69866 - Network Security

Course Unit Page

SDGs

This teaching activity contributes to the achievement of the Sustainable Development Goals of the UN 2030 Agenda.

Industry, innovation and infrastructure Sustainable cities

Academic Year 2019/2020

Learning outcomes

Basic knowledge of computer and network security. At the end of the course the student should be able to understand the more common security threats and to set up a security audit of a given network infrastructure. Moreover, he/she should be able to understand and identify various types of attacks and to implement solutions for reducing the risk.

Course contents

  1. Computer and network security basics. Threats, Risks, Attacks, and Assets. Security Functional Requirements.
  2. Small introduction to cryptography. Symmetric Encryption. Public-Key Encryption. Digital Signatures and Key Management.
  3. User authentication and authentication-related problems.
  4. Access control. 
  5. Malicious software. 
  6. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. 
  7. Intrusion Detection Systems (IDS).
  8. Design and implementation of Firewalls.
  9. Security aspects in design and implementation of software.
  10. Security management and risk assessment. Management. Risk analysis and evaluation. Design and implementation of security policies. Social engineering and human-in-the loop. Auditing.
  11. Computer forensics and anti-computer forensics techniques.

Readings/Bibliography

Teaching materials:

  • course book;
  • slides (available on the course webpage);
  • additional resources (i.e. selected scientific papers and technical articles).


The course book is: Computer Security: Principles and Practice, 4/E William Stallings, Lawrie Brown. Global Edition. ISBN-10: 1292220619. ISBN-13: 978-1292220611

The detailed knowledge of the previously listed teaching material is mandatory for a positive outcome of the examination. The study of the slides is not sufficient for getting an adequate knowledge of the course topics.

A list with the parts of the course book that are in the course program is available on the course webpage. Moreover, the webpage contains a tentative schedule of the lesson and pointers to the selected scientific papers that will be assigned during the course. The reading of these additional resources has the goal to provide a deep knowledge of some specific security aspects.

In the course webpage is available a list of "Frequently Asked Questions" and some examples of questions as in the course final examination.

 

Teaching methods

Lessons (52 hours).

The lesson are used for both teaching (with slides projected during the lessons) and to promote the class discussion on some selected topics. The class discussion is of main importance to foster a "critical thinking" approach among the students.

In specific lessons (scheduled in advance and reported in the course website) a part of the lesson is reserved for the discussion of the scientific papers and technical articles that have been assigned in the previous lessons.

Assessment methods

The final examination has the goal to check if the student has an adequate knowledge of the main course topics and is both able to evaluate the security of modern systems and to propose effective solutions to the main security issues.

The exam consists of a 60-minutes written test (implemented using the Esami On Line platform); no books, notes or electronic devices can be accessed during the test. The exam is made of 5 questions that cover all the teaching material. The maximum evaluation score is 30/30.

To attend the exam, each student must sign up via AlmaEsami within a deadline. Those who cannot sign up must immediately communicate the problem to the teaching secretariat (and the teacher). Deciding whether to allow them to attend the exam or not is up to the teacher. Once the test results have been published, each student has some days to decide if (s)he wants to refuse the grade or not.

Teaching tools

The slides and all the additional resources used during the lessons are available on Insegnamenti OnLine (IOL).

Links to further information

http://www.cs.unibo.it/gdangelo/sicurezza.html

Office hours

See the website of Gabriele D'Angelo