About the Course:
Computer Network security prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources by entailing the policies and practices adaptation. it is important to know about different kinds of vulnerabilities like buffer overflow, SQL Injection, Firewall injection attacks, etc
Course Objectives:
Provide an overall view of what Computer & Network Security.
Have First depth view of Perimeter Security (Firewall, IDS, IPSEC, VPN).
Learn Authentication and Access management.
Have a beginner’s overview of Cryptography, Malware, Secure Programming, Applications Security.
Explore case studies, hands on experience through assignments/ project, extra readings for alternate view or real time application.
Course Outcomes:
At the end of course, student will be able to
Have a good understanding of security as a problem and current solutions like Firewall, IDS, Authentication, Access Control.
Think what causes software vulnerabilities at a conceptual level.
Do penetration testing, use cryptography appropriately.
Identify many vulnerabilities like buffer overflow, SQL injection and resolve them.
Design a defending protocol for many network vulnerabilities.
Course Content:
Unit 1:
Introduction and Packet Analysis: Plagiarism, CIA principles, Attack surface and types, Assets, Vulnerabilities and Threats, Countermeasures, Privacy, General Data Protection Regulation, Security vs Privacy, Data
Breaches. Real Life Examples of Cyber Crime, Security framework, Job outlook.
Packet Sniffing and Spoofing: Introduction, Sending packets: Network Interface Card (NIC), BSD packet filter (BPF). Packet sniffing: Receiving packets using sockets, Packet sniffing using Raw sockets, Packet sniffing using PCAP API, Processing captured packets. Packet spoofing: Sending normal packets using sockets, Constructing spoofed raw ICMP
packets and UDP packets. Sniffing and then spoofing, Python vs Scapy, Hybrid approach, Endianness.
10 Hours
Unit 2:
OSI Protocol Attacks:
Attacks on the TCP protocols: Introduction, TCP overview, Send and receive buffers, SYN flood attack: TCP 3-way handshake, the SYN flooding attack, Launching the attack using Netwox and C, Countermeasure. TCP reset attack: TCP reset attack on Telnet, SSH and video streaming connections. TCP session hijacking attack: TCP session and session hijacking, Launching the attack, Hijacked TCP connection. Reverse shell: working, redirecting IO to TCP connection, Creating reverse shell. Countermeasure.
MAC layer and attacks: Introduction, The MAC layer, ARP protocol, ARP cache poisoning attacks, MITM using ARP cache poisoning, Demo, Countermeasure.
Network layer: IP, ICMP and attacks: Introduction, IP protocol, IP fragmentation, Attacks using IP fragmentation: Problem and solution, Routing and spoofing prevention, ICMP protocol, ICMP redirect attack, Smurf and other ICMP attacks.
Case Study – 1
12 Hours
Unit 3:
DNS Attacks and Firewalls :
DNS Attacks: Introduction, DNS hierarchy, zones and servers, DNS query process, Experiment Setup, Constructing DNS request and response using Scapy, DNS attacks: Overview, Local DNS cache poisoning attack, Remote DNS cache poisoning attack (Kaminsky attack), Reply forgery attacks from malicious DNS servers, Countermeasure
against DNS spoofing attacks, DoS attacks on DNS servers.
Firewall: Introduction, Requirements of a firewall, Firewall characteristics and Access policy, Types of firewalls, NG firewall, Shortcomings, Firewall location and configuration: DMZ networks, Firewall topologies. Introduction, Build a simple firewall, Netfilter, iptables firewall in Linux, Stateful firewall and connection tracking, Application/Proxy firewall and Web proxy, Evading firewalls.
12 Hours
Unit 4:
IDS, IPS and Virtual Private Networks:
Intrusion Detection and Prevention: Intruders, Intrusion detection, Analysis approaches, Host-based intrusion detection, Network-based intrusion detection, Distributed or hybrid intrusion detection, Honeypots, Example system: Snort, Intrusion prevention system.
Virtual Private Network: Introduction, Why VPN, analogy and tunnelling. Overview of TLS/SSL VPN: Establishing a tunnel, Forwarding and releasing IP packets, TLS/SSL VPN details. Building, Setup and Testing VPN. Bypassing Firewall using VPN.
Case Study – 2
10 Hours
Unit 5:
Network Management and Wireless Network Security:
Network Management: IT security management overview and Risk assessment, IT security controls, Plans, and procedures, Physical and infrastructure security, Human Resources security, Security auditing.
The Heartbleed Bug and Attack: Introduction and the Heartbeat protocol, Launching the attack, Fixing the Heartbleed bug.
Wireless Security: Communications and 802.11 WLAN standards: Wired Equivalent Privacy (WEP), Wireless Protected Access (WPA), IEEE 802.1x, 802.11i/ WPA2, Wireless Network Threats
10 Hours
Textbooks:
1: “Computer Security – Hands on Approach”, Wenliang Du , 2nd Edition, 2019
Refrence Books:
1: “Computer Security : Principles and Practice”, William Stalling &Lawrie Brown, 3rd Edition Nov Pearson, 2015.
2: “Measuring Pay-per-Install: The Commoditization of Malware Distribution”,J. Caballero, C. Grier, C. Kreibich, V. Paxson
3: “Intrusion and intrusion detection” ,John McHugh
4: “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. 5: Programming Satan's Computer Ross Anderson and Roger Needham
6: Why crypto systems fail - Ross Anderson
Tools & Languages:
Wireshark, Python, Seed Ubuntu 16 version, Netwox, C Programming, Scapy
Course Content: