Advanced Network Security 2018
This is the main web site for the Advanced Network Security (NWI-IMC050) of the TRU/e security master.
For information about last year's (2017) course, see here.
The Advanced Network Security course builds on the bachelor course on Network Security. Where the bachelor course is quite hands on, this master course is of a more theoretical nature. Moreover, instead of focusing on the traditional objectives of confidentiality, integrity and authenticity, the master course shows how to deal with faults to increase availability, and how to build privacy friendly network services. Finally, we study some proposals for future internet architectures to overcome the security problems found in the current Internet.
The course code is NWI-IMC050.
Starting this year Joeri de Ruiter is de second teacher for the course, teaching half of the lectures. The course content will therefore be different.
ExamFor those students that failed to pass the course last year, we offer the possibility to take one final exam (at the first sitting right after the course on July 2, 2018) for the old course content. Just register for the exam for this course and be present in the assigned examination room. The exam sheet will contain both versions of the exam, from which you can choose. Example exams (for the old content of the course!) some example exercises to prepare for the exam.
GoalsAfter the course the student will
- have knowledge of and understand some key advanced network security technologies, and their main advantaged, disadvantages, and consequences when applying them in practice,
- understand in particular how privacy and availability can be increased when designing networks and networking services,
- have a basic understanding of algorithmics: the theory and practice of modeling and designing (distributed) algorithms, and how to prove them correct.
TopicsThe course covers the following topics.
- A selection of fault-tolerant distributed algorithms (from byzantine agreement to self-stabilisation) as an alternative approach to availability.
- (to be extended)
Schedule (spring 2018)Lectures take place from 13:30 to 15:30 in room HG00.062 (from 16-4 in HG00.622). Lectures start at 13:45. Slides of presentations that are available are linked from here. The links are released after the lecture.
Below you find a (tentative) schedule of the course.
|Date||Topic||Literature||Assignments and solutions|
|February 5||Introduction to distributed algorithms : slides / notes||Papers:|
- L. Lamport, "Time, Clocks, and the Ordering of Events in a Distributed System." Communications of the Association for Computing Machinery 21, no. 7 (July 1978): 558-565. (upto the section called "Physical clocks")
|February 12||(no lecture)|
|February 19||'Prevention' and 'Intrusion detection systems and netflows'.||Papers:|
- Rick Hofstede, Pavel Čeleda, Brian Trammell, Idilio Drago, Ramin Sadre, Anna Sperotto, Aiko Pras, "Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX", IEEE Communications Surveys & Tutorials (Volume: 16, Issue: 4, Fourthquarter 2014).
|February 26||Wifi security||Papers:|
- M. Vanhoef and F. Piessens, "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2"
- Sheharbano Khattak, Naurin Rasheed Ramay, Kamran Riaz Khan, Affan A. Syed, and Syed Ali Khayam: "A Taxonomy of Botnet Behavior, Detection, and Defense"
|March 12||Economics of Network Security||Papers:|
- Ross Anderson: Why information security is hard - an economic perspective Proceedings 17th Annual Computer Security Applications Conference (ACSAC), 2001
- Cormac Herley: So long, and no thanks for the externalities: the rational rejection of security advice by users Proceedings of the 2009 workshop on New security paradigms workshop (NSPW), 2009
|March 19||Distributed Algorithms: Leader Election: slides||Papers:|
- G.L. Peterson, "An O(n log n) unidirectional algorithm for the circular extrema problem". ACM TOPLAS 4 (1982), 758–762.
|March 26||Distributed Algorithms: Mutual Exclusion: slides / notes||Papers:|
- L. Lamport, "A new solution of Dijkstra’s concurrent programming problem." Commun. ACM 18, 8 (1974), 453–455.
|April 2||(no lecture)w|
|April 9||(no lecture)|
|April 16||(no lecture)|
|April 23||Agreement and consensus I: concepts and protocols for crash failures: slides / notes||Papers:|
- M. Pease, R. Shostak, L. Lamport. "Reaching Agreement in the Presence of Faults" (PDF). Journal of the ACM. 27 (2): 228–234, April 1980.
|April 30||(no lecture)|
|May 7||Mobile telephony: slides||Papers:|
Chapters 2 and 3 of "Mobile communicaton security", Fabian van den Broek, PhD thesis, 2016
|May 14||Agreement and consensus II: handling Byzantine failures: slides / notes||Papers:|
- L. Lamport, R. Shostak, M. Pease, "The Byzantine Generals Problem", ACM TOPLAS 4(3), pp. 382-401, July 1982.
|May 21||(no lecture)|
|May 28||BGP: slides||Papers:|
The SCION Internet Architecture - An Internet Architecture for the 21st Century David Barrera, Laurent Chuat, Adrian Perrig, Raphael M. Reischuk, Pawel Szalachowski Communications of the ACM 60 (6), June 2017
|June 4||Self-Stabilisation: slides / notes||Papers:|
- E.W. Dijkstra, "Self-Stabilizing Systems in Spite of Distributed Control." Communications of the Association for Computing Machinery 17, no. 11 (November 1974): 643-644.
|June 11||(no lecture)|
|June 18||Review of exercises, discussing the exam, Q&A.|
ExamsExams for 2018 are scheduled as follows:
- Exam: Monday July 2, 2018, 12:30-15:30, HG 00.307 (answers). Inspection of the exams is possible on Tuesday July 10, from 14:00-15:00 in Jaap-Henk's office, Room 3.01, Mercator I.
- Resit: August 20, 2018, 12:30-15:30, HG 00.308
Additional informationThe course will consist of traditional lectures, supplemented with take home exercises. There is a final written exam.
Last Version -
(Note: changeover from CVS to dotless svn version numbers on Jan 19, 2008, and changeover to GIT versioning on May 30, 2013.)
Maintained by Jaap-Henk Hoepman