Academic Year 2022/2023
Professors Alessandro Pellegrini and Angelo Tulumello give the course.
We will use Microsoft Teams to provide students with news and course material. You can join the Team by following this link.
Safe use of modern information systems requires that professionals in each area of information technology have a broad understanding of the potential critical issues in using systems over the entire stack: hardware, communication networks, operating systems, software applications, and data management. In this way, it is possible to recognise, at the design or implementation stages of an ICT system, what the possible dangers are and what countermeasures should be taken to raise the level of security.
Within the Network and Systems Defence course, the methodologies and techniques behind some of the vulnerabilities of the various hardware/software stack layers will illustrate defence techniques and methodologies to make systems more secure and resilient.
The course focuses on cybersecurity aspects of modern “Internet-based” systems, considering existing vulnerabilities, countermeasures, and real-world deployments (with live demonstrations). The approach of the course is bottom-up: we will consider modern complex systems from the hardware up to the user, highlighting how different vulnerabilities could be exploited and how these systems can be hardened at the software/configuration level.
At the end of the course, the students will have acquired knowledge of the internal functioning of modern (distributed) ICT systems, with a particular focus on the general methodologies and techniques that can be exploited to enhance their level of security.
Course and Exam Rules
There are two flavours of the final project: some students are attending a 6 CFU course, others a 9 CFU course. The exam will consist of:
- A written test (6 CFU, 9 CFU)
- A project & an oral discussion (9 CFU)
There will be fixed days for the oral discussions during the regular exam sessions. Oral examinations will take place on fixed dates during the regular examination sessions. You must hand in your projects at least one week before the discussion. Handing in will take place via Teams.
The written and oral tests may take place in different examination sessions. However, both tests must be taken during the same academic year.
Awais Rashid, Howard Chiversi, Emil Lupu, Andrew Martin, Steve Schneider CyBOK: The Cyber Security Body of Knowledge, v1.1.0 The National Cyber Security Centre 2021
Course Topics (tentative)
- Security Frameworks
- Access Networks and Perimeter Security
- Core Networks
- End-to-end Security
- Hardware and Operating Systems Security
- Virtualisation and Cloud Security
- Database Security
The teaching material will be published on the dedicated Teams channel during the lectures.