Insegnamenti | Course catalogue

This feature allows you to view courses, programs and teachers from previous years, based on your educational path.

Click here to see further enrol years available in the archive

Curriculum(s) for 2024 - Cybersecurity (29389)

Single curriculum

Lesson [SSD] [Language]	Year	Semester	CFU
1047622 \| CRYPTOGRAPHY [INF/01] [ENG]	1st	1st	6
1027171 \| NETWORK INFRASTRUCTURES [ING-INF/03] [ENG]	1st	1st	6
1022807 \| Distributed Systems [ING-INF/05] [ENG]	1st	1st	6
1055043 \| Statistics [SECS-S/01] [ENG]	1st	1st	6
1041792 \| BIOMETRIC SYSTEMS [INF/01] [ENG]	1st	1st	6
1054960 \| Computer systems and programming [INF/01] [ENG]	1st	1st	6
1047642 \| SECURITY IN SOFTWARE APPLICATIONS [INF/01] [ENG]	1st	1st	6
Elective course [N/D] [ITA]	1st	1st	12
1055055 \| Cyber and Computer Law [IUS/20] [ENG]	1st	2nd	6
1055682 \| ETHICAL HACKING [INF/01, INF/01] [ENG]	1st	2nd	9
1047623 \| DATA AND NETWORK SECURITY [INF/01] [ENG]	1st	2nd	6
1055047 \| Economics of technology and management [ING-IND/35] [ENG]	1st	2nd	6
1047634 \| INTERNET OF THINGS [INF/01] [ENG]	1st	2nd	6
10589555 \| Practical Network Defense [INF/01] [ENG]	1st	2nd	6
1054962 \| Secure Computation [INF/01] [ENG]	1st	2nd	6
1054963 \| Systems and Control Methods for Cyber-Physical Security [ING-INF/04] [ENG]	1st	2nd	6
1055681 \| MALWARE ANALYSIS AND INCIDENT FORENSICS [ING-INF/05, ING-INF/05] [ENG]	2nd	1st	9
1055061 \| Security Governance [ING-INF/05] [ENG]	2nd	1st	6
1044415 \| MOBILE APPLICATIONS AND CLOUD COMPUTING [ING-INF/05] [ENG]	2nd	1st	6
1055050 \| Risk management [SECS-P/11] [ENG]	2nd	1st	6
10600490 \| Blockchain and distributed ledger technologies [INF/01] [ITA]	2nd	1st	6
AAF1803 \| Cyber Security Seminars [N/D] [ENG]	2nd	2nd	6
1047623 \| DATA AND NETWORK SECURITY [INF/01] [ENG]	2nd	2nd	6
1054963 \| Systems and Control Methods for Cyber-Physical Security [ING-INF/04] [ENG]	2nd	2nd	6
10600449 \| Advanced information systems security and blockchain [ING-INF/05] [ENG]	2nd	2nd	6
AAF1028 \| Final exam [N/D] [ITA]	2nd	2nd	30

