Advanced topics in security of complex systems - A.A. 2012-2013

Lecturer: Leonardo Querzoni 
CFUs: 3 

Lecture hours:     
2nd semester:     Friday 12:00-13:30, room A2. 

The fundamental role digital information play today for modern companies creates new opportunities that cyber criminals, hacktivist groups and nation states have learned to exploit. Attackers are taking advantage of gaps in security created by complex and disparate technology with increased speed, easily outflanking perimeter security defences such as anti-virus software and intrusion detection systems. While cyber attacks represented in the past esotic stories that rarely reached wide audiences, in the recent years we are started to see reports of high-impact attacks appear on newspaper front pages with an alarming frequency (see for example the Stuxnet malware or the attack to Sony's Playstation Network in 2011). Starting from well known techniques for security (public/secret key cryptography, digital signatures, standard authentication protocols, intrusion detection tools) this course aims at analyzing current threats and studying a set of advanced tools and techniques for enforcing security aspects in modern complex systems. The course will focus on the following topics:

  • Security in complex distributed systems (including distributed attacks to complex IT infrastructures, intrusion detection, distributed port scan detection)
  • Federated digital identity management
  • Economics of vulnerabilities.
  • Introduction to digital forensics.
Notes:

Mon 13/5/2013: The lecture of Friday 17th is cancelled (check open.diag.uniroma1.it ). Next lecture will take place on Friday 24-5-2013.

Mon 13/5/2013: The set of slide on digital identity federation has been updated.

Tue 24/4/2013: The lecture of Friday 26th is cancelled. Next lecture will take place on Friday 3-5-2013.

Lectures:

March 15th, 2013 - Intro
March 22nd, 2013 - Attack taxonomy, structure of an IDS.
April 5th, 2013 - Structure of an IDS.
April 12th, 2013 - Port scanning techniques and countermeasures
May 23rd - Port scanning techniques and countermeasures
May 3rd - Digital identity federation
May 10th - Digital identity federation; Introduction to digital forensics
May 24th - Introduction to digital forensics
May 31st - Economics of vulnerabilities

Slides:

The password for accessing the following PDFs is "eds" Introduction - 1 - 2 - 3 - 4 - 5 - 6

Exam rules:

Instructions (Please read carefully and contact me for further information) Suggested topics Paper templates in LaTeX and Word.

Useful links:
  1. A. Lazarevic, V. Kumar and J. Srivastava, Intrusion Detection: a Survey. In V. Kumar et al. "Managing Cyber Threats: Issues, Approaches and Challenges", Springer, 2005.
  2. S. Staniford, J. A. Hoagland and J. M. McAlerney, Practical automated detection of stealthy portscans, Journal of Computer Security, 10, 105–136, 2002
  3. J. Jaeyeon, V. Paxson, A. W. Berger and H. Balakrishnan, Fast portscan detection using sequential hypothesis testing, Proceedings of the IEEE Symposium on Security and Privacy, 2004

Many of these papers are freely available. Those that require an active subscription can be downloaded from computers connected through the proxy installed at La Sapienza. Check the BIXY service (in italian), or contact me for further details.