Communication Security
Data is displayed for academic year: 2023./2024.
Associate Lecturers
Laboratory exercises
Course Description
TCP / IP security issues. Security and vulnerability of operating systems. Security of distributed systems. Web traffic security. Computer and Network Protection: Types of Threats and Attacks, Defense Levels. The problem of malicious resource congestion. Security protocols. Virtual private networks. Firewall: traffic filtering, network address mapping (NAT). Public Key Infrastructure. Security standards.
Study Programmes
University graduate
[FER3-HR] Audio Technologies and Electroacoustics - profile
Elective Courses
(2. semester)
[FER3-HR] Communication and Space Technologies - profile
Elective Courses
(2. semester)
[FER3-HR] Computational Modelling in Engineering - profile
Elective Courses
(2. semester)
[FER3-HR] Computer Engineering - profile
Elective Courses
(2. semester)
[FER3-HR] Computer Science - profile
Elective Courses
(2. semester)
Elective Courses of the Profile
(2. semester)
[FER3-HR] Control Systems and Robotics - profile
Elective Courses
(2. semester)
[FER3-HR] Data Science - profile
Elective Courses
(2. semester)
[FER3-HR] Electrical Power Engineering - profile
Elective Courses
(2. semester)
[FER3-HR] Electric Machines, Drives and Automation - profile
Elective Courses
(2. semester)
[FER3-HR] Electronic and Computer Engineering - profile
Elective Courses
(2. semester)
[FER3-HR] Electronics - profile
Elective Courses
(2. semester)
[FER3-HR] Information and Communication Engineering - profile
Elective Courses
(2. semester)
[FER3-HR] Network Science - profile
Core-elective courses
(2. semester)
[FER3-HR] Software Engineering and Information Systems - profile
Elective Courses
(2. semester)
Learning Outcomes
- assess security of communication network
- design security mechanisms to protect communication network
- design security mechanism to protect application data while in transit
Forms of Teaching
Lectures
Lectures
Independent assignmentsIndependent assignments
LaboratoryLaboratory exercises
Grading Method
Continuous Assessment | Exam | |||||
---|---|---|---|---|---|---|
Type | Threshold | Percent of Grade | Threshold | Percent of Grade | ||
Laboratory Exercises | 0 % | 10 % | 0 % | 10 % | ||
Mid Term Exam: Written | 20 % | 45 % | 0 % | |||
Final Exam: Written | 20 % | 45 % | ||||
Exam: Written | 50 % | 90 % |
Week by Week Schedule
- Security threats; Security requirements for networks and services; Security analysis; Protection measures; Security standards, organizations, and bodies; Relevant laws and recommendations, Cryptographic protection; Basic definitions and objectives: symmetric and asymmetric algorithms, hash functions, digital signature, and key management, Digital certificates; Public key infrastructure (PKI); PKI components and users
- Protection of computers and networks; Types of threats and attacks (e.g., denial of service, spoofing, sniffing and traffic redirection, man-in-the-middle, message integrity attacks, routing attacks, and traffic analysis), levels of defense; Case studies focused on vulnerabilities of Internet protocols and applications; Protection methods on the network layer
- TCP/IP protocol stack security: network and transport layer; Protocol vulnerabilities and attacks
- Firewall: traffic filtering; Firewall architectures; Network address translation (NAT)
- Techniques and tools for vulnerability scaning; Intrusion detection systems; Host-based, network-based approaches, and hybrid approaches
- Virtual private networks (VPNs): security protocols, design, and advantages and disadvantages of various models
- Defense mechanisms and countermeasures (e.g., network monitoring, intrusion detection, firewalls, spoofing and DoS protection, honeypots, tracebacks)
- Midterm exam
- Operational network security management (e.g., configure network access control)
- Data link layer security
- Wireless network security
- Security in mobile networks
- Security of web traffic and web servers; Hypertext Transfer Protocol (HTTP) security; Secure Sockets Layer (SSL); Web users' management; Authentication (e.g., single sign-on, HTTPS and certificates); Application and browser security; Session management; Application vulnerabilities and defenses (SQL injection, XSS, CSRF); Client side security (cookies, HTTPS, plugins, user tracking, same origin policy); Server-side security tools (e.g., Web Application Firewalls (WAFs) and fuzzers); Content security policies, E-mail security; Secure/Multipurpose Internet Mail Extensions (S/MIME), Pretty Good Privacy (PGP); Domain Name System (DNS)
- Guest Lecturer from Industry - overview of current procedures and practices
- Final exam
Literature
(.), W. Stallings (1999.), Network Security Essentials: Applications and Standards, Prentice Hall,
(.), Chapman, D. Brent, Cooper, Simon, Russell, Deborah, and Zwicky, Elizabeth D (2000.), Building Internet Firewalls (2nd edition), O'Reilly and Associates,
(.), Man Young Rhee (2003.), Internet Security, John Wiley & Sons,
(.), Jyrki T. J. Penttinen: Wireless Communications Security: Solutions for the Internet of Things, Wiley, 2016,
For students
General
ID 222776
Summer semester
5 ECTS
L1 English Level
L1 e-Learning
30 Lectures
0 Seminar
0 Exercises
12 Laboratory exercises
0 Project laboratory
Grading System
90 Excellent
80 Very Good
70 Good
50 Sufficient