Course F21CN: Computer Network Security
This page collects material for my part of the course F21CN Computer Network Security. This course is delivered by Hans-Wolfgang Loidl and Hamish Taylor.
Purpose and Learning Objectives
The purpose of Course F21CN Computer Network Security is to provide a solid understanding of the main issues related to security in modern networked computer systems. This covers underlying concepts and foundations of computer security, basic knowledge about security-relevant decisions in designing IT infrastructures, techniques to secure complex systems and practical skills in managing a range of systems, from personal laptop to large-scale infrastructures. The course structure is designed to provide solid foundations in the first half of the course, and discuss concrete application scenarios in the second half.
Learning Objectives:
- Extensive, detailed and critical understanding of the concepts, issues, principles and theories of computer network security
- Detailed and practical understanding of formalisms for specifying security related properties and validating them using model checking
- Critical theoretical and detailed practical knowledge of a range of computer network security technologies as well as network security tools and services
- Practical experience of analysing, designing, implementing and validating solutions to computer network security challenges using common network security tools and formal methods.
Skills imparted:
- Understand the concepts and foundations of computer security, and identify vulnerabilities of IT systems.
- Use basic security tools to enhance system security.
- Develop basic security enhancements in stand-alone applications.
Pre-requisites:
- Basic knowledge of computer networking,
- Foundational knowledge of formal methods,
- Basic Linux and shell usage,
- Solid Java programming skills.
Course Structure
- 2 lectures per week
- Mon 12:15, HN LT2 (Hugh Nisbet Building)
- Tue 9:15, EM 1.83 (Earl Mountbatten Building)
- 1 lab per week
Below is the planned structure of the course, subject to changes. Check the News section on the right hand side and the Vision pages about any changes.
- Week 1: Overview of the course and security in general. Computer Security Landscape. (HWL)
- Week 2: Cryptography overview and concepts. Cryptography. (HWL)
- Week 3: Cryptography. (HWL)
- Week 4: Network security concepts & models. Computer Networks: Sockets & Services (HT)
- Week 5: Firewalls, VPNs, IDSs, malware scanners. (HT)
- Week 6: Ciphers & Digests; Certificates & Signatures; SSL (HT)
- Week 7: PGP Public Keys; PGP Applications (HT)
- Week 8: RMI I & RMI II (HT)
- Week 9: Firewalls & network security (HT)
- Week 10: Operating & distributed system security (HWL)
- Week 11: Proof carrying code (HWL)
- Week 12: Revisions (HWL,HT)
Assessment consist of two parts
- 60% Coursework, consisting of 2 pieces:
- 1. Cryptography Planned deadline: 10th October (Week 5)
- 2. Certificates for network security Planned deadline: 14th November (Week 10)
- 40% Exam:
- 2 hours, written exam
- topics from across the course
- during exam period: 15-22th December
- Re-assessment is possible in summer (exam)
Learning Material
Slides for the lectures up to now (see also the Learning Material section on Vision):
- Week 1: Overview (4up), Computer Security Landscape (4up)
- Week 2: Cryptography Overview (4up)
- Week 3: Cryptography (4up)
- Week 4-9: Network Security (Hamish Taylor)
- Week 10: Operating System Security (4up).
- Week 11: Proof-Carrying-Code (4up).
- Week 12: Revision
Coursework
Coursework 1 will be handed out in Week 3, with a submission deadline around Week 5.
See also: Coursework 1 Resources, Coursework 1 Marking Scheme
Related Courses and Acknowledgements
The coursework will be based on the lab exercises from the SEED project: The SEED project.
There are several excellent courses in this area online. In particular, we'd like to thank David Aspinall for granting us access to his teaching material. His course page also contains a detailed reading list.
Reading List
The material presented in the lectures is largely self-contained. However, to deepen your understanding you are encouraged to look up the following textbooks and papers. The main resources for this course are:
See also this Course's section on Blackwell's /www.readinglists.co.uk site.
- Michael T. Goodrich and Roberto Tamassia, Introduction to Computer Security, Addison Wesley, 2011. ISBN: 0-32-151294-4
- Handbook of Applied Cryptography, by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, ISBN: 0-8493-8523-7 October 1996.
