Network security

CL-NWS
2 nap
140 000 Ft + ÁFA
tanfolyamkezdési időpontok:
Jelentkezem!
oktatók:

A tanfolyam célja

Since all applications today heavily rely on communication and networks, there is no application security without network security.

This course focuses on network security with a software security viewpoint, and discusses common network attacks and defenses on different OSI layers, with an emphasis on application layer issues, tackling topics like session management or denial of service.

As cryptography is a critical aspect of network security, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical and theoretical background, these elements are discussed from a merely practical, engineering perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many different areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.

Finally, typical crypto vulnerabilities are discussed – both related to certain crypto algorithms and cryptographic protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE and similar, as well as the RSA timing attack. In each case, the practical considerations and potential consequences are described for each problem, again, without going into deep mathematical details.

  •     Understand basic concepts of security, IT security and secure coding
  •     Learn about network attacks and defenses at different OSI layers
  •     Have a practical understanding of cryptography
  •     Understand essential security protocols
  •     Understand some recent attacks against cryptosystems
  •     Get information about some recent related vulnerabilities
  •     Get sources and further readings on secure coding practices

Tematika

  •     IT security and secure coding
  •     Network security
  •     Practical cryptography
  •     Security protocols
  •     Cryptographic vulnerabilities
  •     Knowledge sources

1. IT security and secure coding

  •         Nature of security
  •         What is risk?
  •         IT security vs. secure coding
  •         From vulnerabilities to botnets and cybercrime
    •             Nature of security flaws
    •             Reasons of difficulty
    •             From an infected computer to targeted attacks

    Network security

  •         Overview
    •             The TCP/IP stack
  •         Data Link layer
    •             Sniffing attacks
    •                 What is a sniffer?
    •                 A revision on hubs and switches
    •                 MAC flooding
  •             Spoofing
    •                 Spoofing attacks
    •                 Address Resolution Protocol (ARP)
    •                 ARP spoofing
    •                 Dynamic Host Configuration Protocol (DHCP)
    •                 DHCP starvation
  •             Man-in-the-Middle
    •                 Man-in-the-Middle
    •                 Man-in-the-Middle with ARP poisoning
    •                 Rogue DHCP server
  •             Attacks against VLANs
    •                 VLANs, Native VLANs, DTP
    •                 VLAN hopping, Switch spoofing
    •                 Double tagging
    •             Data Link layer protections
    •                 Segmentation
    •                 Detecting sniffing tools
    •                 VLAN security
    •                 Port Security
    •                 DHCP snooping
    •                 Dynamic ARP Inspection (DAI)
    •                 Private VLANs
  •         Network layer
    •             IP address spoofing
    •             Maximum Transmission Unit
    •             Fragmentation attack
    •             ICMP attacks
    •                 Internet Control Message Protocol (ICMP)
    •                 Smurf attack
    •                 Ping of death
    •                 Route hijacking
    •             Network layer protections
    •                 Ingress filtering, Egress filtering
    •                 IP Source Guard
    •                 Firewalls
    •                 Packet filtering firewalls
    •                 Intrusion Detection/Prevention Systems
  •         Transport layer
    •             Transmission Control Protocol (TCP)
      •                 Transmission Control Protocol
      •                 SYN flood
      •                 TCP session hijacking
  •             User Datagram Protocol (UDP)
    •                 User Datagram Protocol
    •                 UDP flooding
  •             Routing protocols
    •                 Routing protocols
  •             Fingerprinting and service detection
    •                 Nmap
    •                 Exercise – using Nmap
    •                 connect() scan
    •                 SYN scan
    •                 FIN scan
    •                 X-mas scan
  •             Transport layer protection
    •                 SYN proxy
    •                 SYN cookies
    •                 Stateful firewalls
    •                 Routing protocol security
  •         Application layer
    •             Domain Name System
    •             DNS Spoofing
    •             Session attacks
      •                 Session handling threats
      •                 Session handling best practices
      •                 Setting cookie attributes – best practices
  •             Denial of services attacks
    •                 DoS introduction
    •                 Asymmetric DoS
    •                 SSL/TLS renegotiation DoS
    •                 Economic Denial of Sustainability (EDoS)
  •             Hashtable collision attack
    •                 Using hashtables to store inputs
    •                 Hashtable collision
  •             Application layer protections
    •                 Application-level firewalls
    •                 Application layer security solutions
    •                 Secure protocols

