Systems and Enterprise Security - A.A. 2016-2017

Lecturer: Leonardo Querzoni
CFUs: 6
Lecture hours:
    1st semester:
    Monday 15:45-19:00, room A4
    Wednesday 17:30-19:00, room A6

Most of today's business are performed on the web or involve the usage of connected devices and systems. Criminal organizations, political groups and industrial competitors active on the web threaten on a daily basis the activities of thousands of companies, agencies and government bodies though cyber attacks. Facing such threats require both knowledge on the basic security tools that can be used to protect information and services, and on the organizational aspects that makes cybersecurity a manageable activity. This course aims at providing students with a bottom-up approach to cybersecurity for complex systems and enterprises.

Syllabus
  • Introduction to cybersecurity
  • System Defense and Monitoring
    • Intrusion detection
    • Network segmentation
    • SIEMs
    • Intrusion tolerance
  • Security Modeling and testing
    • Threat models
    • Penetration testing
    • Malware Analysis
  • Risk Management and Security governance
    • Governance for security
    • Cybersecurity frameworks
Notes

Last lecture on December 14th.

Lectures

September 26th, 2016 - Course introduction
October 3rd, 2016 - Introduction to cybersecurity
October 5th, 2016 - Introduction to cybersecurity (cont.)
October 10th, 2016 - Introduction to cybersecurity (cont.)
October 12th, 2016 - Case study: Target
October 17th, 2016 - Intrusion detection
October 19th, 2016 - Intrusion detection (cont.)
October 24th, 2016 - Port Scan Detection
October 26th, 2016 - Case studies: Honan's hack | Chrome hack
November 7th, 2016 - Network segmentation | SIEM
November 9th, 2016 - Intrusion tolerance
November 14th, 2016 - Intrusion tolerance
November 16th, 2016 - Intrusion tolerance
November 21st, 2016 - Threat modeling
November 23rd, 2016 - Threat modeling
November 28th, 2016 - Malware analysis
November 30th, 2016 - Malware analysis
December 5th, 2016 - Seminar by Daniele Nicita (Fireeye) and Battista Cagnoni (Mandiant)
December 12th, 2016 - Penetration testing
December 14th, 2016 - Governance for security and security frameworks | Course closing-->

Slides

The password for accessing the following PDFs is "ses"

  1. Practical Info - pdf
  2. Introduction to cybersecurity - pdf
  3. Case study: Target - pdf
  4. Intrusion detection - pdf
  5. Port Scan Detection - pdf
  6. Case study: Honan's hack - pdf
  7. Case study: How to hack Chrome in 6 simple steps - pdf
  8. Network segmentation - pdf
  9. SIEM - pdf
  10. Intrusion tolerance - pdf
  11. Threat modeling - pdf
  12. Threat modeling example - pdf
  13. Malware analysis - pdf 1, pdf 2, pdf 3, VM (10Gb)
  14. Penetration testing - pdf
  15. Incident management - pdf
  16. Governance for security - pdf
Exams

Schedule

  • January 26th, 2017 - Room B2 at 10:00. Enroll on Infostud.
  • February 17th, 2017 - Room B2 at 15:00. Enroll on Infostud.
  • April 11th, 2017 - Room A4 at 10:00. Enroll on Infostud.
  • June 13th, 2017 - Room A4 at 14:30. Enroll on Infostud.
  • July 20th, 2017 - Room A4 at 14:30. Enroll on Infostud.
  • September 12th, 2017 - Room A3 at 10:00 NOTE: This test has been cancelled due to a strike. Please contact the lecturer for further info.
  • September 27th, 2017 - Room A4 at 9:00. Enroll on Infostud.
  • October 30th, 2017 - Room A5 at 10:00. Enroll on Infostud.

Exam rules
Rules
Report templates: Word - LaTeX
Info for practical assignments on malware analysis

Useful links

Introduction to modern attack techniques and strategies

Blogs

Databases

Intrusion Detection

Network segmentation

Threat modeling

Incident management

Penetration testing

Governance

Tools