Overview of computer networks and network security
Application layer – Overview of HTTP, FTP, SMTP and DNS and socket programming.
Transport layer – Introduction, objectives, unreliable data transfer and UDP, general principles of reliable data transfer, TCP: Overview, reliable data transfer, flow control, congestion control.
Network layer – Addressing schemes (IPv4 and IPv6), Forwarding and routing in Internet, Routing algorithms, Routing protocols in Internet (OSPF, RIP and BGP)
Link layer – Introduction and services, Link layer addressing, Multiple Access Protocols, Ethernet, ARP
Weaknesses, vulnerabilities and attacks against above protocols – hijacking, spoofing and DoS attacks. Attacks using above protocols: simple, amplified and distributed DoS attacks.
OSI Security Architecture, security attacks, security services, CIA Triad, Encryption and message confidentiality, symmetric and asymmetric encryption, Message authentication and public key cryptography
Application layer security – Goals, cryptography primitives and principles, TLS – Objectives, protocol, working and features, PGP: Overview, objective, working, features and limitations. Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems. Attacks against transport layer protocols: UDP flooding, TCP spoofing, TCP connection hijacking, TCP SYN flood. BGP security, ICMP, NAT, IPSec – Introduction, Tunnel and Transfer Modes, IPSec Authentication Header, Encapsulating Security Header and Payload, IPSec Key Exchange and VPNs.
Attacks against and vulnerabilities in ARP.
Future directions – Introduction to Cloud Security , Web Security , routing security, wireless security