University of Gloucestershire 2020All rights reserved. No part of this publication may be reproduced, stored or transmittedin any form or by any means, including – but not limited to – photocopy, recording, or anyinformation storage and retrieval system, without the specific prior written permission ofUniversity of Gloucestershire.Advanced Networking &SecurityCT6034Associate Professor Hassan ChizariAssociate Professor Ali Al-SherbazSchool of Computing & EngineeringCT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 1Table of Contents1. Introduction……………………………………………………………………………………….12. Learning Outcomes ……………………………………………………………………………23. Module Evaluation……………………………………………………………………………..34. Scheme of Work………………………………………………………………………………..4Assessment 1……………………………………………………………………………………….6CyBOK module content breakdown ……………… Error! Bookmark not defined.1. Introduction1.1 OverviewThe aim of this module is to build on the network design and implementationprinciples from module CT5047. The objective is to defend and protect thenetwork infrastructure, architecture, protocols and applications in order to deliversecured protocols, applications, services and data. The cyber security frameworkof identifying, protecting, detecting, responding and recovery in relation tonetwork security will be evaluated and critically analysed during the module.Students will be capable of analysing, designing and managing the requirementsof a secure network architecture based on risk analysis and operationalrequirements in accordance with regulations and standards.1.2 PrerequisitesBasic understanding of networking is crucial for this module. Students areadvised to make sure they review the content of CT5047 before starting thismodule in case they are not confident with their knowledge in networking.1.3 Reading ListThe resources needed for this module are available via the University’s DigitalLibrary, and are as follows:• Randy Weaver (2013). Guide to Network Defense and Countermeasures.3rd edition. Boston: Thomson Course Technology.CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 2• Chris Sanders (2011). Practical Packet Analysis. 2nd edition. SanFrancisco: No Starch Press.• Roberto Verdone (2008), Wireless sensor and actuator networks :technologies, analysis and design• Matthijs Kooijman (2015), Building wireless sensor networks usingArduino : leverage the powerful Arduino and XBee platforms to monitorand control your surroundings2. Learning OutcomesA student passing this module should be able to:1. Critically analyse and evaluate risk analysis and management strategiesto address the associated risks, threats, vulnerabilities and attack vectorsagainst network architectures to secure the operational and servicedelivery requirements;2. Critically evaluate the organisational security requirements for a networksecurity solution against known regulations, standards, legislation, policiesand procedures to develop a systematic solution to the network andorganisational security requirements;3. Demonstrate the ability to understand and synthesize the principles ofnetwork security architectures and security frameworks and models;4. Critically analyse and evaluate network security controls and mitigationtechniques: network monitoring, firewalls and traffic filtering, intrusiondetection and prevention systems, intrusion analysis, anti-malware,cryptography, securing network protocols, services, applications and datato mitigate the identified risks of the evaluated system;5. Analyse a number of advanced networking topics and future networkingdirection;6. Critically evaluate and communicate network security alternativesarguments, assumptions, abstract concepts and data to make judgments,and to frame appropriate questions to achieve a solution – or identify arange of solutions – to a given problem, to both technical and nontechnical stakeholders.CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 33. Module Evaluation3.1 Evaluation for 2019-20We have received quite interesting reviews about this module. Students lovedthe idea of being exposed to advanced networking topics, including SDN, IDSand WSN. They used a wide range of simulations and tools to do theassignment. Some of the students decided to do their dissertation based on thetools they learnt and used in this module, which shows how much they found themodule interesting and practical. Some of the students requested for developingdedicated labs with actual hardware for this module, which we are currentlyconsidering it.In this current academic year 2020/21, you will be given the opportunity toundertake a mid-module evaluation. This will contribute to the course board ofstudies meeting and will inform the module design for the following year. Inaddition, there will be an independent end of year level evaluation distributed bythe University known as the Annual Course Evaluation (ACE).CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 44. Scheme of Work WeekSem1TopicPractical workTutor1Overview of the moduleHC2Introduction to Ad hocNetwork: The concept, goaland challenges, differentmodels of ad hoc networksand their applications.Practical: Introductionto NetLogoHC3Routing in Ad hocnetwork: Flooding, proactive and re-active models.Hierarchical andheterogeneous models,cluster-head models.Practical:Implementing Floodingin NetLogoHC4Practical: Developing the first ad hoc routing protocolusing flooding.HC5Practical: Developing more complex routingprotocols for ad hoc networksHC6Security of Ad hocnetwork: Centralizedsolution with the sink,decentralized model andattack vectors in ad hocnetworksPractical:Implementing keyexchange algorithmHC7Secure routing protocol: trust model, mitigationsand improvising, putting all together for a securerouting model.HC8Practical: Developing the secure routing protocol(part one)HC9Practical: Developing the secure routing protocol(part two)HC10Advances in AdhocNetworks: and the conceptof movementPractical: behaviouralmodellingHC11Case study scenario workshop: Dedicated workshopsession.HC12Module review. An opportunity to revisit any lecturematerial from semester two. Assignment workshop.HC CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 5 WeekSem2TopicPractical workTutor1Network DefenceTechnologies: PacketFiltering, Firewalls, IDS,VPN, SDNTutorial 1: ReviewQuestionsAA2Fundamental of TrafficAnalysisLAB 1: TCP/IP Layeranalysis usingWiresharkAA3Intrusion DetectionSystem: Host Based,Network-based, AttackTaxonomy, Traffic AnalysisLAB 2:Setting up VMWareSnort IntrusionDetection System.AA4Packet Crafting for IDS/IPSLAB 3: PacketCrafting for IDS/IPSAA5IDS- SNORTLAB 4: Running SnortRulesAA6Scanning and Sniffing Tools,Security Policies, Threatmodel and Risk AnalysisLAB 5: NMAPExperimentsAA7Wireless Networks: Attacksand MitigationLAB 6: Wireless NetSecurityAA8Malicious Software: bugs,viruses, worms, antivirustools, Security MonitoringToolsLAB 7: MalwareAnalysisAA9Network Forensics andMonitoring:Reconnaissance, Exploitand Post Exploit.LAB 8: NetworkForensic AnalysisAA10Network Forensics ScenarioAA11Assignment WorkshopAA12E-Learning: Wireless Networks-Literature ReviewAA CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 6Assessment 1 1. Module Code and Title:CT6034 Advanced Networking and Security2. Module Tutor:Hassan Chizari and Ali Al-Sherbaz.3. Tutor with Responsibilityfor this Assessment:Hassan Chizari. This is your first point of contact.4. Assignment:001: Written Coursework 1 (35%) : Research on the state-ofthe-art Ad hoc network routing or security algorithms. Youneed to choose a protocol with the advice of the tutor of themodule and work on that. In this document, you must includediscussing how you designed your simulation and explain theresults in relation to the study and research you did on theprotocols.Implementation (15%): NetLogo simulation of the researchedarea. You need to make sure that you use three elements ofcoding, UI and BehaviorSpace in the work.5. Submission Deadline:Friday 18th December 2020Your attention is drawn to the penalties for late submission;see Academic Regulations for Taught Provision.6. Arrangements forSubmission:MOODLE7. Date and Location forReturn of Work:Written feedback and a provisional mark should be within 20working days.8. Students withDisabilities:Alternative assessment arrangements may be made, whereappropriate, for disabled students. However, these will onlybe implemented upon the advice of the disability advisor.Disabled students wishing to be considered for alternativeassessment arrangements must give notification of thedisability (with evidence) to the Disability Advisor by thepublished deadlines. CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 7 9. University RegulationsforAssessment:All assessments are subject to the Academic Regulationsfor Taught Provision. These include regulations relating toerrors of attribution and assessment Offences. In exercisingtheir judgement, examiners may penalise any work if thestandard of English, numeracy or presentation adverselyaffects the quality of the work, or where the work submittedexceeds the published size or time limits, or where the workfails to follow normal academic conventions foracknowledging sources. CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 8Assessment 2 1. Module code and Title:CT6034 Advanced Networking and Security2. Module Tutors:Hassan Chizari and Ali Al-Sherbaz.3. Tutor with Responsibilityfor this Assessment:Ali Al-Sherbaz. This is your first point of contact.4. Assignment:002: 50% Coursework: Individual, standard written: 3,000 wordsor equivalent. You will be penalised according to the AcademicRegulations for Taught Provision if you exceed the size limit.5. Submission Deadline:14 May 2021, 3:00 PMYour attention is drawn to the penalties for late submission; seeAcademic Regulations for Taught Provision.6. Arrangements forSubmission:MOODLE7. Date and location forreturn of work:Written feedback and provisional mark will be within 20 workingdays.8. Students withDisabilities:Alternative assessment arrangements may be made, whereappropriate, for disabled students. However, these will only beimplemented upon the advice of the disability advisor. Disabledstudents wishing to be considered for alternative assessmentarrangements must give notification of the disability (withevidence) to the Disability Advisor by the published deadlines.9. University RegulationsforAssessment:All assessments are subject to the Academic Regulations forTaught Provision. These include regulations relating to errorsof attribution and assessment Offences. In exercising theirjudgement, examiners may penalise any work here thestandard of English, numeracy or presentation adverselyaffects the quality of the work, or where the work submittedexceeds the published size or time limits, or where the workfails to follow normal academic conventions for acknowledgingsources. CT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 910. The requirements for assessment 2:1) You need to select a dataset (or more) of PCAPS with the confirmation of themodule tutor for your assignment and analysis. You may use following resources,but you are free to choose from other sources as well.https://www.netresec.com/?page=pcapfileshttps://github.com/shramos/Awesome-Cybersecurity-Datasets2) Provide a schematic of how the attack has happened looking at differentlayers. Investigate what were the vulnerabilities which led to a successful attack.You need to provide evidences for your claims from the datasets and also youcan refer to literature to support your findings.3) Make sure you include your methodology of investigation with justification ofwhy you use these methods. Explain the rationale behind your choices ofmethods to analyse the dataset.4) Finally, provide discussion about your results and findings. You need to showyou understand how the attack happened and what could be done to prevent /mitigate the attack.Your assignment should follow this structure (3000 words):A) Introduction (a short literature review on the related topics and attacks,the selected dataset and selected methodology of investigation)B) Analysis (the actual process of analysis and numerical results, all thesteps which have been done in the process of analysing the dataset)C) Discussion (the explanation of the results, how to address thosevulnerabilities, or how the attack could be enhanced or be more efficient)D) ConclusionE) BibliographyF) Appendices (if you use any code, you need to include it here, alsoscreenshots of the tools that you used during analysis)11. Special instructionsN/ACT6034: Advanced Networking and Security© Hassan Chizari, University of Gloucestershire 1012. Assessments criteriaThe grade table on the following page is a guide to the level of practical contentrequired for the assignments. You need to achieve at least 40% to pass thisassessment.Assesses learning outcomes (1) (2) (3) and (6) GradeContentTo achieve
