Academic Year 2021/2022 - 3° Year - Curriculum Sistemi e Applicazioni
Teaching Staff: Giampaolo BELLA and Claudia CAVALLARO
Credit Value: 9
Scientific field: INF/01 - Informatics
Taught classes: 36 hours
Exercise: 36 hours
Term / Semester:

Learning Objectives

  1. Knowledge and understanding. Students will get to grips with the security issues affecting the Internet today, as well as of methods and tools to thwart such issues.
  2. Applying knowledge and understanding. Students will complete their fundamental security knowledge with the practical applications of the tools to establish security, for example through the setup, both at hardware and software level, of a portable laboratory consisting of laptops and hubs.
  3. Making judgements. Students will become expert players of the "security game", namely the game of finding attacks to a system that would have to be secure, and then devising appropriate ways to patch the attacks found.
  4. Communication skills. Students will familiarise with the typical cyber security terms, building their capacity to conjugate the general "security" word as appropriate depending on context.
  5. Learning skills. Students will get the critical attitude and competences to tackle and solve the security problems are they arise in various forms.

Course Structure

Upfront teaching is enriched with practical mini-challenges, which are not compulsory. More precisely, students receive a small project during a class, which they can then develop at home and are called to reproduce during the subsequent class on a small, portable set of appliances that the lecturer brings to class every time. Taking a mni-challenge and succeed will grant the students a bonus towards the final mark.

Towards the end of the teaching term, students receive an individual, compulsory project that they should complete before the final exam, which is a traditional oral interview.

Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus. Learning assessment may also be carried out on line, should the conditions require it.

Detailed Course Content

1. Real examples and false myths
2. Properties, attacks and attackers
3. Introduction to cryptography
4. Classical security protocols
5. Authentication
6. Security and privacy policies
7. Malware
8. Intrusions
9. Internet security protocols
10. Firewalls

1. Violating root permissions
2. Securing a file space
3. Networking
4. Password sniffing
5. Traffic analysis
6. Intrusion detection
7. Malware experimenting
8. Firewalling
9. SQL injection
10. Cross-site scripting

Textbook Information

  • William Stallings: Network security essentials.
  • Bruce Schneier: Secrets and lies.