IA/0219 - NETWORK SECURITY LAB
Academic Year 2021/2022
Free text for the University
MARCO MARTALO' (Tit.)
- Teaching style
- Lingua Insegnamento
|[70/91] INTERNET ENGINEERING||[91/00 - Ord. 2018] INGEGNERIA DELLE TECNOLOGIE PER INTERNET||2||20|
The teaching unit aims at providing the student with the main knowledge regarding mechanisms and protocols used in the field of network security.
Knowledge and understanding
At the end of the course the student must know and understand:
- main authentication algorithms and protocols;
- main protocols for secure communications;
- possible network vulnerabilities and main protection mechanisms.
Applied knowledge and understanding
At the end of the course, the student must be able to:
- configure and use standard protocols and algorithms for security (for example IPSec and TLS; WEP and WPA; etc.);
- use of tools for network monitoring and scanning for possible vulnerabilities;
- configuration of network protection systems (firewall).
At the end of the course, the student will develop the ability to critically evaluate the results of the network design and to select the most efficient solution for a given application scenario.
At the end of the course, the student must be able to illustrate, in an organic way and with the correct technical terminology, the different security solutions at different architectural levels.
Ability to learn
At the end of the course, the student must be able to integrate knowledge from various sources in order to achieve a broad vision of the problems connected with the design and management of a secure communication network.
Knowledge acquired: basic concepts on TCP/IP architecture and cybersecurity.
Skills: use of simple command line applications.
Abilities: ability to define the link between network problems and possible solutions at different architectural levels.
Introduction to network security (approximately 4 hours)
- Introduction to digital information
- Communication services and networks
- Network taxonomy and topology
- General network scheme
- Network performance
- Protocol architectures and communication models
Systems and protocols for network security (approximately 10 hours)
- Security in IP
- Hints on security for higher protocol layers
- Authentication systems
- Packet filtering
- WLAN security
Laboratory (approximately 6 hours)
- VirtualBox, Wireshark and tcpdump for security purposes
- Eavesdropping, man-in-the-middle and network scanning
- Firewall configuration
The course is organized with
- 14 hours of lectures with support of graphic presentations
- 6 hours of classroom exercises
The teacher is available to provide explanations and clarifications both during the interval between consecutive hours of lessons, both during reception hours, and by e-mail.
Verification of learning
The exam consists of an oral test according to the exam calendar published by the faculty.
Verification of learning is carried out through a written test containing both the provided theoretical concepts and the considered software tools. In particular, the student will have to:
- understand the network security issues;
- know the main network security protocols;
- be able to design, using proper software tools, a secure network scenario.
Slides used during lectures will be available. For further information on specific topics, the following book is recommended:
- William Stallings, Network Security Essential, Pearson