Network Security 2014-2015
EDA491 / DIT071
2015-09-14 Inspection of re-exam: Wednesday
Sept 16, 11:30 - 12:00 in room EDIT 4128
you cannot make it this
time, you can visit
the student office at the department,
room 4482 Mon-Thu during semesters.
Your exams are
stored there for at least one year.
you have any questions, leave the exam there
(don't take it
send me an email with your question and we will look at it.
Inspection of exams: Friday
June 26 at 11:30-12:00 in room EDIT 5128.
2015-05-26 NOTE: Unfortunately Jonas Abrahamsson has
problems to come and give the guest lecture today.
I will therefore
give the final lecture scheduled for Thursday today as well.
exact same lecture is given on Thursday as scheduled.
2015-05-07 To compensate for computer problems
in the lab last Tuesday, we have added Tuesday week 7 to
the lab schedule.
Book it only if needed, it is the last opportunity to finish the labs this
sure you are well prepared for the SSL lab
. Then it will take 4
hours, else... !
2015-03-31 Lab bookings can be done by editing a shared
document, see lab section below
2015-02-10 Pages updated for study year 2014-2015
Tomas Olovsson - tomas.olovsson @ chalmers... (teacher, course
Aljoscha Lautenbach - aljoscha @ chalmers... (lab assistant, main
contact for lab-related issues
Behrooz Sangchoolie - lab assistant
Johannes Weschke - lab assistant
This course is part of a security
offered by the department which consists of four
Computer security, Network security,
Language-based security and Cryptography
We begin the course by looking at weaknesses that have plagued networked
systems for years. We then continue with countermeasures like firewalls
and security protocols such as SSL, SSH and IPsec and investigate in
detail what makes them secure. The course also gives a survey of
cryptographic tools and explains how they can be utilized in protocols and
applications, for example how to provide secure user authentication over a
Knowledge about possible threats and countermeasures is important not only
for the network security specialist but also for application programmers
and everyone else who wants to understand what level of security a system
and an application can offer. By knowing the problems, future systems can
be designed to be much more secure and reliable than today.
This course covers the underlying principles and techniques for network
and communication security. Practical examples of security problems and
principles for countermeasures are given. The course also surveys
cryptographic and other tools used to provide security and reviews how
these tools are utilized in protocols and applications.
for this course are good knowledge of
communication principles and protocols
(TCP, IP, ICMP, ARP, etc.).
You must have taken at least one communications course before this
course. We also recommend that you have taken the course Computer Security
which shows how to think regarding security and discusses security issues
in a wider perspective. Other relevant courses are Computer Networks and
Cryptography which will make some topics easier to understand.
The course consists of a series of lectures
. The laborative exercises focus on network scanning,
building firewalls, configuration of an intrusion detection system (IDS)
and practical work with analyzing the SSL protocol. The course ends with a
written exam. To pass the course, the exam must be passed and all
laborative exercises must be completed.
The course consists of the following material:
- Text book including web chapters (see lecture plan for details)
- Mandatory reading material listed below
- Material presented at lectures such as slides
- Reading related to the lab work
Stallings: Cryptography and Network Security, Sixth
. ISBN 978-0-273-79335-9. This
book is shared with the Cryptography course
. The book will
be followed to a fairly large extent during the lectures, but additional
material will be used for some lectures, see below.
If you have the previous edition of the book (ed. 5), it is still very
usable but chapter 16 about Network access control and Cloud security does
The book has a companion
with student resources and useful links if you want to know
more about a subject. There is also an errata
for the book that you may want to check.The book also has
that are used in the course. You need the code
printed in your book to access them.
It is also possible to use the book Network
, also by William Stallings. It contains
almost the same chapters except for the cryptography part which is
omitted. Although thinner, the price is almost the same as the
ordinary course book.
The course book lacks information about certain topics. The following
papers are therefore an integral part of the course and will be part of
the exam. Some links go to research papers published
by IEEE and ACM and can only be downloaded from the Chalmers
network. These papers describe interesting and important security
aspects and will also introduce you to research papers in the area, and
reading such papers will be important for you in your future career. Please
not that the list will be updated during the course. Information
about future, upcoming, lectures is preliminary and may change.
2: Authentication: Joshua Hill, Bugtraq mailing list, 12
An Analysis of the RADIUS Authentication Protocol (ignore 4.2
about protocol improvements). Read it to see how a protocol is
analyzed - the methodology is what we can learn from! Radius is also
an important protocol and is widely used.
assessment of the IP protocol, RFC 6274, which is created from
a paper published by Centre of Protection of National
Infrastructure CPNI in the U.K (a slightly older original with nicer
formatting is available here).
It is the general understanding that is important and what types of
vulnerabilities there are, not the exact details about number of
can skip chapter 3.13 (options), 3.14 (DiffServ) and 3.15 (ECN) -
last two are only available in the CPNI PDF document.
assessment of the TCP Protocol from CPNI and now an
Internet draft (work in progress). The original with nicer
formatting can be downloaded from here
(read only chapter 5 to 8, 12 and 14).
router security solutions, tips and tricks. A nice page
explaining what security we can expect to get from using a NAT
router/gateway as a firewall.
10: WLAN: Bittau, Handley, Lackey: The
final nail in WEP's coffin (good overview of WEP insecurity
and how to analyze a protocol). Only accessible from the Chalmers
16: Kiravuo, et.al: A
Survey of Ethernet LAN Security, IEEE Communication Surveys
& Tutorials, Vol 15, No. 3, 2013.
finally, an interesting report from Symantec summarizing many
of the security problems we have seen in this course: A
security analysis of Windows Vista's network implementation.
Read page 1-11, 16-22, 24-25 and page 28. This paper is a good test
that you have understood many of the topics discussed in the
reading - if you want to know more about a topic
The reading list below provides more information about some topics for the
interested. You don't need to study it for the exam. Some papers may
explain things presented at lectures in a different way, something
that may be useful for your understanding. And some other topics are just
additional reading for the interested. If you find other relevant
papers you would like to share, please let me know and I will consider
them for inclusion!
- From Stanford
magazine Nov 7, 2014: About the politics surrounding
cryptography research. Describes the problems Standford researchers
Diffie and Hellman had when releasing their original work.
- Nigel Smart at University of Bristol has published a free
about cryptography and the latest edition can be
downloaded freely. It covers all from historical to current ciphers
Scanning and tools:
- ICMP attacks against TCP: RFC
5297 discusses security in ICMP and how it can affect
protocols such as TCP.
Link-level security, DNSsec, etc.:
Jockum Svanberg jockum.svanberg AT
MPCSN: Shoga Zerihun
shogaz AT student....
MPCSN: Marvin Ngoma
ngoma AT student....
GU: Akram Beygi
gusbeyak AT student....
MPCOM: Tore Stenbock
stenbock AT student....
The examination will be in English and, as always, you have to register
for the exam. The grades are 3, 4, and 5 (for GU G, VG) and based on the
exam. In addition, all laboratory work including the written report must
also be passed. No material is allowed at the exam except for an English
dictionary in paper form (no electronic aids).
Examination dates are:
- June 1, 2015 08:30-12:30
- Aug 28, 2015 14:00-18:00
- April 4, 2016 14:00-18:00