University of the West of Scotland | BEng (Hons) Cyber Security | 2025/26
Grade: A2 (80–89%) — First-class band | 20 Credits
Module: COMP10014 — Network Security
Supervisor: Dr. Santiago Matalonga Motta
This repository contains all completed lab work from the Network Security module at UWS. The labs cover a broad range of hands-on topics — from launching and detecting Layer-2 attacks to building encrypted tunnels and deploying AAA authentication infrastructure.
All work was conducted in an authorised academic VirtualBox lab environment running Ubuntu 20.04.4 across multiple VMs (Client, Server, Attacker, Router, Mirrored).
| Lab | Topic | Key Tools | Skills Demonstrated |
|---|---|---|---|
| ARP Poisoning & MITM | Layer-2 attack & detection | Ettercap, tcpdump, Arpwatch | ARP spoofing, MITM interception, traffic sniffing, attack detection |
| Intrusion Detection with Snort | Network IDS/IPS | Snort, iptables TEE | Custom rule writing, traffic mirroring, NIDS vs HIDS |
| Network Encapsulation & GRE Tunnelling | Tunnelling protocols | GRE, OpenVSwitch, Wireshark | Packet encapsulation analysis, Linux & OVS GRE tunnel config |
| OpenVPN Secure Tunnelling | VPN & PKI | OpenVPN 2.4.12, EasyRSA, OpenSSH | PKI setup, certificate management, encrypted tunnel config |
| RADIUS Network Authentication | AAA infrastructure | FreeRADIUS 3.0, radclient | RADIUS server config, user authentication, AVP, AAA model |
| Lab Environment Setup | Virtualisation infrastructure | VirtualBox, Ubuntu 20.04.4 | VM cloning, linked clones, network topology design |
| Category | Tools / Technologies |
|---|---|
| Attack & Exploitation | Ettercap 0.8.3, ARP Spoofing, MITM |
| Detection & Monitoring | Snort IDS, Arpwatch, tcpdump, Wireshark |
| Network Infrastructure | iptables, GRE tunnelling, OpenVSwitch |
| VPN & Cryptography | OpenVPN 2.4.12, EasyRSA, PKI, Diffie-Hellman, X.509 |
| Authentication | FreeRADIUS 3.0, RADIUS protocol (ports 1812/1813), radclient |
| Operating System | Ubuntu 20.04.4 LTS, Bash, systemctl, apt |
| Virtualisation | Oracle VirtualBox, Linked Clones, Promiscuous Mode |
The lab environment used a multi-VM virtualised network across three subnets:
10.0.1.0/24 — Client ↔ Router (enp0s3)
10.0.2.0/24 — Server ↔ Router (enp0s8)
10.0.3.0/24 — Mirrored VM ↔ Router (enp0s9)
VMs: Client · Server · Attacker · Router · Mirrored
All security testing and exploitation was conducted exclusively within an authorised academic VirtualBox environment. No real networks, systems, or third-party infrastructure were targeted at any point.
Related projects: SmartGuard — blockchain security dissertation (SIGiST 2026)