Network Security

A tantárgy neve magyarul / Name of the subject in Hungarian: Hálózatbiztonság

Last updated: 2015. november 22.

Budapest University of Technology and Economics
Faculty of Electrical Engineering and Informatics 		IT security minor specialization
Course ID Semester Assessment Credit Tantárgyfélév
VIHIMB00 3 2/1/0/v 4  
3. Course coordinator and department Dr. Bencsáth Boldizsár,
4. Instructors Dr. Boldizsár Bencsáth    Assistant Professor    HIT
Dr. Tamás Holczer    Assistant Professor    HIT

5. Required knowledge Communication Networks
6. Pre-requisites
Kötelező:
NEM ( TárgyEredmény( "BMEVIHIM327" , "jegy" , _ ) >= 2
VAGY
TárgyEredmény( "BMEVITMM197" , "jegy" , _ ) >= 2
VAGY
TárgyEredmény( "BMEVITMM280" , "jegy" , _ ) >= 2
VAGY
TárgyEredmény( "BMEVITMM214" , "jegy" , _ ) >= 2
VAGY
TárgyEredmény("BMEVIHIM327", "FELVETEL", AktualisFelev()) > 0
VAGY
TárgyEredmény("BMEVITMM197", "FELVETEL", AktualisFelev()) > 0
VAGY
TárgyEredmény("BMEVITMM280", "FELVETEL", AktualisFelev()) > 0
VAGY
TárgyEredmény("BMEVITMM214", "FELVETEL", AktualisFelev()) > 0
VAGY
TárgyEredmény( "BMEVIHIMA23", "jegy" , _ ) >= 2
VAGY
TárgyEredmény("BMEVIHIMA23", "FELVETEL", AktualisFelev()) > 0)

A fenti forma a Neptun sajátja, ezen technikai okokból nem változtattunk.

A kötelező előtanulmányi rend az adott szak honlapján és képzési programjában található.

7. Objectives, learning outcomes and obtained knowledge This course gives a detailed introduction into the security problems of computer networks, and it gives an overview of the possible solutions to those problems. It also covers issues related to secure operation of networks in practice, including modern tools and techniques used to ensure security. Students will get theoretical knowledge and practical skills that form the basis of secure network operations, and allow them to assess security risks, understand threats and vulnerabilities, select and integrate appropriate security solutions, and to design new security mechanisms. The course also serves as a basis for obatining skills in penetration testing and ethical hacking of networks.
8. Synopsis Week 1: Introduction and motivation
Network security problems, types of attacks, main network security requirements, illustrative case studies.
Week 2: Network intrusion techniques
Phases of a typical penetration attack, methods and tools used in each phase, illustrative examples. Security testing of networks (penetration testing, ethical hacking).
Week 3: Firewalls
Perimeter defense with firewalls, types of firewalls, their operating principles, typical configuration settings, and usual configuration pitfalls. New generation firewalls, application detection, content filtering, deep packet inspection. Introduction of some specific firewall products, illustrative examples.
Week 4: Intrusion prevention and detection systems (IPS/IDS)
Types, operation, and configuration of IPS/IDS systems. Security Information and Event Management (SIEM) systems, security dashboard functions. Introduction of some specific IPS/IDS, as well as SIEM products, illustrative examples.
Week 5: Log analysis
Monitoring and recording network traffic. Goals, theoretical limits, and tools for network log analysis, specific examples for log analysis tools, illustrative examples.
Week 6: Honeypots and their applications
Types of honeypots, and their possible applications for detecting network intrusions and tracking attacker activity, illustrative examples. Protection and management of honeypots, and secure integration of honeypots into operaztional environments.
Week 7: Network infrastructure security
Introduction of the DNS system, common threats on DNS and examples for attacks. Ensuring security of DNS with DNSSEC. Security issues related to routing and the BGP protocol, consequences and possible solutions.
Week 8-9: Botnets
Types, architecture, and operation of botnets, applied control methods. Detecting and mapping botnets, determining botnet size. Techniques to increase botnet robustness (e.g., peer-to-peer techniques). History and operation of some known botnets, analysis and take down examples.
Week 10: Spam filtering and protection against DoS attacks
The spam problem, its effects on sociatey and economics, evolution of spam techniques. Background and methods of spam filtering, fine tuning spam filters, and performance analysis. Attacks against anti-spam solutions.  DoS and distributed DoS (DDoS) attacks, methods and possible detection and protection approaches.
Week 11: Security of web based services
Typical security problems in web based systems (SQL injection, XSS, CSRF, etc.) and proposed solutions. Session hijacking and secure session handling in web based systems. Security configuration of web servers, security testing of web based services, illsutrative examples.
Week 12: Security of enterprise networks
Security architecture of enterprise networks, user authetication, access right management, and access control enforcement. Security of Wifi networks, the Bring Your Own Device (BYOD) problem. Data Loss Prevention (DLP) solutions. Organizational requirements, security policies, standards, and recommendations.
Week 13: Security in industrial control networks and cyber-physical systems
Special features of industrial control networks, their security problems, possible attacks and their potential consequences. Security requirements and solutions in ICS systems. Security issues in other cyber-physical systems (e.g., embedded sensor networks), design challenges and possible security solutions.
Week 14: Privacy protection in the web and in social networks
Tracking users on the web (e.g., browser fingerprinting, third party cookies), possible countermeasures. Privacy problems in social networks.

Classroom exercises extend the lectures by illustration of the usage of concrete security tools, their configurations, and help deepening knowledge by solving challenges in the following domains:  
1. Application of network discovery and mapping tools
2. Firewall configuration exercises
3. Analysis of IDS outputs
4. Honeypot configuration and appliactions examples
5. Log analysis via examples
6. SQL injection attack: generation of some attacks against a toy server
7. Botnet analysis: measurements and quantitative analysis of botnets

9. Method of instruction Lecture and classroom exercises.
10. Assessment Fulfilling the requirements of 2 homework projects (HW1, HW2).

Oral exam (E).

Final grade is calculated as 0.2*HW1 + 0.2*HW2 + 0.6*E (rounded to the closest integer)

12. Consultations Ad hoc meetings with the lecturers.

13. References, textbooks and resources
Slides are available on the course web site with further recommended readings.
14. Required learning hours and assignment
Kontakt óra42
Félévközi készülés órákra 
Felkészülés zárthelyire 
Házi feladat elkészítése30
Kijelölt írásos tananyag elsajátítása 
Vizsgafelkészülés48
Összesen120
15. Syllabus prepared by Dr. Levente Buttyán    Associate Professor    HIT
Dr. Boldizsár Bencsáth     Assistant Professor    HIT