Advanced topics in security of complex systems - A.A. 2014-2015

Lecturer: Leonardo Querzoni 
CFUs: 3 

Lecture hours:     
2nd semester:     Friday 12:00-13:30, room A4.

The fundamental role digital information play today for modern companies creates new opportunities that cyber criminals, hacktivist groups and nation states have learned to exploit. Attackers are taking advantage of gaps in security created by complex and disparate technology with increased speed, easily outflanking perimeter security defences such as anti-virus software and intrusion detection systems. While cyber attacks represented in the past exotic stories that rarely reached wide audiences, in the recent years we started to see reports of high-impact attacks appear on newspaper front pages with an alarming frequency (see for example the Stuxnet malware or the attack to Sony's Playstation Network in 2011). Starting from well known techniques for security (public/secret key cryptography, digital signatures, standard authentication protocols, intrusion detection tools) this course aims at analyzing current threats and studying a set of advanced tools and techniques for enforcing security aspects in modern complex systems. The course will focus on the following topics:

  • Security in complex distributed systems (including distributed attacks to complex IT infrastructures, intrusion detection, distributed port scan detection)
  • Federated digital identity management
  • Economics of vulnerabilities.
  • An introduction to advanced persistent threats and malware behavioral analysis (*)

(*) The lectures on "advanced persistent threats and malware behavioral analysis" are supported by FireEye Inc. as part of an ongoing collaboration agreement between FireEye and the Research Center on Cyber Intelligence and Information Security of this university.

Notes:
Lectures:

February 27th, 2015 - Intro
March 6th, 2015 - Attack taxonomy
March 13th, 2015 - Structure of an IDS
March 20th, 2015 - Structure of an IDS
March 27th, 2015 - Port scanning techniques and countermeasures
April 10th, 2015 - Port scanning techniques and countermeasures
April 17th, 2015 - Digital identity federation
April 24th, 2015 - Digital identity federation
May 8th, 2015 - Economics of vulnerabilities
May 15th, 2015 - An introduction to advanced persistent threats and malware behavioral analysis
May 22nd, 2015 - An introduction to advanced persistent threats and malware behavioral analysis

Slides:

The password for accessing the following PDFs is "eds" Introduction
- 1 - 2 - 3 - 4 - 5 - FireEye seminar

Exam rules:

Instructions (Please read carefully and contact me for further information) Suggested topics Paper templates in LaTeX and Word.

Useful links:
  1. A. Lazarevic, V. Kumar and J. Srivastava, Intrusion Detection: a Survey. In V. Kumar et al. "Managing Cyber Threats: Issues, Approaches and Challenges", Springer, 2005.
  2. S. Staniford, J. A. Hoagland and J. M. McAlerney, Practical automated detection of stealthy portscans, Journal of Computer Security, 10, 105–136, 2002
  3. J. Jaeyeon, V. Paxson, A. W. Berger and H. Balakrishnan, Fast portscan detection using sequential hypothesis testing, Proceedings of the IEEE Symposium on Security and Privacy, 2004

Many of these papers are freely available. Those that require an active subscription can be downloaded from computers connected through the proxy installed at La Sapienza. Check the BIXY service (in italian), or contact me for further details.