S-38.153 Security of Communication Protocols

S-38.153 Security of Communication Protocols (2 cr)

Latest News:

7.4.2004: Return exercise report in paper-format. Return laboratory work description in both paper and Microsoft Word format.
1.4.2004: Remember that two different reports are required: an exercise report and a laboratory work description. More information about this available on this page at "Passing the course".
9.3.2004: The subject for the laboratory work description can be chosen freely, but make sure that at least no other group during the same exercise time chooses the same subject.
7.2.2004: the dead-line for all reports is 7.5.2004.
7.2.2004: The requirements for the ordinary laboratory exercises are listed shortly at the end of the "Exercises" page.
7.2.2004: If you are not taking the laboratory exercises, but instead doing a private exercise, see the requirements at the end of the "Exercises" page. Further questions to jmolsa@netlab.hut.fi.
27.1.2004: The laboratory network used by all exercises is documented shortly here.
21.1.2004: All exercise groups and their members can be seen here.

Results:

14.9.2004: The results for the exam on 2.9.2004 are here.
4.5.2004: The results for the exam (and the grades for the whole course) are here.
12.5.2004: The results for the exercises are here.
10.3.2004: The results for the exam on 23.2.2004 are here.
14.1.2004: Results for the exam on 16.12.2003 are here.

Course information, spring 2004

Groups | Lectures | Exercises | Exercise Network | Extra material

Lectures (28 hours):    Jorma Jormakka
                                        Tuesday 10-12 in S2
Exercises (14 hours):   Wednesday 14:15 - 16, Wednesday 16:15 -18
                                         Networking lab's student laboratory at G-wing, second floor
                                         Supervisor for exercises: Massimo Nardone
Language: English

In the first lecture students are divided into groups of 3 students:

1. Each group makes the exercises and produces an exercise report.

2. Each group also prepares a laboratory work description for one laboratory time. This is because we need better laboratory work descriptions to the next year. This is about 10 pages long report.

Passing the course:
To pass the course:

you must pass the exam
your group must have returned the exercise report and it must be accepted. Return the report as a paper version into the locker number 10 in front of the notice board for this course. The exercise report must include a short description of at least seven (7) laboratory exercise tasks (short description of the goals of an exercise task, what was done, tools used, where were the tools/information found from, results etc.). Do not return a separate report after every exercise session, but instead, write a single exercise report, which includes descriptions of every task. More information about the content of the exercise report is given at the end of the exercise page.
your group must have returned a laboratory work description for a one exercise task and it must be accepted. This laboratory work description must be written in english and in enough detail, so that an average student with limited knowledge in network security would be able to finish this exercise task and understand, what was done. The length of this description must be approximately 10 pages. Return it as a paper-version into locker number 10. Return it also as a Microsoft Word document (.doc-format) in electronic format as e-mail to jmolsa@netlab.hut.fi. In addition to Microsoft Word, you can use at least StarOffice and OpenOffice, but be sure to save your document in the correct format. Groups can choose the subject for the laboratory work description basically freely, but make sure, that at least no other group at the same exercise time chooses the same subject. If you cannot contact other groups for a reason or another, your group can in this case choose the subject freely.

Grade of the course:

the exercise report is evaluated accepted/failed
the exam is based on lecture notes and it has 4 questions (each question is 6 points)
the laboratory work description returned by the group is evaluated on the scale 0-6
sum of 2. and 3. is the number of points from the exam and the grade is usually 30-27=5, 26-23=4, 22-19=3,18-15=2,14-1=1,11-0=0 (but sometimes it is 30-28=5, 27-25=4, 24-22=3,21-19=2,18-16=1, 15-0=0 if the exam is too easy).

Literature:
There are many good books. The one I use is D. Atkins et al: Internet Security, Professional Reference, Second edition, New Riders, 1997 you can try to get it but at the moment it is out of print.

Any sufficiently thick book dealing with the matters in the planned content should do. Lecture notes are available through the Web.

After the name of the course was selected and the description in the study program given, the planned character of the course has been modified. Contrary to what stated in the study program the course does not look at cryptological methods, the course is only briefly explaining the terms, which are needed here. Knowledge of basic cryptology is not a requirement for taking this course, however, one should learn this information in some way if one is interested in security issues. One could for instance read B. Schneier's Applied Cryptography for a good overview.

This course deals with practical methods of security attacks and defenses in the Internet. Basic method and tools used to build security are described. Protocols for building security, like IPSEC, PGP, SET etc. are explained in some detail. See the planned content. The course is basically following the mentioned book, except for IPSEC and SET and such things, which are from other books. The lecturer does not possess any real expert knowledge on these issues and the lectures are only as good as they can be, but as security issues are important, we offer this course - it should get better over time. The exercises are connected with our new research on security attacks and being research, have totally unknown quality which mostly depends on the students taking the course. Hopefully they will be interesting.

The exercises consist of dividing the students to a group of attackers and a group of defenders and trying the methods in a set of experiment scenarios in a laboratory network. The attackers scan the network for holes, try to put trapdoors, crack passwords. The defenders use IDS, try to notice and to stop the attacks. The lecture and assisting personal try to get some results from the scenarios. This is the difficult idea, which will be tried in the exercises.

Lectures start at normal time, end at normal time, the course will be given provided that there are minimum 5 students taking it. To all other questions, I say, as usual.

Tietoverkkolaboratorio on nyt osa Tietoliikenne- ja tietoverkkotekniikan laitosta. Tällä sivulla oleva tieto voi olla vanhentunutta.

Kurssien ajantasainen tieto on MyCourses-palvelussa.

Tämän sivun sisällöstä vastaavat ja Webmaster.
Sivua on viimeksi päivitetty 14.09.2004 14:17.
URI: http://www.netlab.tkk.fi/opetus/s38153/k2004/index.shtml
[ TKK > Sähkö- ja tietoliikennetekniikan osasto > Tietoverkkolaboratorio > Opetus ]

Kysy

Anna palautetta!

Contents