The course "Advanced Network Security and Analysis" dives into the essential skills needed to protect and analyze complex network environments. This course covers advanced topics like anonymization techniques, mobile application security, and in-depth analysis of DNS, HTTP, SMTP, and TCP protocols. Learners will gain practical experience in recognizing vulnerabilities and analyzing network traffic to detect potential threats. Each module offers hands-on insights into industry-standard tools and techniques, equipping students to address real-world security challenges confidently.



Advanced Network Security and Analysis
This course is part of Information Assurance Analysis Specialization

Instructor: Jason Crossland
Access provided by Yale
Recommended experience
What you'll learn
- Understand anonymization methods, challenges, and legal considerations for ensuring data privacy in network traffic. 
- Recognize security threats in mobile applications, including risks from APIs and cloud-based services, and explore best practices for defense. 
- Analyze DNS, HTTP, and SMTP protocols to identify abnormal traffic patterns, enhancing the ability to detect potential cyber threats. 
- Capture and interpret TCP sessions to identify attack methods like sequence number spoofing and TCP scanning, using tools like TCPDump and Wireshark. 
Skills you'll gain
Details to know

Add to your LinkedIn profile
18 assignments
See how employees at top companies are mastering in-demand skills

Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate

There are 7 modules in this course
Throughout this course, we will explore key anonymization techniques and the associated challenges, including legal implications. You'll learn about various mechanisms for user anonymity, such as onion routing and DHTs, and uncover methods of deanonymization. We’ll also dive into cybersecurity threats, including ransomware and Bluetooth vulnerabilities, while discussing mobile application security in the context of BYOD policies. Finally, we'll cover DNS fundamentals, TCP/IP protocols, and hands-on analysis with tools like Wireshark.
What's included
1 video2 readings
In this module, we discuss techniques for anonymizing and deanonymizing network traffic data. Anonymization is the process of removing information that can be used to identify a user and may be done as a post-processing effort, or by using systems that hide the user’s identity during normal operations. Anonymity has been a major concern in network security for the past thirty years, with an especially active interest in the last decade with the rise and fall of Napster and other peer-to-peer applications.
What's included
4 videos4 readings3 assignments2 plugins
In this module, we will discuss and be introduced to various risks, threats, and attack vectors/surfaces for mobile platforms and devices. We will learn how DoS attacks on IEEE 802.11 protocols occur, gain a better understanding of WEP, WPA, and WPA2, and learn about the overall security issues surrounding mobile platforms. Students will discuss different pieces of legislation being considered to protect mobile application users & personal data privacy laws. Mobile application & cloud-based scanning tools, as well as OWASP mobile and application program interface vulnerabilities will be studied.
What's included
5 readings3 assignments4 plugins
In this module, we will discuss the use of DNS, one of the Internet’s most important protocols. DNS is the protocol that translates domain names into IP addresses, but more importantly in the modern internet, it is used to hide the multiplexing and geolocation mechanisms that are used to enhance internet performance. Due to its centrality to network traffic, DNS is one of the most hacked and modified protocols in active use, and the way that it is used both by legitimate and illegitimate uses is critical for understanding modern Internet security.
What's included
5 videos6 readings3 assignments
This module covers the evolution of the HTTP protocol and clarifies the distinctions between HTTP, HTML, and the web. It includes an overview of common log formats such as CLF and ELF, and practical configuration of Apache and IIS for log file generation. Students will delve into log collection and analysis tools, particularly Splunk, and learn about iframe exploitation, sandbox countermeasures against clickjacking, and frame-busting techniques along with HTTP headers rulesets.
What's included
5 videos5 readings3 assignments1 ungraded lab
This module explores the journey of digital messages from origin to destination, highlighting the functions of DNS, SMTP, and POP/IMAP. It covers the role of priority in DNS MX records, how spammers exploit SMTP, and the use of Network Time Protocol (NTP). Students will also delve into various filtering techniques and data analysis tools.
What's included
5 videos3 readings3 assignments
This module covers the fundamentals of TCP state transitions, including predicting state changes based on incoming packets. Students will explore the TCP sequence numbering mechanism, the role of MTU, Ethernet, and lower-level protocols, and understand TCP addressing and session concepts. The course includes practical experience capturing sessions with TCPDump, distinguishing between promiscuous and normal modes, and analyzing traffic using TCPDump or Wireshark. Additionally, students will study common TCP attacks such as sequence number spoofing, Christmas tree packets, and TCP scanning.
What's included
8 videos3 readings3 assignments1 ungraded lab
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor

Offered by
Why people choose Coursera for their career




Explore more from Information Technology
 - LearnQuest 
 - University of London 



