CT6034 Advanced Networking and Security
Advanced Networking & Security
CT6034
1. Introduction
1.1 Overview
The aim of this module is to build on the network design and implementation principles from module CT5047. The objective is to defend and protect the network infrastructure, architecture, protocols and applications in order to deliver secured protocols, applications, services and data. The cyber security framework of identifying, protecting, detecting, responding and recovery in relation to network security will be evaluated and critically analysed during the module.
Students will be capable of analysing, designing and managing the requirements of a secure network architecture based on risk analysis and operational requirements in accordance with regulations and standards.
1.2 Prerequisites
Basic understanding of networking is crucial for this module. Students are advised to make sure they review the content of CT5047 before starting this module in case they are not confident with their knowledge in networking.
1.3 Reading List
The resources needed for this module are available via the University’s Digital Library, and are as follows:
- Randy Weaver (2013). Guide to Network Defense and Countermeasures 3rd edition. Boston: Thomson Course Technology.
- Chris Sanders (2011). Practical Packet Analysis. 2nd edition. San Francisco: No Starch Press.
- Roberto Verdone (2008), Wireless sensor and actuator networks : technologies, analysis and design
- Matthijs Kooijman (2015), Building wireless sensor networks using Arduino : leverage the powerful Arduino and XBee platforms to monitor and control your surroundings
2. Learning Outcomes
A student passing this module should be able to:
- Critically analyse and evaluate risk analysis and management strategies to address the associated risks, threats, vulnerabilities and attack vectors against network architectures to secure the operational and service delivery requirements;
- Critically evaluate the organisational security requirements for a network security solution against known regulations, standards, legislation, policies and procedures to develop a systematic solution to the network and organisational security requirements;
- Demonstrate the ability to understand and synthesize the principles of network security architectures and security frameworks and models;
- Critically analyse and evaluate network security controls and mitigation techniques: network monitoring, firewalls and traffic filtering, intrusion detection and prevention systems, intrusion analysis, anti-malware, cryptography, securing network protocols, services, applications and data to mitigate the identified risks of the evaluated system;
- Analyse a number of advanced networking topics and future networking direction;
- Critically evaluate and communicate network security alternatives arguments, assumptions, abstract concepts and data to make judgments, and to frame appropriate questions to achieve a solution - or identify a range of solutions - to a given problem, to both technical and nontechnical stakeholders.
3. Module Evaluation
3.1 Evaluation for 2019-20
We have received quite interesting reviews about this module. Students loved the idea of being exposed to advanced networking topics, including SDN, IDS and WSN. They used a wide range of simulations and tools to do the assignment. Some of the students decided to do their dissertation based on the tools they learnt and used in this module, which shows how much they found the module interesting and practical. Some of the students requested for developing dedicated labs with actual hardware for this module, which we are currently considering it.
In this current academic year 2020/21, you will be given the opportunity to undertake a mid-module evaluation. This will contribute to the course board of studies meeting and will inform the module design for the following year. In addition, there will be an independent end of year level evaluation distributed by the University known as the Annual Course Evaluation (ACE).
4. Scheme of Work
|
Week Sem1 |
Topic |
Practical work |
Tutor |
|
1 |
Overview of the module |
HC | |
|
2 |
Introduction to Ad hoc Network: The concept, goal and challenges, different models of ad hoc networks and their applications. |
Practical: Introduction to NetLogo |
HC |
|
3 |
Routing in Ad hoc network: Flooding, proactive and re-active models. Hierarchical and heterogeneous models, cluster-head models. |
Practical: Implementing Flooding in NetLogo |
HC |
|
4 |
Practical: Developing the first ad hoc routing protocol using flooding. |
HC | |
|
5 |
Practical: Developing more complex routing protocols for ad hoc networks |
HC | |
|
6 |
Security of Ad hoc network: Centralized solution with the sink, decentralized model and attack vectors in ad hoc networks |
Practical: Implementing key exchange algorithm |
HC |
|
7 |
Secure routing protocol: trust model, mitigations and improvising, putting all together for a secure routing model. |
HC | |
|
8 |
Practical: Developing the secure routing protocol (part one) |
HC | |
|
9 |
Practical: Developing the secure routing protocol (part two) |
HC | |
|
10 |
Advances in Adhoc Networks: and the concept of movement |
Practical: behavioural modelling |
HC |
|
11 |
Case study scenario workshop: Dedicated workshop session. |
HC | |
|
12 |
Module review. An opportunity to revisit any lecture material from semester two. Assignment workshop. |
HC | |
|
Week Sem2 |
Topic |
Practical work |
Tutor |
|
1 |
Network Defence Technologies: Packet Filtering, Firewalls, IDS, VPN, SDN |
Tutorial 1: Review Questions |
AA |
|
2 |
Fundamental of Traffic Analysis |
LAB 1: TCP/IP Layer analysis using Wireshark |
AA |
|
3 |
Intrusion Detection System: Host Based, Network-based, Attack Taxonomy, Traffic Analysis |
LAB 2: Setting up VMWare Snort Intrusion Detection System. |
AA |
|
4 |
Packet Crafting for IDS/IPS |
LAB 3: Packet Crafting for IDS/IPS |
AA |
|
5 |
IDS- SNORT |
LAB 4: Running Snort Rules |
AA |
|
6 |
Scanning and Sniffing Tools, Security Policies, Threat model and Risk Analysis |
LAB 5: NMAP Experiments |
AA |
|
7 |
Wireless Networks: Attacks and Mitigation |
LAB 6: Wireless Net Security |
AA |
|
8 |
Malicious Software: bugs, viruses, worms, antivirus tools, Security Monitoring Tools |
LAB 7: Malware Analysis |
AA |
|
9 |
Network Forensics and Monitoring: Reconnaissance, Exploit and Post Exploit. |
LAB 8: Network Forensic Analysis |
AA |
|
10 |
Network Forensics Scenario |
AA | |
|
11 |
Assignment Workshop |
AA | |
|
12 |
E-Learning: Wireless Networks-Literature Review |
AA | |
Assessment 1
|
1. Module Code and Title: |
CT6034 Advanced Networking and Security |
|
2. Module Tutor: |
Hassan Chizari and Ali Al-Sherbaz. |
|
3. Tutor with Responsibility for this Assessment: |
Hassan Chizari. This is your first point of contact. |
|
4. Assignment: |
001: Written Coursework 1 (35%) : Research on the state-ofthe-art Ad hoc network routing or security algorithms. You need to choose a protocol with the advice of the tutor of the module and work on that. In this document, you must include discussing how you designed your simulation and explain the results in relation to the study and research you did on the protocols. Implementation (15%): NetLogo simulation of the researched area. You need to make sure that you use three elements of coding, UI and BehaviorSpace in the work. |
|
5. Submission Deadline: |
Friday 18th December 2020 Your attention is drawn to the penalties for late submission; see Academic Regulations for Taught Provision. |
|
6. Arrangements for Submission: |
MOODLE |
|
7. Date and Location for Return of Work: |
Written feedback and a provisional mark should be within 20 working days. |
|
8. Students with Disabilities: |
Alternative assessment arrangements may be made, where appropriate, for disabled students. However, these will only be implemented upon the advice of the disability advisor. Disabled students wishing to be considered for alternative assessment arrangements must give notification of the disability (with evidence) to the Disability Advisor by the published deadlines. |
|
9. University Regulations for Assessment: |
All assessments are subject to the Academic Regulations for Taught Provision. These include regulations relating to errors of attribution and assessment Offences. In exercising their judgement, examiners may penalise any work if the standard of English, numeracy or presentation adversely affects the quality of the work, or where the work submitted exceeds the published size or time limits, or where the work fails to follow normal academic conventions for acknowledging sources. |
Assessment 2
|
1. Module code and Title: |
CT6034 Advanced Networking and Security |
|
2. Module Tutors: |
Hassan Chizari and Ali Al-Sherbaz. |
|
3. Tutor with Responsibility for this Assessment: |
Ali Al-Sherbaz. This is your first point of contact. |
|
4. Assignment: |
002: 50% Coursework: Individual, standard written: 3,000 words or equivalent. You will be penalised according to the Academic Regulations for Taught Provision if you exceed the size limit. |
|
5. Submission Deadline: |
14 May 2021, 3:00 PM Your attention is drawn to the penalties for late submission; see Academic Regulations for Taught Provision. |
|
6. Arrangements for Submission: |
MOODLE |
|
7. Date and location for return of work: |
Written feedback and provisional mark will be within 20 working days. |
|
8. Students with Disabilities: |
Alternative assessment arrangements may be made, where appropriate, for disabled students. However, these will only be implemented upon the advice of the disability advisor. Disabled students wishing to be considered for alternative assessment arrangements must give notification of the disability (with evidence) to the Disability Advisor by the published deadlines. |
|
9. University Regulations for Assessment: |
All assessments are subject to the Academic Regulations for Taught Provision. These include regulations relating to errors of attribution and assessment Offences. In exercising their judgement, examiners may penalise any work here the standard of English, numeracy or presentation adversely affects the quality of the work, or where the work submitted exceeds the published size or time limits, or where the work fails to follow normal academic conventions for acknowledging sources. |
The requirements for assessment 2:
- You need to select a dataset (or more) of PCAPS with the confirmation of the module tutor for your assignment and analysis. You may use following resources, but you are free to choose from other sources as well.
- https://www.netresec.com/?page=pcapfiles
- https://github.com/shramos/Awesome-Cybersecurity-Datasets
- Provide a schematic of how the attack has happened looking at different layers. Investigate what were the vulnerabilities which led to a successful attack. You need to provide evidences for your claims from the datasets and also you can refer to literature to support your findings.
- Make sure you include your methodology of investigation with justification of why you use these methods. Explain the rationale behind your choices of methods to analyse the dataset.
