Network Security.

Cover Page -- Half-Title Page -- Title Page -- Copyright Page -- Contents -- Preface -- Abbreviations -- 1: Introduction to Cryptography -- 1.1. The encryption function -- 1.1.1. 3DES algorithm -- 1.1.2. AES algorithm -- 1.1.3. RSA algorithm -- 1.1.4. ECC algorithm -- 1.2. Hash function -- 1.2.1. MD5 algorithm -- 1.2.2. SHA algorithm -- 1.2.2.1. SHA-1 algorithm -- 1.2.2.2. SHA-2 algorithm -- 1.2.3. HMAC mechanism -- 1.3. Key exchange -- 1.3.1. Secret-key generation -- 1.3.2. Public key distribution -- 2: 802.1x Mechanism -- 2.1. General introduction -- 2.2. EAPOL protocol -- 2.2.1. EAPOL-Start message -- 2.2.2. EAPOL-Logoff message -- 2.2.3. EAPOL-Key message -- 2.2.4. EAPOL-Encapsulated-ASF-Alert message -- 2.2.5. EAPOL-MKA message -- 2.2.6. EAPOL-Announcement message -- 2.2.7. EAPOL-Announcement-Req message -- 2.3. EAP protocol -- 2.3.1. EAP-Method Identity -- 2.3.2. EAP-Method Notification -- 2.3.3. EAP-Method NAK -- 2.4. RADIUS protocol -- 2.4.1. RADIUS messages -- 2.4.1.1. Access-Request message -- 2.4.1.2. Access-Challenge message -- 2.4.1.3. Access-Accept message -- 2.4.1.4. Access-Reject message -- 2.4.2. RADIUS attributes -- 2.4.2.1. EAP-Message attribute -- 2.4.2.2. Message-Authenticator attribute -- 2.4.2.3. Password-Retry attribute -- 2.4.2.4. User-Name attribute -- 2.4.2.5. User-Password attribute -- 2.4.2.6. NAS-IP-Address attribute -- 2.4.2.7. NAS-Port attribute -- 2.4.2.8. Service-Type attribute -- 2.4.2.9. Vendor-Specific attribute -- 2.4.2.10. Session-Timeout attribute -- 2.4.2.11. Idle-Timeout attribute -- 2.4.2.12. Termination-Action attribute -- 2.5. Authentication procedures -- 2.5.1. EAP-MD5 procedure -- 2.5.2. EAP-TLS procedure -- 2.5.3. EAP-TTLS procedure -- 3: WPA Mechanisms -- 3.1. Introduction to Wi-Fi technology -- 3.2. Security mechanisms -- 3.3. Security policies -- 3.4. Key management -- 3.4.1. Key hierarchy.

3.4.2. EAPOL-key messages -- 3.4.3. Four-way handshake procedure -- 3.4.4. Group key handshake procedure -- 3.5. WEP protocol -- 3.6. TKIP protocol -- 3.7. CCMP protocol -- 4: IPSec Mechanism -- 4.1. Review of IP protocols -- 4.1.1. IPv4 protocol -- 4.1.2. IPv6 protocol -- 4.2. IPSec architecture -- 4.2.1. Security headers -- 4.2.1.1. AH extension -- 4.2.1.2. ESP extension -- 4.2.1.3. Modes -- 4.2.2. Security association -- 4.2.3. PMTU processing -- 4.3. IKEv2 protocol -- 4.3.1. Message header -- 4.3.2. Blocks -- 4.3.2.1. SA block -- 4.3.2.2. KE block -- 4.3.2.3. IDi and IDr blocks -- 4.3.2.4. CERT block -- 4.3.2.5. CERTREQ block -- 4.3.2.6. The AUTH block -- 4.3.2.7. Ni and Nr blocks -- 4.3.2.8. N block -- 4.3.2.9. D block -- 4.3.2.10. V block -- 4.3.2.11. TS block -- 4.3.2.12. SK block -- 4.3.2.13. CP block -- 4.3.2.14. EAP block -- 4.3.3. Procedure -- 4.3.3.1. IKE_SA_INIT exchange -- 4.3.3.2. IKE_AUTH exchange -- 4.3.3.3. CREATE_CHILD_SA exchange -- 5: SSL, TLS and DTLS Protocols -- 5.1. Introduction -- 5.2. SSL/TLS protocols -- 5.2.1. Record header -- 5.2.2. Change_cipher_spec message -- 5.2.3. Alert message -- 5.2.4. Handshake messages -- 5.2.4.1. Hello_request message -- 5.2.4.2. Client_hello message -- 5.2.4.3. Hello_server message -- 5.2.4.4. Certificate message -- 5.2.4.5. Server_key_exchange message -- 5.2.4.6. Certificate_request message -- 5.2.4.7. Server_hello_done message -- 5.2.4.8. Client_key_exchange message -- 5.2.4.9. Certificate_verify message -- 5.2.4.10. Finished message -- 5.2.5. Cryptographic information -- 5.2.5.1. Key generation -- 5.2.5.2. Integrity checking -- 5.3. DTLS protocol -- 5.3.1. Adaptation to UDP transport -- 5.3.1.1. Record header -- 5.3.1.2. Handshake messages -- 5.3.2. Adaptation to DCCP transport -- 5.3.3. Adaption to SCTP transport -- 5.3.4. Adaption to SRTP transport -- 6: Network Management.

