NETWORK SECURITY

The course explores the security aspects of the most used network protocols, with attention to the link, network and transport layers of the ISO/OSI stack.
These topics are essential for a career in the ICT sector, because networks are pervasive tools that impact any application, in terms of performance, security and data privacy.
It is therefore essential to possess knowledge and skills in this sector both for those who want to pursue a career in security analysis and for those who will work at higher levels of the protocol stack, but must still be aware of the problems that lower levels introduce.
The vulnerabilities that the protocols possess, and any countermeasures will be analysed. The course takes place with a hands-on approach, trying to reproduce known vulnerabilities in virtualized environments.

At the end of the course the student will be acknowledged on:
- known vulnerabilities in network protocols
- possible countermeasures
- some key tools to implement security services on networks

He will also have acquired the necessary skills to:
- avoid configuration errors in the management of communication networks
- perform security tests to check for network-level vulnerabilities
- configure some basic security services.

A basic knowledge of:
- programming (imperative programming in C or Python and scripting)
- computer networks: TCP/IP stack, ARP/DNS/IP/TCP protocol
- cryptography: hash functions, symmetric and public/private key encryption

The topics of the course will be the following ones (note, the program is not hardcoded, it can be changed based on the interests of the students and on the availability of new information):

Attacks:
- Layer II and III: ARP spoofing, IP packets sniffing and spoofing
- Layer IV: attacks to TCP, SYN Floods, TCP reset and session hijacking.
- DNS attacks: birthday attack.
- Attacks to the Internet Routing

Countermeasures:
- Firewalls: introduction to IPTables/Netfilter
- Virtual Private Networks
- The Tor protocol
- Setting up a Layer II authentication: EAP + RADIUS + 802.1X. The case of wireless authentication.

Bonus topics (if time allows):
- Network robustness metrics from graph theory

Compared to the Security course of the three-year degree, the course deals with completely separate topics, relating to the lowest layers of the protocol stack.

The course is based on material provided by the professor ant on the book:
Wenliang Du, Internet Security: A Hands-on Approach 3rd Edition (ISBN: 978-17330039-6-4)

The course can be passed in two ways:
- a written exam + an oral presentation by a single student of a scientific paper or technical document describing security techniques.
- a written exam + a project. The project will be carried out by the students and will be the subject of a presentation by the group of students.

The essay contains closed-ended questions and open-ended questions. The first ones will verify the student's knowledge about protocols and security mechanisms (15% of the vote), the open questions will pose broader problems and verify the student's ability to interpret complex network and interaction contexts between the various protocols involved in an exchange of information (30% of the vote).
The remaining 50% of the vote can be passed with a group project that will evaluate the students' ability to put some of the acquired skills into practice, or a presentation of a technical and scientific article, which will evaluate the ability to interpret complex technical specifications, and elements of innovation.

Participation in laboratory lessons can guarantee bonus points (10%) through the delivery of periodic reports.

Frontal lessons and lab lessons. The course has a strong hands-on component in which the students use virtualized environments to reproduce the vulnerabilities.

English

oral