| Course Unit Code | 440-4113/01 |
|---|
| Number of ECTS Credits Allocated | 4 ECTS credits |
|---|
| Type of Course Unit * | Compulsory |
|---|
| Level of Course Unit * | Second Cycle |
|---|
| Year of Study * | First Year |
|---|
| Semester when the Course Unit is delivered | Summer Semester |
|---|
| Mode of Delivery | Face-to-face |
|---|
| Language of Instruction | Czech |
|---|
| Prerequisites and Co-Requisites | Course succeeds to compulsory courses of previous semester |
|---|
| Name of Lecturer(s) | Personal ID | Name |
|---|
| VOZ29 | prof. Ing. Miroslav Vozňák, Ph.D. |
| REZ106 | Ing. Filip Řezáč, Ph.D. |
| Summary |
|---|
| This course provides an explanation of security mechanisms of communication in computer networks, solutions of communication in IMS systems, networks with VoIP technology and mobile networks. Students will acquire practical skills and they will be able to design and implement the particular security measures in open-source environment such as Nessus, openSSL, openVPN, IPtables, SNORT, etc. |
| Learning Outcomes of the Course Unit |
|---|
Understand the security risks and measures in ecommunication technologies and can apply the individual solutions.
Learning outcomes are set so that the students are able to identify and apply to tasks related to the security in communications. |
| Course Contents |
|---|
1. Introduction to security, network security, scheme for network attack, classification and techniques of attacks.
2. Networks security elements - Juniper, Junos system, emulation of networks elements, system GNS3
3. PKI - Public-Key Infrastructure, Symetric, Asymetric encryption, Hash function, Diffie-Helmann, X.509
4. Secure Sockets Layer, setting up SSL connection, Open SSL library and the using OpenSSL.
5. Security on transport layer and authentication protocol SSH, SSH tunels. Authentication in nettwork, Kerberos system.
6. Secuirty on network layer - IPsec (AH,ESP,IKE, ISAKMP) a transport layer (TLS, WTLS, DTLS)
7. Network security in VSB, national security teams CSIRT and CERT, cyber criminality
8. Security of wireless networks - WiFi, GSM, Bluetooth, Zigbee, UMTS
9. Advances computational methods in cryptography based on GPU and their impact on current used security meaures in communications
10. Firewall - basic classification, methods of filtering on network and transport layers, state inspections and pracitcal solutions with IPtables. Introduction into IPS/IDS
11. Snort - possibility of application in network, components, rules IPS with SnortSam
12. Security in IPtelephony - H.323 and SIp signalling, media security SRTP and ZRTP. Spam in IP telephony and measures of defense
13. Well-known attacks in IPtelephony, penetration testing, DoS on VoIP and IMS Services
14. Fight against criminality on Internet, CERT/CSIRT teams, project INDECT (EU FP 7), CALEA and law framework in EU and information on exam
Exercises
Introduction into course, history and future of cryptography. W1
Network scanning using Nmap and vulnerability tests with Nessus – remote security scanner. W3
Security in 802.11 networks, NetStumbler and Kismet + Essay assignment. W8
Advanced computational methods (CUDA) used in cryptography. W9
Presentation of the essay, work on the project - 5 points. W13
Presentation of the project – 15 points. W14
Labs
Introduction into Juniper security solutions, GNS3 and introduction into JUNOS configuration. W2
Introduction into OpenSSL library, generating a certification authority, public and private keys, signing certificates. W4
Implementation of OpenVPN, design of the network topology. W5
Configuration of the VPN using Juniper emulation in GNS3. W6
VPN tunnel using OpenVPN - 5 points. W7
Introduction into IDS and IPS open-source systems – Snort, Suricata +project assignment. W10
Security rules configuration using Juniper emulation in GNS3. W11
Configuration of the working IDS with Juniper or SNORT, Suricata - 5 points. W12
|
| Recommended or Required Reading |
|---|
| Required Reading: |
|---|
STALLINGS W. Cryptography and Network Security: Principles and Practice. Pearson: 8
edition, 2020. ISBN 9780135764039.
|
STALLINGS W. Cryptography and Network Security: Principles and Practice. Pearson: 8
edition, 2020. ISBN 9780135764039.
ŘEZÁČ, F., VOZŇÁK, M., ROZHON, J. Bezpečnost v komunikacích. VŠB-TUO, vysokoškolská skripta, 2013.
LEVICKÝ,D. Kryptografia v informačnej bezpečnosti. Elfa. 2010. ISBN 9788080861636.
|
| Recommended Reading: |
|---|
GUPTA B. B. et al. Handbook of computer networks and cyber security: Principles and paradigms, Springer, 2019. ISBN 9783030222772.
COLLIER,M.,ENDLER,D. Hacking VoIP exposed. New York: McGraww-Hill, 2007. ISBN 9780072263640. |
GUPTA B. B. et al. Handbook of computer networks and cyber security: Principles and paradigms, Springer, 2019. ISBN 9783030222772.
COLLIER,M.,ENDLER,D. Hacking VoIP exposed. New York: McGraww-Hill, 2007. ISBN 9780072263640. |
| Planned learning activities and teaching methods |
|---|
| Lectures, Tutorials, Experimental work in labs, Project work |
| Assesment methods and criteria |
|---|
| Task Title | Task Type | Maximum Number of Points
(Act. for Subtasks) | Minimum Number of Points for Task Passing |
|---|
| Exercises evaluation and Examination | Credit and Examination | 100 (100) | 51 |
| Exercises evaluation | Credit | 30 (30) | 15 |
| Semestrální projekt | Semestral project | 15 | 0 |
| Laboratorní úlohy | Laboratory work | 10 | 0 |
| Referát | Other task type | 5 | 0 |
| Examination | Examination | 70 (70) | 20 |
| Písemná část zkoušky | Written examination | 60 | 15 |
| Ústní část zkoušky | Oral examination | 10 | 0 |