Course syllabus
This course is offered by the department of Computer Science and Engineering.
Contact details
- Teachers and course examiner
- Professor Tomas Olovsson, examiner <tomas.olovsson@chalmers.se>
- Assistant professor Masoom Rabbani <mdmasoom.rabbani@chalmers.se>
- Assistant professor Muoi Tran <muoi@chalmers.se>
- Teaching assistants
- Syed Umer Bukhari <syedu@chalmers.se> Responsible for lab work
- Yasir Hussain <yasirhu@chalmers.se>
- Mateen Malik <mateenma@chalmers.se>
- Vaibhav Talari <talari@student.chalmers.se>
- Liu Yi <liuuo@student.chalmers.se>
For communication with the teaching assistants, please use Canvas.
For communication with teachers and in more urgent issues, please use email.
Course purpose
We begin the course by investigating weaknesses that have plagued networked systems for years. We then continue with countermeasures like firewalls and intrusion detection systems and dig into how security protocols such as SSL/TLS, SSH and IPsec work in detail and what makes them secure. The course covers the underlying principles and techniques for network and communication security and many practical examples of security problems and principles for countermeasures are given. The course also surveys cryptographic and other tools used to provide security and reviews how these tools are utilized in protocols and applications.
Knowledge about possible threats and countermeasures is important for network security specialists, application programmers and computer specialists who want to understand what level of security a system and an application can offer. By knowing where to find problems and what protection mechanisms exist, future systems can be designed to be much more secure and reliable than today.
Prerequisites
Prerequisites for this course are a good knowledge of communication principles and protocols. You must have taken at least one computer communication course covering TCP/IP to be able to follow this course. We also recommend that you prior to this course have taken the course Computer Security which shows how to think regarding security and discusses security issues in a wider perspective. Other relevant courses are Computer Networks and Cryptography, which will make some topics easier to understand.
Course design
The course consists of a series of lectures and lab sessions. The lab sessions focus on network scanning, building firewalls, configuration of an intrusion detection system and to analyze the SSL/TLS protocol.
Lecture Schedule
Lectures will be held:
- Tuesdays 13:15 - 15:00
- Thursdays 13:15 - 15:00
- Fridays 13:15 - 15:00
Not all these times will be used, please see the lecture schedule and TimeEdit for details. There may be some topic changes during the course so the contents of the lectures may be changed during the course.
Slides from the lectures will be available for download before the lecture, but please note that minor changes should be expected. The final version will be placed here shortly after each lecture, possibly with fixed typos and clarifications due to questions during lectures. If there are larger changes to the slides, this will be announced here.
LAB Schedule
The course has four mandatory lab sessions (assignments) where you work with scanning, firewalls, IDS systems and SSL/TLS. The labs must be done in groups of two (not one, not three). There are three Lab sessions allocated for each lab where TAs are present, and you need to participate in one such session for each lab to demonstrate your results. Most of the work can be done outside the lab using virtual machines on your own computers. More details about lab sessions, bookings and how to sign up for groups can be found in the Lab Introduction.
Course literature
The course consists of the following material:
- Slides from the lectures
- Text book including web chapters (see lecture plan for details)
- Mandatory reading material, presented under Modules
- Reading related to the labs
Text book:
William Stallings: Cryptography and Network Security, 8th edition: ISBN: 978-1-292-43748-4
The book is also available both in print and as an e-book at Chalmers Store:
https://www.chalmersstore.se/e-bocker/e-bok-cryptography-and-network-security-principles-and-practice-1.html
The book is to a large extent followed during the lectures, but some topics are missing or not deep enough so additional material is used in some lectures, see reading list below.
The 7th edition of the book is equally useful in the course, the contents is almost identical. The differences between the editions are listed here. The book also has a companion web page with student resources and useful links if you want to know more about a subject. There is an errata sheet for the book that you may want to check.
The first half of the book is about cryptography and may also be useful in the Cryptography course, and it is also useful as a reference to many of the cryptographic primitives we use in network security. It is possible to use the book Network Security Essentials (by William Stallings) which contains the same chapters but without the cryptography part. Although it is half the size, the price is almost the same which is the reason why we recommend the full book here.
Learning objectives
Learning objectives:
- Have a good understanding of how applications can communicate securely and what tools and protocols exist in order to offer different levels of security
- Have detailed knowledge and the ability to critically analyze and design secure networks, applications and systems
- Have a fundamental understanding of what makes systems vulnerable and be able to predict new attack methods before they become a reality
- Have enough knowledge to evaluate protocols and ability to draw conclusions about the level of security they can offer
- Understand what impact the selection of different protocols and security architectures can have to an application or a system
- Have an understanding of research work in the field by reading conference and research reports in related areas
Link to the syllabus on Studieportalen: Chalmers and GU
Examination
The examination will be in English, and the grades are 3, 4, and 5 (for GU G, VG) and the grade is based on the exam. To pass the course, all laboratory work must be approved by the TAs. All exams are digital and performed using a computer, see separate information about digital exams. GU-students can find more information here and Chalmers-students here.
Signing up for examination is mandatory to be allowed to take the exam. It is not possible for us to report exam results in Ladok if you have not signed up.
Examination dates are:
- Mon June 02, 2025 - 8:30-12:30
- Thu Aug 28, 2025 - 14:00-18:00
- Oct 2025
Course summary:
| Date | Details | Due |
|---|---|---|