Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog

Page created by Joshua Baldwin
 
CONTINUE READING
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Computer Networks and Security - 2019/2020

 Course Details and Study Guide (00)
 Dr. Tanir Ozcelebi, Dr. Jerry den Hartog

TU/e Computer Science
Security and Embedded Networked Systems
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
2IC60

• Staff
    • Dr. Tanir Ozcelebi - tel: 0 40 247 4426 - t.ozcelebi @tue.nl
    • Dr. Jerry den Hartog - tel: 0 40 247 2800 - j.d.hartog @tue.nl
    • Daan Leermakers - d.leermakers.1 @tue.nl
    • Sowmya Ravidas - s.ravidas @tue.nl
    • Stanley Clark - s.clark @tue.nl
    • plus some student assistants…

• Course communication (web)
    • We will use Canvas for news and announcements.

• You have a question that is not of personal nature? Use Canvas Discussion
  for asking it so that others can benefit from the answer.

                                                                       April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                              Slide 2
Security and Embedded Networked Systems (SENS)
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Pre-knowledge

  • 2IC30 - Computer Systems (recommended)

  • Basic knowledge of computer network (and Internet) building blocks
      • as treated by Sections 1.1, 1.2, 1.3 and 1.5 of ‘Computer Networking, A Top-Down
        Approach,’ by James F. Kurose and Keith W. Ross. Topics: What is a network?
        What is the Internet? What is a protocol? Physical media. Packet switching vs
        circuit switching. Protocol layers.
      • reading and understanding suffices.

  • Basic Java programming skills are needed for the lab sessions.

                                                                                  April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                         Slide 3
Security and Embedded Networked Systems (SENS)
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Learning goals

     • Organization of computer networks.
     • Internet structure and solutions to standard problems.
     • Analysis of simple protocols
        − correctness, performance, reliability and security.
     • Security requirements of networking scenarios
     • Corresponding security technologies and their use
     • Ability to study literature and provide critical evaluation in writing.
        − professional skills component

                                                                                 April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                        Slide 4
Security and Embedded Networked Systems (SENS)
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Forms of education

 • Lectures (digital)
    • Recordings of last year’s lectures linked in “Canvas under Schedule”.

 • Instructions / labs (digital)
    • We will do interactive sessions via Canvas Conferences and help you via
      Canvas Discussion forums.

 • Labs (digital)
    • We will do interactive session via Canvas Conferences.
    • Help you via Canvas Discussion forums.

                                                                          April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                 Slide 5
Security and Embedded Networked Systems (SENS)
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Organization

   • Lectures, instructions, labs

   • What you will do:

      • Do the weekly homework assignments

      • Do the essay assignment (professional skills)

      • Study for the final exam
          − (doing the lab exercises is part of this)

                                                        April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                               Slide 6
Security and Embedded Networked Systems (SENS)
Computer Networks and Security 2019/2020 - Course Details and Study Guide (00) Dr. Tanir Ozcelebi, Dr. Jerry den Hartog
Lectures

• Load: ~ 4 hours / week
   • Video recordings of last year plus this lecture (also recorded).

• Reading material available on Canvas (syllabus):
   • Lecture slides (all of them are already there in Canvas)
   • Lecture notes
       − Our version.
       − You may still want to take your own notes just for the exercise.
       − Writing helps you to learn!
   • Additional references to “required reading” in lecture notes.

                                                                            April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                   Slide 7
Security and Embedded Networked Systems (SENS)
Video recordings of lectures

  • Last year this course was streamed live to the videocollege.tue.nl
    website. These video recordings are still there and will replace
    regular lectures due to coronavirus measures.

  • Video recordings are available for you to access at any time

      • Note that sometimes (not often) there may be remarks in the old videos
        that are relevant in the context of last year’s course instance. We will try
        to catch these and maintain a log of corrections (a dedicated page on
        Canvas). Ask in the Canvas Discussion forum when you are in doubt.

  • The schedule on Canvas gives a timeline of which lecture is relevant
    when. It also provides direct links to the lecture recordings.

                                                                               April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                       Slide 8
Security and Embedded Networked Systems (SENS)
Instruction / lab sessions

• Check the schedule on Canvas for instruction / lab
  times. We will use Canvas Conferences for this purpose.

• Instructors are there to explain lab exercises and help
  you with theory and lab related questions.

