IA/0116/EN - CYBERSECURITY TECHNOLOGIES AND RISK MANAGEMENT
Academic Year 2019/2020
Free text for the University
GIORGIO GIACINTO (Tit.)
- Teaching style
- Lingua Insegnamento
|[70/91] INTERNET ENGINEERING||[91/00 - Ord. 2018] INGEGNERIA DELLE TECNOLOGIE PER INTERNET||10||100|
|[70/90] COMPUTER ENGINEERING, CYBERSECURITY AND ARTIFICIAL INTELLIGENCE||[90/00 - Ord. 2018] PERCORSO COMUNE||10||100|
The teaching unit in Cybersecurity Technologies and Risk Management aims at providing the students with the un updated view of the threat landscape, the vulnerabilities of each component of any information processing system, the attack techniques, and the related prevention, mitigation, and detection solutions based on risk analysis and management approaches. This teaching unit comprises standard lectures, as well as labs to expose students to the professional tools used by computer security professionals. In addition, the syllabus also includes an overview of international and national standards, regulations and best practices.
The learning outcomes of this teaching activity, expressed in terms of the Dublin Descriptors, are the following:
Knowledge and understanding.
After the completion of this teaching activity, the student should know and understand:
- the motivations behind computer attacks, current and future trends;
- cryptographic techniques for enforcing secrecy, authenticity and integrity for information storage and sharing;
- the vulnerabilities of Internet protocols, and the related best practices and tools to properly configure the communication devices, to filter and monitor the live traffic, and detect suspicious network events;
- the security and privacy mechanisms available at the operating system level;
- social engineering techniques, and open source intelligence approaches;
- the best practices for disaster recovery and business continuity;
- the methodologies for threat modeling to proactively assess the security of applications and systems;
- the quantitative and qualitative risk analysis and management approaches;
- the techniques and organizational approaches to reduce cyber risks;
- the certifications for computer security professionals, and for process and product development.
Applying knowledge and understanding
After the completion of this teaching activity, the student should be able to:
- use cryptographic functions and applications to encrypt files and network communications;
- use the tools for the analysis of network traffic;
- set up on operating system according to the security requirements of the operating environment;
- extract valuable information from open source information sources;
- model an application or system using the threat modeling methodology;
- estimate the cyber risk of a computer system or application, according to the environment in which it operates;
- select the most effective measures to reduce the cyber risk.
The student will be able to analyze the components of a computer system, including cyber-physical systems, to spot any vulnerability to cyber attacks, and propose the prevention and mitigation techniques that best fit the systems aims, and goals, from a risk-based viewpoint.
After the completion of this teaching activity, the student should be able to explain in an organic way the main vulnerabilities that might affect a given computer system (hardware, software, and network), by associating the related consequences, and proposing in a convincing way the prevention and mitigation techniques according to a risk-based approach.
Lifelong learning skills
The evolution of the computer security landscape, strictly related to the technological evolution, and the availability of new personal devices, requires lifelong learning skills to keep updated with the current trends, both in terms of the motivation behind attacks, and the most recent attack techniques. The students will thus be guided to analyse the most relevant information sources on the web.
The student should have a deep knowledge of the organization of modern computer architectures, modern operating systems, programming languages, software engineering, Internet, and Databases.
The current cyber threat landscape: history and future trends (6h)
Cryptographic tools and applications (6h)
User authentication (6h)
Network Security (9h)
Operating System Security (9h)
Machine Learning tools for Cybersecurity (6h)
Social Engineering and Open Source Intelligence tools (6h)
Risk analysis and risk management methodologies (18h)
Threat Modeling (12h)
Estimation of the cyber risk (6h)
Incident analysis and recovery (6h)
Certifications, standards and regulations (4h)
This teaching unit is organized with
- for each topic, lab exercises with open-source professional tools used for security analysis and testing
The teaching material is available at the official web site of this teaching activity:
The teacher is available to answer questions either by email, or during the contact hours, or directly in class, during the lecture or during the break between consecutive teaching hours.
Verification of learning
The exam is subdivided into two parts
- a test with a set of open-ended and closed-ended questions whose goal is to test the knowledge and understanding of the topics
- a project on one of the topics covered in this teaching activity.
The written test is evaluated with a score between 0 and 24. For each exercise/question in the test, a maximum score is assigned. The answer provided for each exercise/question is evaluated with a score from 0 to the max assigned score. The maximum score is assigned in the case of a correct answer, while a smaller score is assigned according to the severity of the errors. In particular, conceptual errors, and errors caused by lack of knowledge have a larger weight than errors due to misunderstandings or inaccuracies.
The maximum total score that will be assigned to the project is 8, and will take into account the correctness and completeness of the proposed solution.
The final mark will be computed as the sum of the scores assigned to the written test and to the practical exercises. The max total score will be equal to 32. Students attaining the final score equal to 32 will be assigned the '30 cum laude' mark.
Pfleeger CP, Pfleeger SL, Margulies J, "Security in Computing", Prentice Hall, 2015
Stallings, Brown, “Computer Security: Principles and Practice”, 4th Edition, Pearson, 2018
Tony Uceda Velez, Marco M. Morana, “Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis”, Wiley, 2015
Pfleeger & Pfleeger, Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach, 1/E, Prentice Hall, 2012
Andersson R., "Security Engineering", WIley, 2012
available online http://www.cl.cam.ac.uk/~rja14/book.html
The official website
contains a copy of the slides used in the course as well as additional learning material