Select Academic Year:     2016/2017 2017/2018 2018/2019 2019/2020 2020/2021 2021/2022
Professor
GIORGIO GIACINTO (Tit.)
GIORGIO FUMERA
Period
Second Semester 
Teaching style
Convenzionale 
Lingua Insegnamento
INGLESE 



Informazioni aggiuntive

Course Curriculum CFU Length(h)
[70/91]  INTERNET ENGINEERING [91/00 - Ord. 2018]  INGEGNERIA DELLE TECNOLOGIE PER INTERNET 10 100
[70/90]  COMPUTER ENGINEERING, CYBERSECURITY AND ARTIFICIAL INTELLIGENCE [90/00 - Ord. 2018]  PERCORSO COMUNE 10 100

Objectives

The teaching unit in Cybersecurity Technologies and Risk Management aims at providing the students with the un updated view of the threat landscape, the vulnerabilities of each component of any information processing system, the attack techniques, and the related prevention, mitigation, and detection solutions based on risk analysis and management approaches. This teaching unit comprises standard lectures, as well as labs to expose students to the professional tools used by computer security professionals. In addition, the syllabus also includes an overview of international and national standards, regulations and best practices.
The learning outcomes of this teaching activity, expressed in terms of the Dublin Descriptors, are the following:

Knowledge and understanding.
After the completion of this teaching activity, the student should know and understand:
- the motivations behind computer attacks, current and future trends;
- cryptographic techniques for enforcing secrecy, authenticity and integrity for information storage and sharing;
- the vulnerabilities of Internet protocols, and the related best practices and tools to properly configure the communication devices, to filter and monitor the live traffic, and detect suspicious network events;
- the security and privacy mechanisms available at the operating system level;
- social engineering techniques, and open source intelligence approaches;
- the best practices for disaster recovery and business continuity;
- the methodologies for threat modeling to proactively assess the security of applications and systems;
- the quantitative and qualitative risk analysis and management approaches;
- the techniques and organizational approaches to reduce cyber risks;
- the certifications for computer security professionals, and for process and product development.
- elements of privacy protection techniques in microdata release

Applying knowledge and understanding
After the completion of this teaching activity, the student should be able to:
- use cryptographic functions and applications to encrypt files and network communications;
- use the tools for the analysis of network traffic;
- set up on operating system according to the security requirements of the operating environment;
- extract valuable information from open source information sources;
- model an application or system using the threat modeling methodology;
- estimate the cyber risk of a computer system or application, according to the environment in which it operates;
- select the most effective measures to reduce the cyber risk.

Making judgements
The student will be able to analyze the components of a computer system, including cyber-physical systems, to spot any vulnerability to cyber attacks, and propose the prevention and mitigation techniques that best fit the systems aims, and goals, from a risk-based viewpoint.

Communication skills
After the completion of this teaching activity, the student should be able to explain in an organic way the main vulnerabilities that might affect a given computer system (hardware, software, and network), by associating the related consequences, and proposing in a convincing way the prevention and mitigation techniques according to a risk-based approach.

Lifelong learning skills
The evolution of the computer security landscape, strictly related to the technological evolution, and the availability of new personal devices, requires lifelong learning skills to keep updated with the current trends, both in terms of the motivation behind attacks, and the most recent attack techniques. The students will thus be guided to analyse the most relevant information sources on the web.

Objectives

The teaching unit in Cybersecurity Technologies and Risk Management aims at providing the students with the un updated view of the threat landscape, the vulnerabilities of each component of any information processing system, the attack techniques, and the related prevention, mitigation, and detection solutions based on risk analysis and management approaches. This teaching unit comprises standard lectures, as well as labs to expose students to the professional tools used by computer security professionals. In addition, the syllabus also includes an overview of international and national standards, regulations and best practices.
The learning outcomes of this teaching activity, expressed in terms of the Dublin Descriptors, are the following:

Knowledge and understanding.
After the completion of this teaching activity, the student should know and understand:
- the motivations behind computer attacks, current and future trends;
- cryptographic techniques for enforcing secrecy, authenticity and integrity for information storage and sharing;
- the vulnerabilities of Internet protocols, and the related best practices and tools to properly configure the communication devices, to filter and monitor the live traffic, and detect suspicious network events;
- the security and privacy mechanisms available at the operating system level;
- social engineering techniques, and open source intelligence approaches;
- the best practices for disaster recovery and business continuity;
- the methodologies for threat modeling to proactively assess the security of applications and systems;
- the quantitative and qualitative risk analysis and management approaches;
- the techniques and organizational approaches to reduce cyber risks;
- the certifications for computer security professionals, and for process and product development.
- - elements of privacy protection techniques in microdata release

Applying knowledge and understanding
After the completion of this teaching activity, the student should be able to:
- use cryptographic functions and applications to encrypt files and network communications;
- use the tools for the analysis of network traffic;
- set up on operating system according to the security requirements of the operating environment;
- extract valuable information from open source information sources;
- model an application or system using the threat modeling methodology;
- estimate the cyber risk of a computer system or application, according to the environment in which it operates;
- select the most effective measures to reduce the cyber risk.

Making judgements
The student will be able to analyze the components of a computer system, including cyber-physical systems, to spot any vulnerability to cyber attacks, and propose the prevention and mitigation techniques that best fit the systems aims, and goals, from a risk-based viewpoint.

Communication skills
After the completion of this teaching activity, the student should be able to explain in an organic way the main vulnerabilities that might affect a given computer system (hardware, software, and network), by associating the related consequences, and proposing in a convincing way the prevention and mitigation techniques according to a risk-based approach.