   • Raise hand for asking questions to instructors via a public or
     private message: “I have a question”.

   • Instructor shall confirm and either take you to a digital breakout
     room or answer the question for the entire group depending on
     the need.

                                                                          April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                 Slide 9
Security and Embedded Networked Systems (SENS)
Lab exercises

• You get some hands-on practical experience.

• You need to prepare beforehand.
   • Follow guidelines on Canvas.

• You are responsible for the things that you learn in these sessions.
   • You get one or more questions about this in the exam.

                                                                    April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                         Slide 10
Security and Embedded Networked Systems (SENS)
Software for the labs

  • Wireshark
      • Network troubleshooter & analyzer
      • The capture driver needs root/admin permission

  • Preinstalled virtual machine (pwd: secnet)
      • Optional for first labs, required for later labs
      • See link on Canvas, Open Virtualization Format
      • run with virtual box (https://www.virtualbox.org/)
         − or your favorite VM software supporting the format.

                Tanir Ozcelebi, Jerry den Hartog
Security and Embedded Networked Systems (SENS)
Content of the Labs

  • Preparation
    • install Wireshark, Virtualbox, download virtual machine.

  • Lab 1: Setup and Exploration
    • examine traffic between your Web browser ßà Web server.
    • Tools: Wireshark, your favorite Web browser

  • Lab 2: Wireshark - Exploring TCP/UDP
    • analyze TCP and its main mechanisms
    • capture and investigate UDP (for example, for name resolution or
      for a multimedia application such as Skype).
    • Tools: Wireshark, your favorite Web browser

                Tanir Ozcelebi, Jerry den Hartog
Security and Embedded Networked Systems (SENS)
Content of the Labs (continued)

  • Lab 3: Java Socket Programming
      • Develop multithreaded Web server capable of serving
        multiple HTTP requests in parallel.
      • Tools: Java IDE (Eclipse, Netbeans etc), Web browser

  • Lab 4: Network forensics
      • analyze PCAP files containing recorded attacks over TCP
        and some application protocols.
      • Tools: Wireshark, tshark, your favorite search engine

                Tanir Ozcelebi, Jerry den Hartog
Security and Embedded Networked Systems (SENS)
Content of the Labs (continued)

  • Lab 5: Web Security
      • Attacks against a locally hosted intentionally vulnerable web
        server (WebGoat), e.g. sniffing, parameter tampering, SQL
        injection, XSS, session forgery.
      • Tools used: WebGoat, Tamper Data, Firefox/Iceweasel

  • Lab 6: Public Key Encryption & Web of Trust
      • Build a `web of trust’; create your own (OpenPGP) public
        private key pair, share them with your peers, use them.
      • Tools used: GnuPG, your favorite FTP tool

                Tanir Ozcelebi, Jerry den Hartog
Security and Embedded Networked Systems (SENS)
Homework assignments

• 2 pts out of 10: You get 2 points out of 10 for “a serious attempt” to answer ALL
  questions.
• 8 pts out of 10: A selection of 2 exercises in each homework set will be graded
  in detail.

          Example:

                Given exercises                : 1, 2, 3, 4, 5, 6, 7, 8

                Graded exercises               :   2,       5

• We won't tell in advance which exercises will be graded.
• We will discard your worst assignment (out of 6) in computing your average.

                                                                           April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                Slide 15
Security and Embedded Networked Systems (SENS)
Homework announcements,
  deadlines and submissions
  • HWs and deadlines are announced in Canvas.

  • Submissions are electronic (PDF) via Canvas.

  • You may, for example,
      • do your homework in any electronic editor and save/print to PDF.
              OR

      • scan your homework to PDF.
         − If you don’t have access to a scanner: Several free apps for iPhone and
           Android are available. Check app stores. Example: “Notes” app in iPhone.

      • make sure your scans are of GOOD QUALITY.

                                                                                  April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                       Slide 16
Security and Embedded Networked Systems (SENS)
Homework submission

• GOOD QUALITY means
  • Taken from a good angle. Nice resolution. Good light. Clearly readable.

• Ask for help during instruction if you do not know how to
  • Scan to PDF, print to PDF, save as PDF…

                                The                      The                  The
                                GOOD                     BAD                  UGLY

                                                                              April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                   Slide 17
Security and Embedded Networked Systems (SENS)
The essay
  (professional skills)

  • Written based on a research paper studied.
    • in groups of 3
         − You can form/join a group in Canvas now under People/Groups.
      • papers to study will be posted on Canvas

  • Peer assessment to identify free-riders: not everyone in a group gets
    the same grade.

