
It will analyze the vulnerabilities that the protocols have and the countermeasures. The course follows a hands-on approach, trying to reproduce known vulnerabilities in virtualized environments.
At the end of the course the student will be acknowledged on:
- known vulnerabilities in network protocols
- possible countermeasures
- some key tools to implement security services on networks

He will also have acquired the necessary skills to:
- avoid configuration errors in the management of communication networks
- perform security tests to check for network-level vulnerabilities
- configure some basic security services.
Basic knowledge of programming (imperative programming and scripting), computer networks and cryptography is required.
The topics of the course will be the following ones (note, the program is not hardcoded, it can be changed based on the interests of the students and on the availability of new information):

Attacks:
- Layer II and III: ARP spoofing, IP packets sniffing and spoofing
- Layer IV: attacks to TCP, SYN Floods, TCP reset and session hijacking. Advanced port scanning modes.
- DNS attacks: birthday attack.
- Attacks to the Internet Routing

Countermeasures:
- Firewalls: introduction to IPTables/Netfilter
- Virtual Private Networks
- The Tor protocol
- Setting up a Layer II authentication: EAP + RADIUS + 802.1X. The case of wireless authentication.

Bonus topics (if time allows):
- Network robustness metrics from graph theory
- Il protocollo Tor
The course is based on material provided by the professor ant on the book:
Wenliang Du, Internet Security: A Hands-on Approach 3rd Edition (ISBN: 978-17330039-6-4)
The evaluation can be done with:
- a written exam + an oral exam
- a written exam + a project. The project can be be a group project in which students reproduce and describe some vulnerability or a presentation from a single student about a scientific paper in the security area.

The participation to the lab lessons can provide bonus points to the students.

Frontal lessons and lab lessons. The course has a strong hands-on component in which the students use virtualized environments to reproduce the vulnerabilities.
English
oral
Definitive programme.
Last update of the programme: 08/11/2022