Lesson [SSD] [Language]	Year	Semester	CFU
1041792 \| BIOMETRIC SYSTEMS [INF/01] [ENG]	1st	1st	6
Educational objectives General goals: To be able to design and evaluate a biometric or multibiometric system. Specific goals: To know the features and basic techniques related to physical biometric identifiers, such as face, fingerprint, iris, etc., and behavioral, such as gait, signature (dynamic), voice, typing mode, etc. Architecture of a biometric system: unimodal systems and multibiometric architectures. To be able to evaluate the performance of a biometric system according to the adopted modality: verification and identification. To be able to evaluate/assure the robustness of a biometric system against spoofing attacks (identity theft). Knowledge and understanding: Fundamentals of design of a biometric system and of the techniques to extract/match the specific characteristics for the main biometric traits. Applying knowledge and understanding: To be able to design and implement an application for biometric recognition for at least one biometric trait. Critical and judgmental capabilities: To be able to assess the performance and robustness of a biometric system to presentation attacks. To be able to transfer techniques and protocols in different contexts. Communication skills: To be able to communicate/share the requirements of a biometric system, the most suited modalities for a certain application, and the performance measures of a system. Capability of autonomous learning: To be able to autonomously get a deeper insight on the course topics, in relation to either specific/complex techniques and methods, or to biometric traits not covered in the course.
1054960 \| Computer systems and programming [INF/01] [ENG]	1st	1st	6
Educational objectives General Objectives Main objective of the course is to provide the basics of system programming. Specific Objectives Students will be able to autonomously develop programs able to interact with the operating system and exploit its services. Knowledge and Understanding -) Knowledge of the C programming language and of the tools normally available in the development environment (compiler, preprocessor, debugger, make, etc.). -) Knowledge of the main functions of an operating system and its fundamental components (Scheduler, Virtual Memory Manager, Filesystem .. ) -) Knowledge of the most important primitives and interfaces in order to create and synchronize processes and threads, exchange messages and signals. -) Knowledge of the socket framework and its API. Applying knowledge and understanding: -) How invoke system primitives and correctly integrate system calls in applications -) How select the most appropriate frameworks and paradigms, depending on application requirements and runtime characteristics. Autonomy of Judgement Students will be able to assess the complexity and the implementation criteria of specific applications Communication Skills Students will be able to describe how their applications use the system call API and explain the reasons behind their choices. Next Study Abilities Students will be able to further develop their skills examining, with more details, the architecture and the programming interface of the operating system.
1047642 \| SECURITY IN SOFTWARE APPLICATIONS [INF/01] [ENG]	1st	1st	6
Educational objectives General Objectives The basics of security in software programs Specific Objectives Methodology and tools to find and remove the most common software vulnerabilities, and to develop software free of security flaws Knowledge and Comprehension Learning the most effective techniques to remove vulnerabilities from code and to develop software satisfying specific security policies Ability to apply Knowledge and Comprehension The student is able to transfer the knowledge on the methodologies to the selection of the appropriate techniques and tools to remedy to the presence of vulnerabilities. Authonomy of judgement The student learns to analyze the problem and to identify the proper methodologies and tools to solve problems of software security Ability to Communicate The student is able to communicate successfully and to defend the choices made in the selection of the appropriate methodologies and tools. Ability to Learn The student is able to continue the learning process in authonomy to comprehend new methodologies and the applicability of new tools.
1047623 \| DATA AND NETWORK SECURITY [INF/01] [ENG]	1st	2nd	6
Educational objectives The goal of the course "Data and Network Security" is to expose the most up-to-date problems and solutions in the cybersecurity field which is rapidly evolving. Students will learn about the main open research problems, and will obtain the necessary basis for more in-depth studies on the subject and to keep abreast of developments in the field.
1055047 \| Economics of technology and management [ING-IND/35] [ENG]	1st	2nd	6
Educational objectives Knowledge and understanding The course deals with the decision making processes of firms. In particular, students are expected to learn the basic principles of • microeconomic analysis of the firm, • the structure of firms and their internal organization, • firm technology strategy, • economic evaluation of investment projects, • financial accounting Applying knowledge and understanding Students will be able to apply basic methods and models of microeconomics, organization theory and corporate finance in order to: • identify the determinants of firms’ strategic choices, • analyze the relationship between technological change in the industry and firms’ strategies • evaluate the profitability of investment projects • analyze the financial statement of a company Making judgements Lectures, practical exercises and problem-solving sessions will provide students with the ability to assess the main strengths and weaknesses of theoretical models when used to identify firms’strategies. Communication By the end of the course, students are able to discuss ideas, problems and solutions provided by the microeconomics of the firm, organization theory and corporate finance both with a specialized and a non-specialized audience. These capabilities are tested and evaluated in the final written exam and possibly in the oral exam. Lifelong learning skills Students are expected to develop those learning skills necessary to undertake additional studies on relevant topics in microeconomics, organization theory and corporate finance with a high degree of autonomy. During the course, students are encouraged to investigate further any topics of major interest, by consulting supplementary academic publications, specialized books, and internet sites. These capabilities are tested and evaluated in the final written exam and possibly in the oral exam, where students may have to discuss and solve some new problems based on the topics and material covered in class.
1047634 \| INTERNET OF THINGS [INF/01] [ENG]	1st	2nd	6
