This course provides a comprehensive overview of network security, beginning with the foundational principles of communication protocols and their analysis. We will explore classic attacks and corresponding protection methods across various network layers, including layer 2, layer 3 (e.g., (D)DoS, dynamic routing attacks), the transport layer (e.g., connection hijacking, port scanning), and application layers (e.g., web and e-mail security). This initial part covers the fundamentals of malware communication.

Building on these basics, the course explores advanced topics. These include kernel-level protection of protocol stacks, the crucial human aspects of network security (e.g., usable security studies on PGP and Tor), and modern security architectures like Zero Trust and SDN security. Further topics include metrics for measuring network security, the detection of data exfiltration, the functionality of network side channels, and current events in online cybercrime.

Upon successful completion of this module, students will be able to categorise typical security risks within the network security domain. They will have the ability to analyse and measure the network security of IT systems and to explain and implement effective protection mechanisms. Furthermore, students will be able to explain the human aspects of network security and will be equipped to understand and prevent selected advanced attack techniques.