Ensimag Rubrique Formation 2022

Networks & Security - WMMRSR

  • Number of hours

    • Lectures 17.5
    • Projects -
    • Tutorials 17.5
    • Internship -
    • Laboratory works 21.0
    • Written tests -

    ECTS

    ECTS 6.0

Goal(s)

The network security course provides an overview of critical network security problems and the Internet as a whole, such as distributed denial-of-service attacks, spam attacks as well as email, infrastructure, or network protocol security. Students read RFCs and scientific articles related to network protocols and their exploitation. They learn how to develop new and use existing tools to perform large-scale scans of network vulnerabilities. They perform vulnerability scans and propose solutions to network problems.

Responsible(s)

Andrzej DUDA, Maciej KORCZYNSKI

Content(s)

  • Examples of studied protocols: SMTP, DMARC, SPF, DNS (classical and "blockchain"), NTP, LDAP, RDP, Echo, CharGEN, SSDP, NetBIOS
  • Examples of network vulnerability scanning tools used: nmap, zmap, zdns
  • Examples of network security problems: UDP protocols allowing distributed amplification - reflection attacks, enumerating networks not compiling with the source address validation standard and allowing IP spoofing, misconfigured SPF records allowing sending spoofed emails, enumerating misconfigured open SMTP relays allowing relaying malicious emails, exploiting DNS misconfigurations to hijack domain names

Prerequisites

Introduction to Cybersecurity course

Test

Student presentations, final defense of the project, and the written summary of the project in the form of a scientific paper

Note finale = 30% présentation à mi-parcours + 70% projet final (soutenance + présentation)

Calendar

The course exists in the following branches:

  • Curriculum - Master: RIE - Master 2
see the course schedule for 2022-2023

Additional Information

Course ID : WMMRSR
Course language(s): FR

The course is attached to the following structures:

You can find this course among all other courses.

Bibliography

"UDP-Based Amplification Attacks" https://www.us-cert.gov/ncas/alerts/TA14-017A
"Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing" https://tools.ietf.org/html/rfc2827
"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email" https://tools.ietf.org/html/rfc7208
"Domain-based Message Authentication, Reporting, and Conformance (DMARC)" https://tools.ietf.org/html/rfc7489