Budapest University of Technology and Economics, Faculty of Electrical Engineering and Informatics

    címtáras azonosítással

    vissza a tantárgylistához   nyomtatható verzió    

    Network Security

    A tantárgy neve magyarul / Name of the subject in Hungarian: Hálózatbiztonság

    Last updated: 2015. november 22.

    Budapest University of Technology and Economics
    Faculty of Electrical Engineering and Informatics
    IT security minor specialization
    Course ID Semester Assessment Credit Tantárgyfélév
    VIHIMB00 3 2/1/0/v 4  
    3. Course coordinator and department Dr. Bencsáth Boldizsár,
    4. Instructors Dr. Boldizsár Bencsáth    Assistant Professor    HIT
    Dr. Tamás Holczer    Assistant Professor    HIT

    5. Required knowledge Communication Networks
    6. Pre-requisites
    NEM ( TárgyEredmény( "BMEVIHIM327" , "jegy" , _ ) >= 2
    TárgyEredmény( "BMEVITMM197" , "jegy" , _ ) >= 2
    TárgyEredmény( "BMEVITMM280" , "jegy" , _ ) >= 2
    TárgyEredmény( "BMEVITMM214" , "jegy" , _ ) >= 2
    TárgyEredmény("BMEVIHIM327", "FELVETEL", AktualisFelev()) > 0
    TárgyEredmény("BMEVITMM197", "FELVETEL", AktualisFelev()) > 0
    TárgyEredmény("BMEVITMM280", "FELVETEL", AktualisFelev()) > 0
    TárgyEredmény("BMEVITMM214", "FELVETEL", AktualisFelev()) > 0
    TárgyEredmény( "BMEVIHIMA23", "jegy" , _ ) >= 2
    TárgyEredmény("BMEVIHIMA23", "FELVETEL", AktualisFelev()) > 0)

    A fenti forma a Neptun sajátja, ezen technikai okokból nem változtattunk.

    A kötelező előtanulmányi rend az adott szak honlapján és képzési programjában található.

    7. Objectives, learning outcomes and obtained knowledge This course gives a detailed introduction into the security problems of computer networks, and it gives an overview of the possible solutions to those problems. It also covers issues related to secure operation of networks in practice, including modern tools and techniques used to ensure security. Students will get theoretical knowledge and practical skills that form the basis of secure network operations, and allow them to assess security risks, understand threats and vulnerabilities, select and integrate appropriate security solutions, and to design new security mechanisms. The course also serves as a basis for obatining skills in penetration testing and ethical hacking of networks.
    8. Synopsis Week 1: Introduction and motivation
    Network security problems, types of attacks, main network security requirements, illustrative case studies.
    Week 2: Network intrusion techniques
    Phases of a typical penetration attack, methods and tools used in each phase, illustrative examples. Security testing of networks (penetration testing, ethical hacking).
    Week 3: Firewalls
    Perimeter defense with firewalls, types of firewalls, their operating principles, typical configuration settings, and usual configuration pitfalls. New generation firewalls, application detection, content filtering, deep packet inspection. Introduction of some specific firewall products, illustrative examples.
    Week 4: Intrusion prevention and detection systems (IPS/IDS)
    Types, operation, and configuration of IPS/IDS systems. Security Information and Event Management (SIEM) systems, security dashboard functions. Introduction of some specific IPS/IDS, as well as SIEM products, illustrative examples.
    Week 5: Log analysis
    Monitoring and recording network traffic. Goals, theoretical limits, and tools for network log analysis, specific examples for log analysis tools, illustrative examples.
    Week 6: Honeypots and their applications
    Types of honeypots, and their possible applications for detecting network intrusions and tracking attacker activity, illustrative examples. Protection and management of honeypots, and secure integration of honeypots into operaztional environments.
    Week 7: Network infrastructure security
    Introduction of the DNS system, common threats on DNS and examples for attacks. Ensuring security of DNS with DNSSEC. Security issues related to routing and the BGP protocol, consequences and possible solutions.
    Week 8-9: Botnets
    Types, architecture, and operation of botnets, applied control methods. Detecting and mapping botnets, determining botnet size. Techniques to increase botnet robustness (e.g., peer-to-peer techniques). History and operation of some known botnets, analysis and take down examples.
    Week 10: Spam filtering and protection against DoS attacks
    The spam problem, its effects on sociatey and economics, evolution of spam techniques. Background and methods of spam filtering, fine tuning spam filters, and performance analysis. Attacks against anti-spam solutions.  DoS and distributed DoS (DDoS) attacks, methods and possible detection and protection approaches.
    Week 11: Security of web based services
    Typical security problems in web based systems (SQL injection, XSS, CSRF, etc.) and proposed solutions. Session hijacking and secure session handling in web based systems. Security configuration of web servers, security testing of web based services, illsutrative examples.
    Week 12: Security of enterprise networks
    Security architecture of enterprise networks, user authetication, access right management, and access control enforcement. Security of Wifi networks, the Bring Your Own Device (BYOD) problem. Data Loss Prevention (DLP) solutions. Organizational requirements, security policies, standards, and recommendations.
    Week 13: Security in industrial control networks and cyber-physical systems
    Special features of industrial control networks, their security problems, possible attacks and their potential consequences. Security requirements and solutions in ICS systems. Security issues in other cyber-physical systems (e.g., embedded sensor networks), design challenges and possible security solutions.
    Week 14: Privacy protection in the web and in social networks
    Tracking users on the web (e.g., browser fingerprinting, third party cookies), possible countermeasures. Privacy problems in social networks.

    Classroom exercises extend the lectures by illustration of the usage of concrete security tools, their configurations, and help deepening knowledge by solving challenges in the following domains:  
    1. Application of network discovery and mapping tools
    2. Firewall configuration exercises
    3. Analysis of IDS outputs
    4. Honeypot configuration and appliactions examples
    5. Log analysis via examples
    6. SQL injection attack: generation of some attacks against a toy server
    7. Botnet analysis: measurements and quantitative analysis of botnets

    9. Method of instruction Lecture and classroom exercises.
    10. Assessment Fulfilling the requirements of 2 homework projects (HW1, HW2).

    Oral exam (E).

    Final grade is calculated as 0.2*HW1 + 0.2*HW2 + 0.6*E (rounded to the closest integer)

    12. Consultations Ad hoc meetings with the lecturers.

    13. References, textbooks and resources
    Slides are available on the course web site with further recommended readings.
    14. Required learning hours and assignment
    Kontakt óra42
    Félévközi készülés órákra 
    Felkészülés zárthelyire 
    Házi feladat elkészítése30
    Kijelölt írásos tananyag elsajátítása 
    15. Syllabus prepared by Dr. Levente Buttyán    Associate Professor    HIT
    Dr. Boldizsár Bencsáth     Assistant Professor    HIT