2. Practical cryptography

  •             Cryptosystems
    •                 Elements of a cryptosystem
  •             Symmetric-key cryptography
    •                 Providing confidentiality with symmetric cryptography
    •                 Symmetric encryption algorithms
    •                 Block ciphers – modes of operation
  •             Other cryptographic algorithms
    •                 Hash or message digest
    •                 Hash algorithms
    •                 SHAttered
    •                 Message Authentication Code (MAC)
    •                 Providing integrity and authenticity with a symmetric key
    •                 Random numbers and cryptography
    •                 Cryptographically-strong PRNGs
    •                 Hardware-based TRNGs
  •             Asymmetric (public-key) cryptography
    •                 Providing confidentiality with public-key encryption
    •                 Rule of thumb – possession of private key
    •                 The RSA algorithm
      •                     Introduction to RSA algorithm
      •                     Encrypting with RSA
      •                     Combining symmetric and asymmetric algorithms
      •                     Digital signing with RSA
  •             Public Key Infrastructure (PKI)
    •                 Man-in-the-Middle (MitM) attack
    •                 Digital certificates against MitM attack
    •                 Certificate Authorities in Public Key Infrastructure
    •                 X.509 digital certificate

        Security protocols

  •             Secure network protocols
  •             Specific vs. general solutions
  •             IPSEC protocol family
    •                 IPSEC standards
    •                 Security Association (SA)
    •                 Message formats
    •                 AH packet structure
    •                 ESP packet structure
    •                 Protected channels
    •                 More complex set-ups
    •                 Traffic control
    •                 SA structure
    •                 Key management
  •             SSL/TLS protocols
    •                 Security services
    •                 SSL/TLS handshake

        Cryptographic vulnerabilities

  •             Protocol-level vulnerabilities
    •                 BEAST
    •                 FREAK
    •                 FREAK – attack against SSL/TLS
    •                 Logjam attack
  •             Padding oracle attacks
    •                 Adaptive chosen-ciphertext attacks
    •                 Padding oracle attack
    •                 CBC decryption
    •                 Padding oracle example
    •                 Lucky Thirteen
    •                 POODLE
  •             RSA timing attack
    •                 Implementation of encoding/decoding in RSA
    •                 Fast exponentiation
    •                 Differences in execution times
    •                 RSA timing attack
    •                 Measurements
    •                 RSA timing attack – principles
    •                 Correlation of total and partial execution times
    •                 RSA timing attack – in practice
    •                 The RSA timing attack algorithm
    •                 Practical exploitation using the RSA timing attack
    •                 Attacking SSL/TLS servers
    •                 Protection against timing attacks
      •                     Hiding: RSA timing attack countermeasures
      •                     Masking: using blind signature
      •                     Real RSA implementations
  •             Implementation problems
    •                 Case study – Heartbleed
      •                     TLS Heartbeat Extension
      •                     Heartbleed – information leakage in OpenSSL
      •                     Heartbleed – fix in v1.0.1g
  •                 Case study - Shellshock
    •                     Shellshock – basics of using functions in bash
    •                     Shellshock – vulnerability in bash
    •                     Exercise - Shellshock
    •                     Shellshock fix and counterattacks
    •                     Exercise – Command override with environment variables

        Knowledge sources

  •             Secure coding sources – a starter kit
  •             Vulnerability databases
  •             Recommended books – cloud security

 

Kinek ajánljuk

Előfeltételek

Network engineering, basic software development

Kapcsolódó tanfolyamok



Ajánlja másoknak is!