440-4113/02 – Security in Communications (BvK)
Gurantor department | Department of Telecommunications | Credits | 4 |
Subject guarantor | prof. Ing. Miroslav Vozňák, Ph.D. | Subject version guarantor | prof. Ing. Miroslav Vozňák, Ph.D. |
Study level | undergraduate or graduate | Requirement | Choice-compulsory |
Year | 1 | Semester | summer |
| | Study language | English |
Year of introduction | 2015/2016 | Year of cancellation | 2023/2024 |
Intended for the faculties | FEI | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
Understand the security risks and measures in ecommunication technologies and can apply the individual solutions.
Learning outcomes are set so that the students are able to identify and apply to tasks related to the security in communications.
Teaching methods
Lectures
Tutorials
Experimental work in labs
Project work
Summary
This course provides an explanation of security mechanisms of communication in computer networks, solutions of communication in IMS systems, networks with VoIP technology and mobile networks. Students will acquire practical skills and they will be able to design and implement the particular security measures in open-source environment such as Nessus, openSSL, openVPN, IPtables, SNORT, etc.
Compulsory literature:
Recommended literature:
Additional study materials
Way of continuous check of knowledge in the course of semester
Every student has possibility to obtain max. 30 points during semester involving:
• solution of project 15 points,
• presentation of the essay 5 points,
• laboratory practice, 2x5 points.
E-learning
http://kat440.vsb.cz/
Other requirements
No additional requirements are placed on the student.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
1. Introduction to security, network security, scheme for network attack, classification and techniques of attacks.
2. Networks security elements - Juniper, Junos system, emulation of networks elements, system GNS3
3. PKI - Public-Key Infrastructure, Symetric, Asymetric encryption, Hash function, Diffie-Helmann, X.509
4. Secure Sockets Layer, setting up SSL connection, Open SSL library and the using OpenSSL.
5. Security on transport layer and authentication protocol SSH, SSH tunels. Authentication in nettwork, Kerberos system.
6. Secuirty on network layer - IPsec (AH,ESP,IKE, ISAKMP) a transport layer (TLS, WTLS, DTLS)
7. Network security in VSB, national security teams CSIRT and CERT, cyber criminality
8. Security of wireless networks - WiFi, GSM, Bluetooth, Zigbee, UMTS
9. Advances computational methods in cryptography based on GPU and their impact on current used security meaures in communications
10. Firewall - basic classification, methods of filtering on network and transport layers, state inspections and pracitcal solutions with IPtables. Introduction into IPS/IDS
11. Snort - possibility of application in network, components, rules IPS with SnortSam
12. Security in IPtelephony - H.323 and SIp signalling, media security SRTP and ZRTP. Spam in IP telephony and measures of defense
13. Well-known attacks in IPtelephony, penetration testing, DoS on VoIP and IMS Services
14. Fight against criminality on Internet, CERT/CSIRT teams, project INDECT (EU FP 7), CALEA and law framework in EU and information on exam
Exercises
Introduction into course, history and future of cryptography. W1
Network scanning using Nmap and vulnerability tests with Nessus – remote security scanner. W3
Security in 802.11 networks, NetStumbler and Kismet + Essay assignment. W8
Advanced computational methods (CUDA) used in cryptography. W9
Presentation of the essay, work on the project - 5 points. W13
Presentation of the project – 15 points. W14
Labs
Introduction into Juniper security solutions, GNS3 and introduction into JUNOS configuration. W2
Introduction into OpenSSL library, generating a certification authority, public and private keys, signing certificates. W4
Implementation of OpenVPN, design of the network topology. W5
Configuration of the VPN using Juniper emulation in GNS3. W6
VPN tunnel using OpenVPN - 5 points. W7
Introduction into IDS and IPS open-source systems – Snort, Suricata +project assignment. W10
Security rules configuration using Juniper emulation in GNS3. W11
Configuration of the working IDS with Juniper or SNORT, Suricata - 5 points. W12
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction