Overview of the Course Contents

• Fundamentals of signal/data transmission, physical properties of transmission media
• Classification of computer networks, network topologies, ISO/OSI reference model
• The Internet Protocol family
• Communication protocols on the application layer: HTTP, SMTP, DNS, etc.
• Communication protocols on the transport layer: TCP, UDP, etc.
• Communication protocols at the network layer: IP, routing protocols, etc.
• Communication protocols on the data link layer: Ethernet, etc.
• Network and Data Security: Terminology and Basic Principles
• Cryptography: Principles and Applications
• The Data Science of Passwords and Other Secrets
• Firewalls, Intrusion Detection Systems, Attack Tracing
• Access Control (Models and Engineering)
• Web Security

Additionally, many sessions are accompanied by selected scientific articles as required reading, which students are expected to study independently.

Parts of the course are based on the following book:
Tanenbaum, Andrew S.; Feamster, Nick; Wetherall, David: Computer Networks, Sixth edition, Global edition, Pearson, 2021 (available in the WU library both physically and as an eBook). Various sections of this textbook are also required reading for the final test.
Access the book

Goals

Impart selected fundamental concepts in the fields of computer networks, data security, and network security.

Learning Outcomes

After completing this course, students will be able to:

• Understand principles and fundamental relationships in computer communication within networks.
• Comprehend and critically analyze basic design principles and technological decisions for computer networks.
• Characterize computer network architectures.
• Classify and evaluate computer networks and their infrastructures based on quality criteria.
• Identify similarities and differences in communication protocols across various layers.
• Critically reflect on and assess current technological and political developments in computer networking, such as the transition to IPv6.
• Understand, describe, and plan fundamental threats, security mechanisms, and measures for software-based systems.
• Independently study scientific articles and apply the learned content to address relevant questions.
• Recognize relationships between different security problems and security measures.
• Transfer security knowledge to situations not directly covered in the course (transfer knowledge).
• Understand and explain basic cryptographic concepts (e.g., secret-key cryptography, public-key cryptography, digital signatures, message authentication codes, public-key certificates, Diffie-Hellman key agreement) and protocols (e.g., Transport Layer Security protocol, IP security protocols) as well as their applications.
• Understand and explain the concept of "information entropy" and basic principles for selecting strong secrets (passwords, encryption keys).
• Understand and explain various attacks (e.g., brute-force attack, dictionary attack, lookup-table attack, hash-chain tables) and countermeasures (e.g., salting, CPU hardness, memory hardness).
• Understand and explain the principles of various types of firewalls (e.g., packet filters, proxies), intrusion detection systems (IDS), and approaches to "attack tracing."
• Understand and explain the similarities and differences between access control models (e.g., discretionary access control, mandatory access control, role-based access control, attribute-based access control).
• Understand and explain the concept of "entailment constraints" and the basic approach to policy engineering, particularly role engineering.
• Understand and explain various web-based attacks (e.g., cross-site scripting, clickjacking, injection flaws, phishing) and corresponding countermeasures.
• Understand and explain basic concepts and characteristics of misinformation and propaganda in social media.

This course also develops the following skills:

• Identifying potential threats to software systems.
• Assessing risks to software systems.
• Designing and evaluating basic security measures.
• Gaining a general understanding of security-related contexts.

Attendance in the in-person sessions is strongly recommended. Attendance is mandatory for the various assessments.

The course employs a combination of teaching and learning methods to ensure a comprehensive understanding of the material. In-class lectures provide the foundation by presenting key theoretical concepts and practical applications in computer networks, data security, and network security, supported by examples and case studies. Students will also engage in interactive discussions to foster critical thinking and clarify complex topics. Independent study is emphasized through required readings of selected scientific articles, enabling students to enhance their ability to acquire and apply knowledge autonomously. Unannounced quizzes during class sessions reinforce learning and assess understanding of key concepts, while a final exam comprehensively evaluates the entire course content, including the required readings. These methods are complemented by collaborative group activities and problem-solving tasks, where applicable, to develop teamwork and practical application skills.

The course is conducted as a continuous assessment course.

• Students who are enrolled in the course are automatically registered for the exam (i.e., no separate registration for assessments is required).
• Only participants who have completed at least one assessment will be graded.
• The final grade will be based on the following assessments:
  • Two unannounced short quizzes during the course sessions (20 points each).
  • Final exam (60 points).
  • The final exam will cover the entire course content, including the required readings.

To pass the course with a positive grade ("sufficient", 4), students must achieve at least 50% of the total possible points (further details will be provided during the course).

Please log in with your WU account to use all functionalities of read!t. For off-campus access to our licensed electronic resources, remember to activate your VPN connection connection. In case you encounter any technical problems or have questions regarding read!t, please feel free to contact the library at readinglists@wu.ac.at.