- Bruce Schneier, Applied Cryptography, John Wiley & Sons, 1996. ISBN 0-471-12845-7. On-line version.
- William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, 4th edition, 2010. ISBN 0-13-610805-9.
General Computer Security
- Michael T. Goodrich and Roberto Tamassia,
Introduction to Computer Security,
Addison Wesley, 2011. ISBN: 0-32-151294-4
Good general, up-to-date introduction to the entire range of computer security, with very useful practicals from the SEED project.
- Dieter Gollmann,
Computer Security,
John Wiley & Sons, 3rd edition, 2010.
Well-established textbook with general coverage of computer security.
- Matt Bishop,
Computer Security: art and science,
Addison Wesley, 2003.
Good general coverage of computer security.
Computer Network Security:
- William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, 4th edition, 2010. ISBN 0-13-610805-9.
- Joseph Migga Kizza,
A Guide to Computer Network Security,
Springer 2009. ISBN 978-1-84800-916-5.
Good coverage across the field of network security, with detailed coverage of network protocols, certificates etc.
Cryptography:
- Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone,
Handbook of Applied Cryptography,
CRC Press, 2001. ISBN 0-8493-8523-7
The bible/koran of cryptography, with detailed coverage of foundations, mathematical background, and efficient implementation of cryptographic algorithms. Fully available online.
- Bruce Schneier,
Applied Cryptography,
John Wiley \& Sons, 1996. ISBN 0-471-12845-7.
On-line version.
Cryptography from a more practical, programming side, including source code etc. Fully available online
-
Nigel Smart,
Cryptography: An Introduction,
On-line version
General introduction to security, fully available online, but a bit dated.
- William Stallings, Cyptography and Network Security, Pearson, 3rd edition, 2003. ISBN 0-13-111502-2
Security Mangement:
- Edward Skoudis, Tom Liston,
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses
Prentice Hall, 2nd edition, 2006. ISBN 0131481045.
A useful practical handbook for system administrators and a resource for securing your own systems.
- Mark Burgess,
Principles of Network and System Administration,
John Wiley \& Sons Ltd, 2nd Edition, 2004. ISBN 978-0-470-86807-2.
Network security from a sysadmin point of view, with practical guidelines.
- Limoncelli, Hogan and Chalup,
The Practice of System and Network Administration
Addison Wesley, 2nd Edition, 2007. ISBN 978-0-321-49266-1.
Handbook for system management from a business management point of view. Detailed coverage of good practice guidelines, not very detailed in the underlying techniques or foundations.
Security Engineering
-
Ross Anderson,
Security Engineering,
John Wiley \& Sons Ltd, 2001.
On-line version
Security from an engineering and system building point of view, focusing on how to build secure systems in-the-large. An old edition of this book is fully available online.
- A Guide to Building Secure Web Applications,
On-line book
Security engineering specifically for web applications.
Recent Devleopments in Computer Network Security
The following articles cover recent topics on Network security:
- Key Reinstallation Attacks, October 2017
- The Department of Homeland Security (DHS) strongly supports the proposed Federal Source Code Policy. (Apr 18, 2016) on publishing in-house software as OpenSource
- The great SIM Heist, The Intercept (Feb 19, 2015) on a reported attack to SIM encryption
- Hacienda (also: Heise Article) a programme of whole-country port-scanning attacks (Aug 2014); see also TCP stealth as a protection mechanism against port-scanning attacks
- Guardian article: GCHQ captured emails of journalists from top international media (Jan 19, 2015)
- Top 25 Most Dangerous Software Errors (Mitre)
- Quantum insert explained (German; check out the links, eg on Bruce Schneier's blog) (Oct 2013)
- Newspaper article on "Quantum Insert" attack
- Related to secure coding: "Cambridge University Study States Software Bugs Cost Economy $312 Billion Per Year" (Jan, 2013)
- You may also want to check Chapter 13 of "Sun Tzu's Art of War".
See also Hamish's lecture notes in particular the lecture on PGP public keys with a link to this article on NSA surveillance.
Copyright
Except where stated otherwise, all teaching material, including lecture notes, tutorials and lab exercises, are Copyright (C) Heriot-Watt University, and respective authors. Please respect our rights over this material and contact us if you want to use it in another context.