Information and System Security

Semestr: Winter

Range: 2P+2C

Completion:

Credits: 6

Programme type:

Study form:

Course language: Czech

Summary:

The goal of the course is to give the students a basic gasp of information/system security problems and solutions. Rather than teaching specific current technologies and vulnerabilities/threats, we will introduce general problems, formalize them if appropriate and illustrate them with a wide range of examples, both with current and legacy technologies. We put emphasis on problems that will be encountered by most programmers and developers through their careers.

Keywords:

security, protocols, network security

Course syllabus:

1. Introduction, Security models, threat models (Anderson, Ch.1)
a. Security properties: confidentiality, integrity, non-repudiation, availability, ?
b. Methods: Authorization, Authentication, ciphering, replication?
c. Attacker/threat models: sophistication, resources, time
d. Assumptions
e. Security by obscurity vs. guaranteed system properties
2. Protocols and Access Control (I) (Anderson, Ch. 3)
a. Importance of protocol, assumptions
b. Why protocols, their properties
c. Attack surface, Attacks on protocols
d. API
3. Cryptography (I) (Anderson, Ch. 5)
a. Ciphering basics and terms - invertibility, key, plaintext, ciphertext...
b. Block/Stream ciphers
c. Vernam
d. DES, AES
e. Cipher modes, practicalities, side-channel attacks
4. Cryptography (II) (Anderson, Ch. 5)
a. Asymmetric cryptography (DH,EG,RSA)
b. Cryptographic hash functions
c. Electronic signatures
d. Certificates
e. WEP failures, A4/A8 failures
5. Protocols and Access Control (II) (Anderson, Ch. ¾, GSM/3GPPS spec,?)
a. Kerberos
b. Protocols for authorization, authentication, integrity, non-repudiation
c. GSM login, UMTS3G login
d. Banking, electronic transactions
6. Protocols and Access Control (III) (Anderson, Ch. 3/4/6)
a. SSL, MITM attacks, phishing
b. Key distribution, key distribution in wireless networks
c. Access control
d. Rights management - satellite broadcasts use-case
7. Multi-Level Security (Anderson, Ch. 8)
a. Bell-La Padua model
b. Technical solutions and implementations
c. Networking in MLS
d. Data pumps
e. SE Linux, security policies, access controls, policies and modifiers?
8. Multi-Lateral Security, Inference Security, Privacy (Anderson, Ch. 9)
a. Census data security
b. Workplace home pairs as a practical example
c. Location based services security
d. Social network mining
9. Steganography, Information hiding, covert channels (TBD)
a. Steganography introduction and motivation
b. Current problems
c. Steganography
d. Steganalysis
10. Economic Considerations (Anderson, Ch.7)
a. Game theory
b. Electronic marketplaces
c. Botnet economic model, e-crime economic models
d. Reputation systems, their strengths, attacks-on, misuse
11. Network Security (I) (Northcutt: Inside Network Perimeter Security)
a. Threat analysis
b. Attacks (vulnerabilities: e.g. buffer overflows, weak passwords,)
c. Transmission vectors,
d. Rootkits, malware
12. Network Security (II)( Northcutt: Network Intrusion Detection: An Analyst's Handbook)
a. Host security
b. Firewalls, network policies, routers, VPN, tunnels
c. Network monitoring, Intrusion detection
13. Monitoring and Attacks on Monitoring (Anderson, Ch.12)
a. Importance of monitoring
b. Monitoring phases: observation, data processing, recognition, decision, feedback action
c. Attacks on sensors
d. Attacks on cognition, misleading, confusion,?
e. Disinformation

Seminar syllabus:

1.Threat models and security analysis [1/2 labs]
2.Cryptography and protocols: [4/5 labs]
a.SSL connection bit-by bit, vulnerabilities, key management, algorithms and other issues
b.Protocols: GSM/3G networks, MITM, API security, access control
3.Multi-level security: SELinux, BLP model, defense in depth [3 labs]
4.Student`s choice [4 labs]:
a.Steganography
b.Network security

Literature:

Ross Anderson, Security Engineering 2nd/1st edition (major part available online), chapter numbers refer to second edition
Northcutt: Inside Network Perimeter Security
Northcutt: Network Intrusion Detection: An Analyst's Handbook

Examiners:

Lecturers:

Instructors: