Skip to main content
Skip header

ECTS Course Overview



Security in Communications

* Exchange students do not have to consider this information when selecting suitable courses for an exchange stay.

Course Unit Code440-4113/02
Number of ECTS Credits Allocated4 ECTS credits
Type of Course Unit *Optional
Level of Course Unit *Second Cycle
Year of Study *
Semester when the Course Unit is deliveredSummer Semester
Mode of DeliveryFace-to-face
Language of InstructionCzech, English
Prerequisites and Co-Requisites Course succeeds to compulsory courses of previous semester
Name of Lecturer(s)Personal IDName
VOZ29prof. Ing. Miroslav Vozňák, Ph.D.
REZ106Ing. Filip Řezáč, Ph.D.
Summary
This course provides an explanation of security mechanisms of communication in computer networks, solutions of communication in IMS systems, networks with VoIP technology and mobile networks. Students will acquire practical skills and they will be able to design and implement the particular security measures in open-source environment such as Nessus, openSSL, openVPN, IPtables, SNORT, etc.
Learning Outcomes of the Course Unit
Understand the security risks and measures in ecommunication technologies and can apply the individual solutions.

Learning outcomes are set so that the students are able to identify and apply to tasks related to the security in communications.
Course Contents
1. Introduction to security, network security, scheme for network attack, classification and techniques of attacks.

2. Networks security elements - Juniper, Junos system, emulation of networks elements, system GNS3

3. PKI - Public-Key Infrastructure, Symetric, Asymetric encryption, Hash function, Diffie-Helmann, X.509

4. Secure Sockets Layer, setting up SSL connection, Open SSL library and the using OpenSSL.

5. Security on transport layer and authentication protocol SSH, SSH tunels. Authentication in nettwork, Kerberos system.

6. Secuirty on network layer - IPsec (AH,ESP,IKE, ISAKMP) a transport layer (TLS, WTLS, DTLS)

7. Network security in VSB, national security teams CSIRT and CERT, cyber criminality

8. Security of wireless networks - WiFi, GSM, Bluetooth, Zigbee, UMTS

9. Advances computational methods in cryptography based on GPU and their impact on current used security meaures in communications

10. Firewall - basic classification, methods of filtering on network and transport layers, state inspections and pracitcal solutions with IPtables. Introduction into IPS/IDS

11. Snort - possibility of application in network, components, rules IPS with SnortSam

12. Security in IPtelephony - H.323 and SIp signalling, media security SRTP and ZRTP. Spam in IP telephony and measures of defense

13. Well-known attacks in IPtelephony, penetration testing, DoS on VoIP and IMS Services

14. Fight against criminality on Internet, CERT/CSIRT teams, project INDECT (EU FP 7), CALEA and law framework in EU and information on exam

Exercises
Introduction into course, history and future of cryptography. W1
Network scanning using Nmap and vulnerability tests with Nessus – remote security scanner. W3
Security in 802.11 networks, NetStumbler and Kismet + Essay assignment. W8
Advanced computational methods (CUDA) used in cryptography. W9
Presentation of the essay, work on the project - 5 points. W13
Presentation of the project – 15 points. W14

Labs
Introduction into Juniper security solutions, GNS3 and introduction into JUNOS configuration. W2
Introduction into OpenSSL library, generating a certification authority, public and private keys, signing certificates. W4
Implementation of OpenVPN, design of the network topology. W5
Configuration of the VPN using Juniper emulation in GNS3. W6
VPN tunnel using OpenVPN - 5 points. W7
Introduction into IDS and IPS open-source systems – Snort, Suricata +project assignment. W10
Security rules configuration using Juniper emulation in GNS3. W11
Configuration of the working IDS with Juniper or SNORT, Suricata - 5 points. W12
Recommended or Required Reading
Required Reading:
SISALEM,D.,FLOROIU,J. SIP Security. New Jersey: JWS, Inc. 350p. 2009. ISBN: 978-0-470-51636-2
COLLIER,M.,ENDLER,D. Hacking VoIP exposed. New York: McGraww-Hill, 539p. 2007. ISBN 978-0-07-226364-0
RANSOME,J.,RITTINGHOUSE,J. VoIP Security. Oxford: Elsevier, 402p. 2005. ISBN 1-55558-332-6.
SISALEM,D.,FLOROIU,J. SIP Security. New Jersey: JWS, Inc. 350p. 2009. ISBN: 978-0-470-51636-2
COLLIER,M.,ENDLER,D. Hacking VoIP exposed. New York: McGraww-Hill, 539p. 2007. ISBN 978-0-07-226364-0
RANSOME,J.,RITTINGHOUSE,J. VoIP Security. Oxford: Elsevier, 402p. 2005. ISBN 1-55558-332-6.
LEVICKÝ,D. Kryptografia v informačnej bezpečnosti. Košice: Elfa, 266s. 2005. ISBN:80-8086-022-X

Recommended Reading:
PORTER,T. Practical VoIP Security. Rockland: Syngress Publishing, Inc., 563p. 2006. ISBN 1-59749-060-1
WALLINFORD,T. VoIP Hacks. OReilly Media,Inc., 306p. 2006. ISBN 0-596-10133-3.
FEILNER,M. OpenVPN. Birmingham: Packt Publishing,Ltd., 258p. 2006. ISBN 1-904811-85-X
KONHEIM,A. Computer Security and cryptography. New Jersey: JWS, Inc. 521p. 2007. ISBN: 978-0-471-94783-7
PORTER,T. Practical VoIP Security. Rockland: Syngress Publishing, Inc., 563p. 2006. ISBN 1-59749-060-1
WALLINFORD,T. VoIP Hacks. OReilly Media,Inc., 306p. 2006. ISBN 0-596-10133-3.
FEILNER,M. OpenVPN. Birmingham: Packt Publishing,Ltd., 258p. 2006. ISBN 1-904811-85-X
PŘIBYL, J.,KODL, J. Ochrana dat v informatice. Praha: ČVUT v Praze, 299. 1997. ISBN 80-01-01664-1
KONHEIM,A. Computer Security and cryptography. New Jersey: JWS, Inc. 521p. 2007. ISBN: 978-0-471-94783-7
PŘIBYL, J. Informační bezpečnost a utajování zpráv.Praha: ČVUT, 2004. ISBN: 80-01-02863-1
Planned learning activities and teaching methods
Lectures, Tutorials, Experimental work in labs, Project work
Assesment methods and criteria
Tasks are not Defined