Johns Hopkins University
Advanced Network Security and Analysis
Johns Hopkins University

Advanced Network Security and Analysis

Jason Crossland

Instructor: Jason Crossland

Access provided by Merck

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

5 weeks to complete
at 10 hours a week
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

5 weeks to complete
at 10 hours a week
Flexible schedule
Learn at your own pace

What you'll learn

  • Understand anonymization methods, challenges, and legal considerations for ensuring data privacy in network traffic.

  • Recognize security threats in mobile applications, including risks from APIs and cloud-based services, and explore best practices for defense.

  • Analyze DNS, HTTP, and SMTP protocols to identify abnormal traffic patterns, enhancing the ability to detect potential cyber threats.

  • Capture and interpret TCP sessions to identify attack methods like sequence number spoofing and TCP scanning, using tools like TCPDump and Wireshark.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

18 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the Information Assurance Analysis Specialization
When you enroll in this course, you'll also be enrolled in this Specialization.
  • Learn new concepts from industry experts
  • Gain a foundational understanding of a subject or tool
  • Develop job-relevant skills with hands-on projects
  • Earn a shareable career certificate

There are 7 modules in this course

Throughout this course, we will explore key anonymization techniques and the associated challenges, including legal implications. You'll learn about various mechanisms for user anonymity, such as onion routing and DHTs, and uncover methods of deanonymization. We’ll also dive into cybersecurity threats, including ransomware and Bluetooth vulnerabilities, while discussing mobile application security in the context of BYOD policies. Finally, we'll cover DNS fundamentals, TCP/IP protocols, and hands-on analysis with tools like Wireshark.

What's included

1 video2 readings

In this module, we discuss techniques for anonymizing and deanonymizing network traffic data. Anonymization is the process of removing information that can be used to identify a user and may be done as a post-processing effort, or by using systems that hide the user’s identity during normal operations. Anonymity has been a major concern in network security for the past thirty years, with an especially active interest in the last decade with the rise and fall of Napster and other peer-to-peer applications.

What's included

4 videos4 readings3 assignments2 plugins

In this module, we will discuss and be introduced to various risks, threats, and attack vectors/surfaces for mobile platforms and devices. We will learn how DoS attacks on IEEE 802.11 protocols occur, gain a better understanding of WEP, WPA, and WPA2, and learn about the overall security issues surrounding mobile platforms. Students will discuss different pieces of legislation being considered to protect mobile application users & personal data privacy laws. Mobile application & cloud-based scanning tools, as well as OWASP mobile and application program interface vulnerabilities will be studied.

What's included

5 readings3 assignments4 plugins

In this module, we will discuss the use of DNS, one of the Internet’s most important protocols. DNS is the protocol that translates domain names into IP addresses, but more importantly in the modern internet, it is used to hide the multiplexing and geolocation mechanisms that are used to enhance internet performance. Due to its centrality to network traffic, DNS is one of the most hacked and modified protocols in active use, and the way that it is used both by legitimate and illegitimate uses is critical for understanding modern Internet security.

What's included

5 videos6 readings3 assignments

This module covers the evolution of the HTTP protocol and clarifies the distinctions between HTTP, HTML, and the web. It includes an overview of common log formats such as CLF and ELF, and practical configuration of Apache and IIS for log file generation. Students will delve into log collection and analysis tools, particularly Splunk, and learn about iframe exploitation, sandbox countermeasures against clickjacking, and frame-busting techniques along with HTTP headers rulesets.

What's included

5 videos5 readings3 assignments1 ungraded lab

This module explores the journey of digital messages from origin to destination, highlighting the functions of DNS, SMTP, and POP/IMAP. It covers the role of priority in DNS MX records, how spammers exploit SMTP, and the use of Network Time Protocol (NTP). Students will also delve into various filtering techniques and data analysis tools.

What's included

5 videos3 readings3 assignments

This module covers the fundamentals of TCP state transitions, including predicting state changes based on incoming packets. Students will explore the TCP sequence numbering mechanism, the role of MTU, Ethernet, and lower-level protocols, and understand TCP addressing and session concepts. The course includes practical experience capturing sessions with TCPDump, distinguishing between promiscuous and normal modes, and analyzing traffic using TCPDump or Wireshark. Additionally, students will study common TCP attacks such as sequence number spoofing, Christmas tree packets, and TCP scanning.

What's included

8 videos3 readings3 assignments1 ungraded lab

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructor

Jason Crossland
Johns Hopkins University
9 Courses4,738 learners

Offered by

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Explore more from Information Technology