  • Students must submit a peer assessment form (confidentially,
    separately to CANVAS). Answer ALL of the following:
    • How did you perform?
    • How did partner 1 perform?
    • How did partner 2 perform?

                                                                          April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                               Slide 18
Security and Embedded Networked Systems (SENS)
Grading of the essay

  •       There can be a maximum of 3 points (out of 10) difference between any two group members
          based on the peer review (i.e. unless free-riding is detected).

  •       Examples: Consider an essay that deserves a score of 8 overall.
          •   These examples do not cover the entire set of possible situations/scenarios, but are there to give the idea.

      Examples     Student1                  Student2                              Student3                          Scores

      1            did significantly         did less than others, but is not a    did his/her share decently        S1: 9.5
                   more/better               free-rider either.                                                      S2: 6.5
                                                                                                                     S3: 8
      2            did his/her share         did his/her share                     did his/her share                 S1: 8
                                                                                                                     S2: 8
                                                                                                                     S3: 8
      3            had to do more than       contributed upon request, did not     contributed upon request, did     S1: 10
                   others and pull the       take initiative. Was active but let   not take initiative. Was active   S2: 7
                   execution                 S1 do more work.                      but let S1 do more work           S3: 7

                                                                                                                             April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                                                                  Slide 19
Security and Embedded Networked Systems (SENS)
Essay submission deadlines
  (Canvas info is leading over this)

  • Groups must be determined by: May 13, 23:59hr (submission by
    up to 3 students via CANVAS)

  • Essay submission deadline: June 12, 23:59hr                 (submission by
    the group of 3 students via CANVAS)

  • Peer assessment deadline: June 15, 23:59hr                  (individually
    submitted via CANVAS)

      • Confidential = Do not share your peer assessment with ANYONE,
        especially with essay partners.
      • Not submitting the assessment form equals not submitting the essay.
         − In CANVAS this is the assignment that gets graded.

                                                                                April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                     Slide 20
Security and Embedded Networked Systems (SENS)
Assessment is through…

  • Final exam à 40% (minimum requirement: 5.0) (possibly digital, proctored)

  • Homework assignments à 30%
      • I already did this last year. Do I have to do it again?
         − Yes (bachelor school rules). However, you can resubmit your work from last year (indicate
           that you do so, as well as the score that you got last time).
         − (Note that this leads over what is said in the video recording of last year’s lecture.)

  • Essay à 30%
      • Written in groups of 3:
         − Peer assessment survey to differentiate.
         − Identified free-riders will get zero.
      • I already did this last year. Do I have to do it again?
         − Yes (bachelor school rules). However, you can resubmit your work from last year (indicate
           that you do so, as well as the score that you got last time).
         − (Note that this leads over what is said in the video recording of last year’s lecture.)

                                                                                              April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                                   Slide 21
Security and Embedded Networked Systems (SENS)
Studying for this course

  1. Study the lecture slides, lecture notes and required reading
     referenced inside lecture notes
      •     Sometimes the slide sets have hidden slides that contain examples etc.
            (not shown in the classroom due to lack of time).
      •     Download pdf slide sets provided on Canvas.

  1. Do the lab assignments – not graded.
      •     Exam question regarding labs.

  1. Do the homework assignments – graded.

  2. Do the essay - graded.

                                                                            April 18, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                 Slide 22
Security and Embedded Networked Systems (SENS)
Weekly online surveys

  • Give us feedback, weekly (optional).

  • Find the links in Canvas (schedule)

                                                   April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                        Slide 23
Security and Embedded Networked Systems (SENS)
Important rule

                           Fraud is strictly forbidden.

   • See TU/e code of scientific conduct for reference.

   • Examples of fraud:
       − Copying from your peers, others, the Internet etc.
          − pieces of text, images, code, solutions etc.
       − Allowing your peers to copy from you, sharing your work publicly or privately.
          − keep your work private: e.g. an Internet search should not point to your solution.
       − etc.
   • Incidents caught will be handed off to the examination committee at once.

                                                                                                 April 17, 2020
                Tanir Ozcelebi, Jerry den Hartog
                                                                                                      Slide 24
Security and Embedded Networked Systems (SENS)
You can also read