- Finally, provide discussion about your results and findings. You need to show you understand how the attack happened and what could be done to prevent / mitigate the attack.
Your assignment should follow this structure (3000 words):
- Introduction (a short literature review on the related topics and attacks, the selected dataset and selected methodology of investigation)
- Analysis (the actual process of analysis and numerical results, all the steps which have been done in the process of analysing the dataset)
- Discussion (the explanation of the results, how to address those vulnerabilities, or how the attack could be enhanced or be more efficient)
- Conclusion
- Bibliography
- Appendices (if you use any code, you need to include it here, also screenshots of the tools that you used during analysis)
Special instructions N/A
Assessments criteria
The grade table on the following page is a guide to the level of practical content required for the assignments. You need to achieve at least 40% to pass this assessment.
Assesses learning outcomes (1) (2) (3) and (6)
|
Grade |
Content |
|
To achieve <30 |
Some requirements met, but very limited and not recoverable. Copyright violation. |
|
To achieve <40 |
Deliverables partially complete. Poor level of English. |
|
To achieve 40+ |
Basic understanding demonstrated. Evidence of background reading. |
|
To achieve 50+ |
Good critical analysis and use of evidence in comparative analysis. Reasonable discussion and reflection based on evaluation tools used. Use of appropriate references/citations to support arguments. |
|
To achieve 60+ |
Original ideas demonstrated. |
|
To achieve 70+ |
Excellent quality work that is creative and aesthetically pleasing. |
Note that the overall grade will be determined by the application of the School of Computing & Technology Assessment Criteria Grid.
|
Mark % |
Comment |
Grade & Characteristics |
Theory & Academic Approach |
Practice & Deliverables |
|
0 |
Fail |
plagiarism, collusion, non-pres., name only |
as theory | |
|
1-39 |
Reassess: inadequate but recoverable with effort |
no understanding, very short, inadequate, factual but little interpretation, lacks coherence, short, errors, misconceptions, coherent but mechanical notes, partial - rudimentary answer, limited interpretation, lack of knowledge of topic, no evidence of background reading, weak English but some appropriate use of language of topic. |
poor effective deliverables, requirements not met, deliverables partially complete, limited response to brief. | |
|
40-49 |
3rd, D Pass: Sufficient for award of credit adequate mainly descriptive approach, fair, limited conceptual or theoretical ability |
adequate response, demonstration of basic knowledge, relevant content, clear intention communicated, evidence of reading, acceptable minimum level of English for business presentation but may lack precision, some limited analysis / application of knowledge / theory / weighting of evidence, inconsistent |
deliverables meet basic requirement correctly but limited, just adequate but not innovative, interesting or exciting, for higher marks, 45+ just exceeds minimum specification, might be good in some areas but not consistent | |
|
50-59 |
2ii, C Satisfactory Satisfactory with some conceptual ability but lacks good evaluation or synthesis of ideas |
good response to task, collates info, satisfactory analysis & judgement, constructs generalisations based on evidence & opinion, argues clearly, logically & constructs a case, some limited ability to state a personal position, correct English with few imprecise statements |
good deliverables, some evidence of good design or execution, coherent and organised product, some limited evidence of self criticism concerning deliverable, some independence, initiative, autonomy, appropriate techniques, integration of knowledge for task | |
|
60-69 |
2i, B Good. Good analysis, evaluation, synthesis, integration & argument. |
evaluates info. & synthesises generalisations, good ability to state & defend personal position, good analysis & judgement, applies knowledge to new situations, sound on theory, critical, understands limitations of methods, selective coherent & logical approach, well written with clear, correct and precise English |
all criteria met to good standard, evidence of good design or execution, good integration of academic & practical issues, solid evidence of self critique/evaluation of deliverables, products well organised - documented - coherent. Evidence of independence, initiative, autonomy, creativity, adaptability, resourcefulness. Integration of knowledge, | |
|
70-79 |
First class, A, Excellent. as above but also stronger evidence of excellent, original, innovative, articulate work |
very strong ability to state & defend position, uses criteria & weighting in judgements, wide knowledge and theoretical ability, full understanding of possibilities and limitations of methods & theories, 75+ more original, innovative approach, command of critical positions, lively articulate writing, excellent grasp of material - synthesis of ideas |
most criteria met to high standard, strong evidence of evaluation of deliverables, 75+: deliverables excellent - all criteria met in clear and definite manner, evidence of excellent design or execution, elegance, innovation, very good evaluation of deliverables, | |
|
80-89 |
Outstanding. as above but also authoritative, superlative, creative |
as above but also :- seen all possibilities in task, gone beyond accepted conceptual/critical positions, evidence of creative, intelligent, innovative approach consistently & forcefully expressed |
as above but also :- all aspects of deliverables superlative beyond 80% emphasis on theory rather than practice/deliverables | |
|
90-100 |
Faultless |
as for 80-89 but also :- all work superlative & without fault |
as for 80-89 |
