About this course
Threats and attacks are like living organisms: some survive unaltered, mostly hidden from view, but remain deadly when conditions are “just right” ; others emerge quickly, wreck havoc, then become extinct — and yet others keep evolving, both in terms of their propagation methods and their impact.
A network professional can therefore not be limited to just static application of risk assessment methodology, nor to mechanical application intrusion detection and forensics tools — and must, by nature, not simply be “following a cookbook”, but must also have a complete understanding of the whole processes, technologies, and theories involved in attacks.
This program in network security is therefore not just limited to a theoretical understanding the state of the art of security standards, threats, and techniques— but tries to bring a broad systems-understanding, to be able to be proactive and identify potential attack surfaces of a system, before an attack exists, and the necessary background to be able to rapidly analyse and understand the root nature of a new attackon a system.
To this end, the program alternates theoretical lectures and hands-on exercises, with seminars and “war-stories”,with 4h practice sessions during which we will be building a first-hand experience with how vulnerable real-world Internet-connected systems are — as well as with how “white-hat”IT professional constructs (more) secured computer networks.
Structure: To this end, the program alternates theoretical lectures, seminars, and “war-stories”,with 4h practice sessions during which we will be building a first-hand experience with how vulnerable real-world Internet-connected systems are — as well as with how “white-hat” IT professional constructs (more) secured computer networks.
Requirements: A good dose of curiosity is required. As we will be studying some advanced topics in computer networking, INF557 "From the Internet to the IoT: The Fundamentals Of Modern Computer Networking" is recommended.
Evaluation mechanism: Active participation during weekly TD sessions, worth 50% of the final grade, and a final exam QCM worth the other 50% of the grade.
Language: English (with, at least, bilingual teaching staff)
Learning outcomes
The objectives of this program is to allow students to:
-
Not just to understand “This is an attack, and here is how to detect it”, but also to understand “What architectural choices have made this attack even possible?”. This, so as to ensure that graduates can:
-
Go beyond just mechanically replicating recipes from a catalogue for “evaluation-detection-countermeasures”
-
When developing a system, make appropriate, security-informed, architectural choices
-
Distinguish between “science-facts”and “science-fiction”, when listening to security solution vendors, reading popular press, etc.
-
Understand, analyse, and exercise critical appreciation of, the panorama of current known techniques for:
-
Risk Evaluation
-
Systems and Network Protection
-
Intrusion Detection
-
Forensics and Recovery
-
Practice setting up secure networks, including the usage of techniques such as VLANs, VPNs, DMZs, IDSes (Snort, Suricata), Firewalls, etc.
Examination
Form: Final exam, weekly quizzes, graded assignments
Location/format: online
Re-sit possibility: yes
Transcript available: end of academic year
Add. info/requirements: 10 weeks after the beginning of the course. Internet access & a computer is required.
Resources
Activities
The course will be available asynchronously, fully on-line, or on- side, through learning flows with short videos, quizzes, homework, lab exercises / tutorials — as well as office-hours via Webex with professors and instructors. While being asynchronous
Additional information
- More infoCoursepage on website of École Polytechnique
- Contact a coordinator
- CreditsECTS 5
- LevelMaster
- InstructorsThomas Clausen
- Mode of instructionOnline - time-independent
Offering(s)
Start date
6 January 2025
- Ends11 March 2025
- Term *unknown
- Instruction language
Enrolment period closed