Introduction to Security and Network Forensics

Purchase book[New Web-based material] The content for the units is here:

  • 1. Introduction to Security - [Unit 1]
  • 2. Principles of IDS - [Unit 2]
  • 3. Principles of Encryption [Unit 3].
  • Additional: Principles of Software Encryption [Link]
  • 4. Principles of Authentication [Unit 4].
  • 5. Software Security [Unit 5].
  • 6. Network Security [Unit 6].
  • Additional: Principles of Wireless Security [Watch Lecture].
  • Additional: Principles of Digital Forensics [Link Pt1] [Link Pt2 - Network Forensics].
  • 7. Introduction to Risk [Unit 7].
  • 8. Threats [Unit 8]
  • 9. Network Forensics [Unit 9].
  • Additional: Live Forensics [Watch Lecture].
  • 10. Obfuscation and Data Hiding [Unit 10].
  • 11. Web Infrastructures [Unit 11].
  • 12. Cloud Computing [Unit 12].

The book includes labs to build a basic toolkit [here].

Bill's Home Page [here]

Podcasts

  • Podcast (iPhone/iPad): Part 1
  • Podcast (iPhone/iPad): Part 2

Associated software

Stand-alone lectures

Associated Labs

  • PDF. [.NET] Lab 1: Reading from network adaptor. Lab
  • PDF. [.NET] Lab 2: Data packet capture (filtering). Lab.
  • PDF. [.NET] Lab 3: Data packet capture (filters: IP, TCP, and so on). Lab.
  • PDF. [.NET] Lab 4: ARP Detection.
  • PDF. [.NET] Lab 5: Calling Snort. Lab.
  • PDF. [.NET] Lab 6: Using Snort to Detect Attacks. Lab.
  • PDF. [.NET] Lab 7: Private-key Encryption.
  • PDF. [.NET] Lab 8: Public-key Encryption.
  • PDF. [.NET] Lab 9: Log/Events.
  • PDF. [.NET] Lab 10: TCP Forensics.
  • PDF. [.NET] Lab 11: Binary Reader/File Signature Analysis.
  • PDF. [.NET] Lab 12: Role-based security.
  • PDF. Lab: PGP Encryption.

Sample Coursework (Network Forensics)

A company (MyComp) has had a security breach where it is alleged that there has been illegal file sharing on the corporate server. The company has managed to get a virtual image of the computer, which contains traces of evidence that could be used for the investigation. It is thus your objective to investigate the virtual image, and produce a fair and unbiased report on the finds. You will be provided with a DVD of the image. The trace is in virtual image, but can also be downloaded from:

http://www.soc.napier.ac.uk/~bill/cw_capture.rar

Test 1 Sample

  • Study areas: [Here].
  • Practice test: [Here].
  • Millionaire test: [Here]. Make a million (some of the questions might not appear in the right way - and will overflow the text boxes).