IT402: Network Security Course Overview

Course Overview: IT402 Network Security

• The course is taught by Prof. Dr. Walid Khedr, and the course number is IT402.
• The course has a Telegram channel for communication, and the tools used are Kali Linux, Python, VMware, or VirtualBox.
• Office hours are from 10:00 am to 12:00 pm on Mondays.
• The prerequisites for the course are Computer Networks and Internet Programming.
• The course materials include textbooks and lecture notes.

Grading Policy

• The final grade is calculated as follows: Midterm exam (15 points), Lab Exam/Assignments/Quizzes/Attendance (15 points), Oral Exam, Attendance, and Participation (10 points), and Final Exam (60 points).
• The final exam is cancelled if attendance is less than 75%.
• If the final exam grade is less than 30%, the final grade will be the same as the final exam grade.

Introduction to Information Security, Cyber Security, and Network Security

• Information security involves preserving confidentiality, integrity, and availability of information.
• Cyber security involves measures to prevent unauthorized access or manipulation of cyber resources within cyber space.
• Network security involves protecting networks and their services from unauthorized modification, disclosure, and protecting data transmission.

Security Objectives

• Confidentiality: ensuring that private or confidential information is not disclosed to unauthorized individuals.
• Integrity: ensuring that data and programs are changed only in a specified and authorized manner.
• Availability: ensuring that systems work promptly and service is not denied to authorized users.
• Authenticity: ensuring that a digital object is what it claims to be.
• Accountability: tracing actions of an entity to that entity.

Security Architecture

• ITU-T Recommendation X.800 defines a systematic approach to security architecture for OSI.
• Security attack: any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.
• Security service: a processing or communication service that enhances the security of the data processing systems and the information transfers of an organization.
• Security mechanism: a process or device designed to detect, prevent, or recover from a security attack.

Examples of Network Security Violations

• Unauthorized access to sensitive information.
• Altering messages or files during transmission.
• Interception and modification of messages.

Attacks

• Passive attacks: attempting to learn or make use of information from the system without affecting system resources.
• Active attacks: attempting to alter system resources or affect their operation.
• Examples of active attacks: unauthorized access, alteration of messages, and fabrication of messages.

Security Services

• Authentication: ensuring the communicating entity is who it claims to be.
• Access control: preventing unauthorized use of a resource.
• Data confidentiality: protecting data from unauthorized disclosure.
• Data integrity: ensuring data received are exactly as sent by an authorized entity.
• Non-repudiation: providing protection against denial by one of the entities involved in a communication.

Cryptography and Network Security

• Cryptography is a crucial automated tool for network and communications security.
• Cryptography involves hiding the meaning of data by using an encryption algorithm and a secret key.

Model for Network Security

• The model requires designing a suitable algorithm for security transformation, generating and distributing secret information, and developing methods to share secret information.

Topics Covered in the Course

• Introduction to information and network security concepts
• Cryptography (classical encryption techniques, block ciphers, AES, symmetric ciphers, stream ciphers, public-key cryptography, and RSA)
• Network security (transport-level security, blockchain protocol, Tor protocol, wireless network security, IP security, and SET protocol)