6.1. SNMPv3 management -- 6.1.1. Introduction -- 6.1.2. SNMPv3 architecture -- 6.1.2.1. SNMPv3 applications -- 6.1.2.2. SNMPv3 engine -- 6.1.2.2.1. USM module -- 6.1.2.2.2. VACM module -- 6.1.2.3. Operation procedures -- 6.1.3. SNMPv3 message structure -- 6.2. SSH protocol -- 6.2.1. SSH-TRANS protocol -- 6.2.2. SSH-USERAUTH protocol -- 6.2.3. SSH-CONNECT protocol -- 7: MPLS Technology -- 7.1. MPLS overview -- 7.1.1. Network architecture -- 7.1.2. LSR router tables -- 7.1.3. PHP function -- 7.1.4. MPLS header format -- 7.1.5. DiffServ support -- 7.2. LDP protocol -- 7.2.1. Principles of functioning -- 7.2.2. LDP PDU format -- 7.2.3. LDP messages -- 7.3. VPN construction -- 7.3.1. Network architecture -- 7.3.2. Differentiation of routes -- 7.3.3. Route target -- 7.3.4. Principles of operation -- 7.3.4.1. Operation of control plane -- 7.3.4.2. Operation of traffic plane -- 7.4. Network interconnection -- 7.4.1. Hierarchical mode -- 7.4.2. Recursive mode -- 8: Ethernet VPN -- 8.1. Ethernet technology -- 8.1.1. Physical layer -- 8.1.2. MAC layer -- 8.1.3. VLAN isolation -- 8.2. PBT technology -- 8.3. VPLS technology -- 8.3.1. Network architecture -- 8.3.2. EoMPLS header -- 8.3.3. LDP -- 8.3.3.1. FEC parameter -- 8.3.3.2. PW status parameter -- 8.4. L2TPv3 technology -- 8.4.1. Data message -- 8.4.2. Control messages -- 8.4.3. Procedures -- 8.4.3.1. Connection management -- 8.4.3.2. Session management -- 9: Firewalls -- 9.1. Technologies -- 9.1.1. Packet filter -- 9.1.2. Applicative gateway -- 9.1.3. NAT/NAPT device -- 9.2. NAT/NAPT device crossing -- 9.2.1. ICMP protocol -- 9.2.2. IPSec mechanism -- 9.2.3. SIP, SDP and RTP protocols -- 9.2.3.1. STUN protocol -- 9.2.3.2. TURN protocol -- 9.2.3.3. ICE mechanism -- 9.2.4. FTP protocol -- 9.2.5. Fragmentation -- 10: Intrusion Detection -- 10.1. Typology of attacks -- 10.2. Methods of detection.

10.2.1. Signature-based detection -- 10.2.2. Anomaly-based detection -- 10.2.3. Protocol analysis -- 10.3. Technologies -- 10.3.1. N-IDPS device -- 10.3.2. WIDPS device -- 10.3.3. H-IDPS device -- 10.3.4. NBA device -- Bibliography -- Index.

Description based on publisher supplied metadata and other sources.

Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.