• Got
    cyber criminals,
    or spies
    in your network?
  • You need
    3TU Cyber Security MSc Specialization Core Course

Next Start: February 2018 Teaching Quarter 3, 2017/2018

Network Security will teach you
the strategies the bad guys use to get in how to effectively defend your network how network protocols and vulnerabilities really work both theory and hands-on knowledge the background to evaluate and design you own security solutions

As a future security professional, you need to master both the theory of network systems and security protocols,
as well as understand how the bad guys try to exploit weaknesses and how you can prevent that.
Network Security and Advanced Network Security will give you the theoretical knowledge and hands-on experience to become a network security expert.

Labs, Demos and
Hands-On Tutorials
Exam or optional security mini project
Network Security Expert
Evaluation: The course will be conducted as a mix of interactive lectures and demos (both in Delft and Twente).
You will earn your final grade through homeworks and a final exam, but it is possible to substitute the exam by completing your own network security-related mini project throughout the quarter. See the syllabus PDF for details.

Course Content

Physical Layer Security

How are telecom networks made? Protection strategies for cables, wireless links and physical installations. Network resilience planning strategies of network operators to withstand disasters and solve infrastructure dependencies. Benefits and limits of physical layer security: or how the bad guys can still tap into communication

Link Layer Security

How the Ethernet link layer works and why it is so insecure! Link layer protection strategies such as port security, VLANs or 802.1X, and how they are circumvented by attackers. Security principles, bad design decisions and attack vectors in wireless communication networks. The security of GSM and telecom networks.

Network Layer

Best network design practices. How to do network reconnaissance. Address spoofing and associated network attacks. Hijacking the DNS system and effective detection and protection techniques. Secure and Covert Tunnels. Security of the "magic glue" of the Internet: How BGP holds the Internet together and the vulnerabilities of the interdomain routing system.

Transport Layer

Reconnaissance and attacks using the TCP protocol. Secure Sockets Layer and Chains of Trust. Side channel attacks on secure sockets.

Application and Web Security

Using software vulnerabilities to gain system access. Finding adversaries with Intrusion Detection Systems and Honeypots. Theory and Practice of Firewalls. Security of E-Mail and Real-Time Communication Protocols. Onion Routing and Anonymizing Proxies. How secure protocols leak exploitable metadata information.

Incident Management

Developing a threat and risk plan. Network incident response planning.

...enriched with many case studies, demos and hands-on exercises:

Physical Layer: tap into copper and fiber optic cables, wireless signal recovery and emulation

Link Layer: Detect and protect against CAM Table Attacks, 5 ways to compromize a WiFi network, IMSI Catchers and how to intercept GSM calls

Network Layer: Perform network reconnaissance, secure a DNS system against attacks, DDoS filtering

Transport Layer: Detect attackers exploiting heart bleed

Application Layer: See and analyze the real-time (!) attack traffic against TU - what sticks in our TU honeypot, determining the content of an SSL-encrypted web session (unpublished research), build a backdoor into a random number generator and read the content of encrypted traffic

Two audiences, two options

As knowledge of network security has become essential for many disciplines and the course network security is listed in multiple study programs, there are now two variants that cater for the different backgrounds and needs. ET4397IN Network Security covers the concepts of network security, current vulnerabilities and appropriate countermeasures. Students are not required to program, both homeworks and final exam are textual questions on the key ideas. In CS4155 Advanced Network Security, students get in addition to the theory also the opportunity for studying vulnerabilities and countermeasures in networking systems and communication protocols in detail, including in-depth study of protocol security analysis as well as a handson implementation of defense mechanisms on actual systems.

Network Security

  • 5
  • 2 lectures per week
  • Understanding of network security key concepts and principles
  • Interactive lectures
  • Basic understanding of networks,
    no programming background required
  • see demos in lecture
  • 60% exam*, 40% homeworks with conceptual questions
    (* Exam may be replaced with a software/hardware project)

CS4155 Advanced Network Security

  • 10
  • 3 per week, plus a lab
  • Understanding, and the ability to perform network detection and implement defenses
  • Interactive lectures, programming tasks and labs
  • Understanding of networks and strong programming background
  • see demos and experiment on your own in labs
  • 40% exam, 60% from homeworks about in-depth protocol analysis/data minining, programming exercises and labs

Interested? Join the next run in Feburary 2018 (Teaching Quarter Q3 2017/2018):
Enroll at TU Delft