Important Site Links

Information Trust Institute: University of Illinois at Urbana-Champaign

Short Course: IP Network Security

COURSE DESCRIPTION:

This course provides an introduction to current and upcoming issues in IP network security. During the course, we will outline current IP network vulnerabilities and review technologies that aim to fix these problems. At the end of the course, you will have a comprehensive understanding of the issues facing IP network security and should be able to design and critically review security issues with respect to a network architecture.

PREREQUISITE: An understanding of IPv4 networking protocols.

HIGH-LEVEL COURSE OUTLINE AND TIMETABLE:

DAY 1:

  1. Review of IPv4 network protocols with respect to security issues
    1. Address spoofing
    2. ARP protocol
      1. ARP cache pollution
    3. UDP/TCP
      1. Packet format errors
      2. SYN floods
      3. Scanning
    4. ICMP
      1. Fishing for responses
    5. Static routes
      1. Source-based routes
    6. Dynamic routing
      1. RIP
      2. BGP
  2. Firewall Technologies
    1. Duties
      1. Access control
      2. Address translation
      3. Protocol verification
    2. Architectures
      1. Proxies
      2. Packet filtering
      3. Hybrid architectures
  3. Tunnels
    1. What purpose do tunnels fulfill?
    2. Protocols
      1. IPSec
      2. GRE
      3. SSL/TLS
      4. VLAN

DAY 2:

  1. Identity or AAA Servers
    1. Tracking users in the network architecture
    2. Protocols: Radius, TACAS+, Diameter
  2. IPv6
    1. How does it differ from IPv4?
    2. What security problems does it solve?
    3. What security problems does it introduce?
  3. Intrusions
    1. Denial of Service
      1. Basic attacks
      2. Distributed Denial of Service
    2. Privilege attacks
      1. Trojans
      2. Replays
      3. Social engineering
    3. Detection techniques
      1. Host-based
      2. Network-based
      3. Signatures
      4. Statistical anomaly detection
    4. Detection control
      1. Ask for user direction
      2. Log and allow
      3. Drop or reset
      4. Redirect and/or isolate
  4. Enterprise network architectures
    1. Templates for designing a securable network
    2. Review a couple of industry standards
      1. Cisco SAFE
      2. Symantec Enterprise Architecture

Instructor Biographies

Dr. Carl A. Gunter received his BA from the University of Chicago in 1979 and his Ph.D. from the University of Wisconsin at Madison in 1985. He worked as a postdoctoral researcher at Carnegie-Mellon University and the University of Cambridge in England before joining the faculty of the University of Pennsylvania in 1987. In 2004, he joined the University of Illinois at Urbana-Champaign, where he is a professor, Director of the Illinois Security Lab, member of the Arms Control, Disarmament and International Security executive committee, and member of the Information Trust Institute Steering Committee.  He does research and teaches at UIUC in his areas of technical expertise: security, networks, programming languages, and software engineering. His work includes contributions to the foundations of programming languages, the design of functional and object-oriented programs, languages and models for networks and security, and software engineering. He has published over 70 papers in scientific forums, advised 7 Ph.D. theses, and authored an MIT Press textbook on the semantics of programming languages. Dr. Gunter has acted as a technical consultant for a number of companies, including AT&T, Oki Electric, Lucent Technologies, and Intertrust. He has also provided legal advising and acted as an expert witness in the areas of fraud, contract, patent, and copyright. He has acted as a principal investigator on numerous research grants, including grants from the Army, Navy, DARPA, NSF, Cisco, Microsoft, NEC, and SAIC. In 2000, he founded Probaris Technologies, a security technology company in Philadelphia, where he served as director, chief scientific advisor, and software architect.  He is the author of a number of pending patents.

Dr. Susan Hinrichs is a visiting assistant research professor with the Information Trust Institute and a visiting lecturer with the Computer Science Department at the University of Illinois. Until recently Dr. Hinrichs was the product architect for security management products at Cisco Systems, Inc. While there she was on the teams that developed and designed Centri Firewall, Cisco Security Policy Manager, and Management Center for Firewalls. She also worked in the area of multi-level secure operating systems as an employee of Addamax developing a B2 secure Unix, and she was also involved in conducting a feasibility study of Windows NT for MISSI to determine how easily it could be refactored to be B level secure. She earned her BS from the University of Illinois in 1988 and her PhD in Computer Science from Carnegie Mellon University in 1995.