ICT Security 3
FEKT-VCT3Acad. year: 2018/2019
The course deals with the security of heterogeneous networks and converged systems and advanced network testing. In particular, these topics are included: security and security protocols on L1 to L7 layers, industrial network security (IoT, smart grid, SCADA, LPWAN), mobile network security (3 - 5G) and security in WAN, anonymization tools and protocols (ToR, onion routing, mixets), advanced network security testing, functional and fuzzy testing, advanced web application testing and network security assessment methodology (CC, EAL, OWASP, PCI-DSS) and security standards (NIST, BSI).
Learning outcomes of the course unit
Students will obtain theoretical foundations including practical skills in the area of heterogeneous networks, converged systems and advanced network security. Students will be familiar with the security protocols used on L1 to L7 layers, basic security protocols in industrial networks and security methods and layers in modern technologies such as LPWAN, IoT, SCADA, smart grid. Students will further expand their expertise in advanced security testing of networks, services and applications including functional and fuzzy testing. Students obtain basic overview about standards and assessment methodologies for network and system security. Based on this knowledge, students will be able to analyze and design security solutions for complex heterogeneous systems and networks and check the solution by advanced testing methods.
The course requires a basic knowledge in the areas of operating system security (course ICT Security 1), network security (course ICT Security 2) and fundamentals of cryptography.
Recommended optional programme components
Recommended or required reading
WHITE, Gregory B., Eric A. FISCH a Udo W. POOCH. Computer system and network security. Boca Raton: CRC Press, c1996. ISBN 0849371791.
KNAPP, Eric D. a Joel Thomas LANGILL. Industrial network security: securing critical infrastructure networks for smart grid, SCADA, and other indistrial control systems. Second edition. Waltham, MA: Syngress, 2015. 439 s. ISBN 978-0-12-420114-9.
MCNAB, Chris. Network security assessment. Sebastopol, CA: O'Reilly Media, 2004. ISBN 0-596-00611-X.
VACCA, John R. Network and system security. Second edition. Waltham, MA: Syngress, 2014. ISBN 012416689X.
STALLINGS, William. Network security essentials: applications and standards. Sixth edition. Pearson education: Hoboken, 2017, xv, 445 s. ISBN 978-0-13-452733-8.
BURDA, Karel. Aplikovaná kryptografie. Brno: VUTIUM, 2013. 255 s. ISBN 978-80-214-4612-0. (CS)
Planned learning activities and teaching methods
Methods of educations are described in the article 7 of the BUT’s Study and Examination Regulation. Teaching methods include lectures, laboratories and student projects. Course is taking advantage of e-learning (Moodle) system.
Assesment methods and criteria linked to learning outcomes
The maximum of 15 points is given upon completion of the laboratory assignments. The completion of an individual project adds upto 15 points. The requirements on the completion of the tasks in laboratories and projects are described in the annual supervisor’s notice. The maximum of 70 points can be gained during the final exam.
Language of instruction
1. Introduction to the security of heterogeneous networks and converged systems
2. Network security on layers L1 to L3
3. Network security on layers L4 to L7
4. Security in industrial networks
5. Security in WAN and mobile networks
6. Anonymization tools and protocols in networks
7. Advanced network security testing
8. Functional and fuzzy testing
9. Advanced Web Application Testing I
10. Advanced Web Application Testing II
11. Standards and network security assessment methodology
12. Selected Topics of Advanced Network Security I
13. Selected Topics of Advanced Network Security II
The main goal of the course is to familiarize students with the advanced network security and security in heterogeneous networks. During the course, students are introduced with security protocols in IP networks, industrial networks, mobile networks and WAN. Students also extend their knowledge by anonymizers, functional testing, advanced testing methods for networks and web applications, and by standards and methodologies for network security assessment. The course follows up on the knowledge of ICT Security 1 and ICT Security 2 courses and appropriately expands them.
Specification of controlled education, way of implementation and compensation for absences
The conditions for the successful course completion are stated in the yearly updated supervisor’s notice.