Lifelong learning skills
The evolution of the computer security landscape, strictly related to the technological evolution, and the availability of new personal devices, requires lifelong learning skills to keep updated with the current trends, both in terms of the motivation behind attacks, and the most recent attack techniques. The students will thus be guided to analyse the most relevant information sources on the web.

Prerequisites

The student should have a deep knowledge of the organization of modern computer architectures, modern operating systems, programming languages, software engineering, Internet, and Databases.

Contents

The current cyber threat landscape: history and future trends (6h)
Cryptographic tools and applications (6h)
User authentication (6h)
Network Security (9h)
Software Vulnerabilities (4h)
Operating System and Virtualisation Security (5h)
Machine Learning tools for Cybersecurity (6h)
Social Engineering and Open Source Intelligence tools (6h)
Privacy (6h)
Risk analysis and risk management methodologies (18h)
Threat Modeling (12h)
Estimation of the cyber risk (6h)
Incident analysis and recovery (6h)
Certifications, standards and regulations (4h)

Teaching Methods

This teaching unit is organized with
- lectures
- for each topic, lab exercises with open-source professional tools used for security analysis and testing

The teaching material is available at the official web site of this teaching activity:

The teacher is available to answer questions either by email, or during the contact hours, or directly in class, during the lecture or during the break between consecutive teaching hours.

Teaching Methods

This teaching unit is organized with
- lectures
- for each topic, lab exercises with open-source professional tools used for security analysis and testing

The teaching material is available at the official web site of this teaching activity:

The teacher is available to answer questions either by email, or during the contact hours, or directly in class, during the lecture or during the break between consecutive teaching hours.

In the case the epidemiological situation will require the adoption of on-line lectures, they will be given through a streaming platform. Practical parts will be organised through interactive platforms.

Verification of learning

The exam is subdivided into two parts
- a test with 8 to 10 open-ended and closed-ended questions, each question on a different topic, that cover all the topics of the subject
- a project on one of the topics covered in this teaching activity.

The written test is evaluated with a score between 0 and 24. For each exercise/question in the test, a maximum score is assigned. The answer provided for each exercise/question is evaluated with a score from 0 to the max assigned score. The maximum score is assigned in the case of a correct answer, while a smaller score is assigned according to the severity of the errors. In particular, conceptual errors, and errors caused by lack of knowledge have a larger weight than errors due to misunderstandings or inaccuracies.

The maximum total score that will be assigned to the project is 8, and will take into account the correctness and completeness of the proposed solution.
The final mark will be computed as the sum of the scores assigned to the written test and to the practical exercises. The max total score will be equal to 32. Students attaining the final score equal to 32 will be assigned the '30 cum laude' mark.

If the epidemiological situation will prevent the possibility of having the written text, an oral exam will be organised with the same number of questions as the written test described above. The evaluation will be carried out according to the same criteria of the written test.

Verification of learning

The exam is subdivided into two parts
- a test with 8 to 10 open-ended and closed-ended questions, each question on a different topic, that cover all the topics of the subject
- a project on one of the topics covered in this teaching activity.

The written test is evaluated with a score between 0 and 24. For each exercise/question in the test, a maximum score is assigned. The answer provided for each exercise/question is evaluated with a score from 0 to the max assigned score. The maximum score is assigned in the case of a correct answer, while a smaller score is assigned according to the severity of the errors. In particular, conceptual errors, and errors caused by lack of knowledge have a larger weight than errors due to misunderstandings or inaccuracies.

The maximum total score that will be assigned to the project is 8, and will take into account the correctness and completeness of the proposed solution.
The final mark will be computed as the sum of the scores assigned to the written test and to the practical exercises. The max total score will be equal to 32. Students attaining the final score equal to 32 will be assigned the '30 cum laude' mark.

If the epidemiological situation will prevent the possibility of having the written text, an oral exam will be organised with the same number of questions as the written test described above. The evaluation will be carried out according to the same criteria of the written test.

Texts

MAIN TEXTS
Stallings, Brown, “Computer Security: Principles and Practice”, 4th Edition, Pearson, 2018

Pfleeger CP, Pfleeger SL, Margulies J, "Security in Computing", Prentice Hall, 2015

Tony Uceda Velez, Marco M. Morana, “Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis”, Wiley, 2015

OTHER TEXTS
Paul C. van Oorschot, Computer Security and the Internet, Springer, 2021
PDF files of each chapter available at https://people.scs.carleton.ca/%7Epaulv/toolsjewels.html

Andersson R., "Security Engineering 3/ed", WIley, 2020
the PDF of the 2/ed are available online http://www.cl.cam.ac.uk/~rja14/book.html

Texts

REFERENCE TEXTS
Stallings, Brown, “Computer Security: Principles and Practice”, 4th Edition, Pearson, 2018

Pfleeger CP, Pfleeger SL, Margulies J, "Security in Computing", Prentice Hall, 2015

Tony Uceda Velez, Marco M. Morana, “Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis”, Wiley, 2015

OTHER TEXTS
Paul C. van Oorschot, Computer Security and the Internet, Springer, 2021
PDF files of each chapter available at https://people.scs.carleton.ca/%7Epaulv/toolsjewels.html

Andersson R., "Security Engineering 3/ed", WIley, 2020
the PDF of the 2/ed are available online http://www.cl.cam.ac.uk/~rja14/book.html

More Information

The material is available at the following link
https://elearning.unica.it
where a copy of the slides used in the course as well as exercises, project, and other additional learning material is uploaded

More Information

The material of this subjects is available in the e-learning platform of the University of Cagliari:
https://elearning.unica.it
where a copy of the slides used in the course, exercises, projects, and other additional learning material is uploaded.

Questionnaire and social

Share on: