Workshop in Information Security:
Building a Firewall within the Linux Kernel
0368-3500-40, Spring 2014
Lecturer: Eran Tromer
Teaching assistant: Coby Schmidt
Advisors: Assaf Harel, Ariel Haviv
Time: Tuesday 10:00-12:00
Place: Shenkar-Physics 105
Course overview
Firewalls control and monitor access to networks, and are found in every organization and personal computer. Emerging as an Israeli innovation two decades ago, modern firewalls perform sophisticated packet analysis tasks at a very high throughput.
In this workshop we will study the basic design of firewalls, and recreate the basic firewall functionality using just elementary building blocks of the GNU/Linux operating system. We will extend the Linux kernel with packet analysis capabilities, interface it with userspace programs, and experiment with using this firewall for blocking real-world attacks.
Additional projects, beyond firewalls, may be available for students with prior knowledge in cryptography, information security, or embedded-system programming. For details, please contact the lecturer and explain your background.
The workshop's goals:
This workshop is offered in cooperation with industry experts from Check Point, offering a unique exposure to industry's capabilities and needs, and an opportunity for a real-world impact.
The workshop projects will be done in teams of up to 2 students. The assignments will be interesting and cool, but expect intensive and challenging work, and lots of self-learning. The projects will be completed and reported by the end of the semester, and there will be milestones and evaluations to ensure progress during the semester. Students will be expected to read and learn on their own any concepts and systems that are unfamiliar and needed in order to carry out the project successfully.
See also the lectures and instruction in last year's course, Workshop in Information Security: Building a Firewall within the Linux Kernel 2013.
Prerequisites:
Recommended: