Location:

University of Udine - Scientific Pole

General info:

The course is provided in blended e-learning mode using the Moodle platform of the University of Udine and the whole teaching material will be available on-line. Teaching methods include lectures, flipped classroom, classroom exercises, and laboratory activities. Class recordings (web lecture, lecture capture, lecture recording) are available through MS Teams (use the following code to join the Cybersecurity team: e8et5b8).

Objectives:

The course aims at providing students with the knowledge and methods to deal with the analysis, design, and implementation of secure systems in different application contexts. First, students learn the security fundamentals, such as security services and mechanisms, threats and vulnerabilities, attacks, defenses, security models, etc. Various mechanisms for the implementation of effective defense services will then be investigated, analysing both the theoretical and practical aspects and finally introducing some advanced topics in the field of information security. The course is accompanied by numerous practical examples and exercises as well as laboratory experiences and hands-on projects.

Examination methods:

The exam is distributed over two separate days and it comprises a written test and an oral test in addition to the development of a laboratory activity assigned during the course. The written examination is devoted to assessing both the student's knowledge and understanding of theory and methods related to the topics covered in the course, as well as the student's ability to apply this knowledge to solve real‐world problems. The oral interview plus the evaluation of the laboratory activity report will take place after passing the written test.

Course content:

• Security fundamentals
  basic concepts of information security: confidentiality, integrity, availability, authentication, non-repudiation, levels of impact; the OSI security architecture, security threats and security attacks, attack surfaces and attack trees, security services and mechanisms.
• Preliminaries and mathematical background
  introduction to number theory and cryptographic hardness assumptions; modular arithmetic, prime numbers, fundamental theorem of arithmetic, Fermat primes, Diophantine equations, Fermat's and Euler's theorems, testing for primality, the Chinese remainder theorem, discrete logarithm; algebraic structures, finite fields, polynomial arithmetic; concepts of linear algebra and linear algebra operations over a set of residues.
• Private-key cryptography
  basics of cryptography and cryptanalysis, Shannon's theory of perfect secrecy, Kerckhoffs's principle; symmetric encryption, substitution and transposition techniques, OTP, frequency analysis and Kasiski analysis; block ciphers, confusion and diffusion, avalanche effect, Feistel structure; DES and 3DES algorithms; AES algorithm; stream ciphers, RC4 algorithm; meet-in-the-middle attack, block cipher modes of operation; application examples.
• Public-key cryptography and hash functions
  asymmetric encryption, RSA public-key encryption algorithm, Diffie–Hellman key exchange protocol, cryptographic hash functions, security of hash functions, message authentication codes (MAC and HMAC), digital signatures and authentication protocols; key management and distribution (KDC and CA), X.509; application examples.
• Protocols and design principles for security in computer networks
  overview of computer networking; transport-level security: web security threats, Secure Sockets Layer (SSL) and Transport Layer Security (TSL), HTTPS, Secure Shell (SSH), Secure Eleccronic Transaction (SET); IP Security: VPN, IPsec architecture, encapsulating security payload and authentication header, IPSec services, security association, transport and tunnel modes; wireless LAN and wireless LAN security (IEEE 802.11i), WLAN security services and phases of operation.
• Network endpoint security
  content filtering and proxy servers: firewall characteristics and access policy, packet filtering firewall, stateful inspection firewall, application-level proxy, circuit-level proxy, DMZ, firewall location and configurations; intrusion detection systems: intruders, approaches to intrusion detection, host-based and network-based IDSs, honeypots.
• Malicious software
  types of malware (virus, worm, rootkit, backdoor, etc.), propagation, payload, malware defense and countermeasures; denial-of-service (DoS) attack, flooding attacks, distributed DoS (DDoS), types of flooding-based DDoS attacks, defenses against DoS attacks.
• Software security and vulnerabilities
  stack buffer overflows, defending against buffer overflows, handling program input, SQL injection, code injection and countermeasures; application examples.
• User authentication and biometric security
  password-based authentication, token-based authentication, biometric authentication, remote user authentication; introduction to biometrics, biometric systems classification, biometric system architecture and operating modes, multimodal biometrics; criteria for system performance evaluation, biometric systems vulnerabilities; practical application and biometric systems implementation.
• Laboratory activities
  virtualisation and virtual machines (VMs), virtual networking and operating systems (debian-based distro, freeBSD, and Kali linux), OSINT; security-oriented network configurations using pfSense; offensive security and implementation of attacks (e.g., host discovery, port scanning, IP spoofing, DNS cache snooping, keylogging, password cracking, network sniffing, DHCP starvation attack, MAC flooding, ARP poisoning, DNS poisoning, TCP/IP session hijacking, DoS/DDoS attacks, wireless hacking, etc.); penetration testing; capture the flag (CTF) challenge.

Books:

1. W. Stallings, "Cryptography and Network Security: Principles and Practices", 8th edition, Pearson, 2020
2. J.F. Kurose and K.W. Ross, "Computer networking: a top-down approach", 7th edition, Pearson, 2017
3. J.M. Kizza, "Guide to Computer Network Security", 4th edition, Springer, 2017
4. D. Palma and P.L. Montessoro, "Biometric-Based Human Recognition Systems: An Overview", in Recent Advances in Biometrics, IntechOpen, London, 2022

Note:

Trying attacks on real systems is against law and you might be prosecuted. Always do experiments with test hosts and users. I don't promote malicious practices and I will not be responsible for any illegal activities.