Systems and Enterprise Security - A.A. 2015-2016

Lecturer: Leonardo Querzoni
CFUs: 6
Lecture hours:
    1st semester:
    Monday 17:30-19:00, room A4
    Wednesday 15:45-19:00, room A3

Most of today's business are performed on the web or involve the usage of connected devices and systems. Criminal organizations, political groups and industrial competitors active on the web threaten on a daily basis the activities of thousands of companies, agencies and government bodies though cyber attacks. Facing such threats require both knowledge on the basic security tools that can be used to protect information and services, and on the organizational aspects that makes cybersecurity a manageable activity.

This course aims at providing students with a bottom-up approach to cybersecurity for complex systems and enterprises. In particular the lectures will focus on the following topics:

  • Introduction to cybersecurity
  • System Defense and Monitoring
    • Intrusion detection
    • Network segmentation
    • SIEMs
    • Intrusion tolerance
  • Security Modeling and testing
    • Threat models
    • Attack trees/graphs
    • Penetration testing
  • Incident management and information sharing
  • Risk Management and Security governance
    • Governance for security
    • Cybersecurity frameworks
Notes:
Lectures:

October 5th, 2015 - Introduction to cybersecurity
October 7th, 2015 - Introduction to cybersecurity (cont.)
October 12th, 2015 - Case study: Target | Intrusion detection
October 19th, 2015 - Intrusion detection
October 21st, 2015 - Intrusion detection | Port Scan Detection
October 26th, 2015 - Port Scan Detection | Case study: Honan's hack
October 28th, 2015 - DDoS detection | Network segmentation
November 4th, 2015 - SIEM | Intrusion tolerance
November 10th, 2015 - Intrusion tolerance
November 12th, 2015 - Intrusion tolerance
November 18th, 2015 - Threat modeling
November 23rd, 2015 - Threat modeling
November 25th, 2015 - Threat modeling (case studies)
November 30th, 2015 - Incident management
December 2nd, 2015 - Penetration testing
December 9th, 2015 - Governance for security and security frameworks
December 16th, 2015 - Governance for security and security frameworks (case study with Andrea Lambiase) | Course closing

Slides:

The password for accessing the following PDFs is "ses"

  1. Practical Info - pdf
  2. Introduction to cybersecurity - pdf
  3. Case study: Target - pdf
  4. Intrusion detection - pdf
  5. Port Scan Detection - pdf
  6. Case study: Honan's hack - pdf
  7. DDoS detection - pdf
  8. Network segmentation - pdf
  9. SIEM - pdf
  10. Intrusion tolerance - pdf
  11. Threat modeling - pdf
  12. Threat modeling example - pdf
  13. Incident management - pdf
  14. Penetration testing - pdf - VM
  15. Governance for security - pdf
  16. Approaching Cyber Risk Management Model (Andrea Lambiase) - pdf
Exams

Schedule

  • January 26th, 2016 - Room A3 at 10:00
  • February 18th, 2016 - Room A3 at 15:00
  • June 8th, 2016 - Room A3 at 15:00
  • July 19th, 2016 - Room A3 at 10:00
  • September 12th, 2016 - Room A3 at 10:00
  • November 8th, 2016 - Room A2 at 10:00

Students must book on INFOSTUD. Check the "Rules" below for further infos.

Exam rules
Rules
Report templates: Word - LaTeX

Useful links:

Introduction to modern attack techniques and strategies

Blogs

Databases

Intrusion Detection

Network segmentation

Threat modeling

Incident management

Penetration testing

Governance

Tools