Educational objectives General objectives: The course will provide students with both theoretical and practical background on wireless and Internet of Things systems. The course includes an hands on lab. Specific objectives: The course will provide students with both theoretical and practical background on wireless and Internet of Things systems. The unique challenges of such systems will be introduced, explaining why they requires special design choices with respect to wired networks. The student will be able to reason on what are the right design choices to increase efficiency, reliability, energy efficiency,..., creating the background for being able to design future generation sensing and IoT systems. He/she will also have the possibility to have hands on experience on programming IoT devices in a lab. Course summary -Introduction to Wireless Systems (design challenges of a wireless system; things to know on how the signal propagate, on how to design a low power system and on how to cope with limited resources available) -From 2G to 5G: Cellular systems evolution towards an integrated system including also Internet of Things (Architecture, Protocols, Procedures, detailed presentation of how cellular systems work) -Sensing systems basics: MAC protocols, routing protocols, localization and synchronization -Towards the Internet of Things: features, standards, open challenges, low power IoT radio technologies -SigFox, LoRa -Trends in Internet of Things research. This part will cover on going research issues related to future generation IoT systems. It will be based on research papers and maybe subject of revision during the class based on students interests and emerging topics. The following topics are expected to be addressed: Towards zero energy consuming IoT systems: how energy harvesting and wake up radios, as well as passive backscattering technologies are changing what and for how long we can do in IoT systems. IoT security issues and how blockchain technologies is being exploited in large scale IoT deployments to enable IoT vertical applications. * When IoT meets machine learning: system level optimization at scale through machine learning techniques. * IoUT (Internet of Underwater Things): how IoT, robotic technologies and machine learning are changing the Blue Economy sector. - Lab: IoT systems programming Knowledge and understanding: At the end of the course students will have acquired knowledge about the performance trade offs associated to different system design choices and will be able to read and understand technical documents on wireless and IoT systems (papers, standards,---). At the end of the course students will be able to analyze standards and technical documents, understanding and implementing them. He/she will have done practical hands on experience on the programming and performance evaluation of such systems. Application of knowledge and understanding: The students will be able to provide solutions for new generations of wireless and IoT systems. Judgment skills: Students will develop the analytical skills necessary to evaluate various alternatives for the design of wireless and IoT systems selecting the best alternative for a specific application scenario. Communication skills: Students will learn to present, in a synthetic and accurate way, using an adequate technical language, ideas, solutions and research results on wireless and IoT systems. Learning ability: The course will provide students with both theoretical and practical background on wireless and Internet of Things systems.
10589555 \| Practical Network Defense [INF/01] [ENG]	1st	2nd	6
Educational objectives General objectives The course explains the fundamentals of the methods and tools for the protection of computer networks. Particular attention is paid to the practical application of the concepts learned. Knowledge and understanding List commonly-seen threats arising from the use of particular protocols in networked computer systems. Explain mechanisms commonly used by intruders and designers of malware in order to compromise a computer system's security. Explain the basic mechanisms used for the detection of intrusion attempts in computer systems. Application of knowledge and understanding At the end of the course students will be able to monitor traffic in networks, apply a security policy, perform a network scan and search for vulnerabilities in a computer network. Students will develop the ability to select the appropriate firewall rules to protect a network, select the most appropriate mechanisms to protect a networked computer system and to make the most appropriate design choices to implement a "defense in depth" strategy, using isolated networks and dedicated tools (VPN, proxy and firewall). Judgment skills Students will develop the analytical skills necessary to evaluate different alternatives during the design process of a computer network, with particular reference to the evaluation of the architectural choices and related risks and to the security objectives that the system wants to pursue. Communication capacity Students will learn how to document their choices, also through the use of automated reporting tools. They will also have acquired the ability to prepare presentations related to specific scientific topics. Ability to continue learning in an autonomous way The concepts acquired during the course will provide students with a solid knowledge base in order to further deepen the more technical aspects, explore the alternatives not dealt with for time reasons and to autonomously keep themselves informed on the continuous developments and updates of network security and protection.
1054962 \| Secure Computation [INF/01] [ENG]	1st	2nd	6
Educational objectives General Objectives The goal of the course is to provide an overview of the most advanced cryptographic techniques and their applications. Specific Objectives The students will learn the concept of secure computation, which allows a network of mutually distrustful players, each holding a secret input, to run an interactive protocol in order to evaluate a function on their joint inputs in a secure way, i.e. without revealing anything more than what the output of the function might reveal. Secure computation is an abstraction of several important applications, including electronic voting, digital auctions, cryptocurrencies, zero knowledge, and more. Knowledge and Understanding -) Knowledge of advanced cryptographic tools, including zero knowledge, digital commitments, and fully homomorphic encryption. -) Knowledge of the foundations of secure computation, i.e. how to define security of interactive protocols. -) Understanding of the working principles behind distributed ledgers and cryptocurrencies. Applying knowledge and understanding: -) How to analyze the security of interactive protocols. -) How to design secure interactive protocols. -) How to program a secure smart contract. Autonomy of Judgment The students will be able to judge the security of advanced cryptographic applications. Communication Skills How to describe the security of interactive protocols for electronic voting, cryptocurrencies, or general-purpose computation. Next Study Abilities The students interested in research will learn what are the main open challenges in the area, and will obtain the necessary background for a deeper study of the subjects.
1054963 \| Systems and Control Methods for Cyber-Physical Security [ING-INF/04] [ENG]	1st	2nd	6
Educational objectives General objectives The course aims at providing basic concepts and methodologies of control theory, operations research and game theory, which constitute an analytical framework for the modeling of cyber-physical systems and of the main types of attacks on cyber-physical systems (for example: "denial of service", " replay attack "," covert attack "," false data injection ") and for the solution of security games and decision problems. The course will summarize a number of such methodologies and show how their application is able to deal with cyber-physical security problems in numerous example use cases. Specific objectives Knowledge and understanding: The students will learn methodologies for to model and solve security problems in cyber-physical systems by unsing control theory, game theory and operations research methodologies. Apply knowledge and understanding: At the end of the course, the student will be able to derive abstract mathematical models for a wide class of cyber-physical systems, to analyze, starting from these models, some important properties concerning their security. Critical and judgment skills: The student will be able to to face cybersecurity problems through control theory, game theory and operations research methodologies. Communication skills: The course activities allow the student to be able to communicate / share the main problems concerning cybersecurity problems in cyber-physical systems and the possible design choices for their soultions. Learning ability: The aim of the course is to make students aware on how to deal with control and decision-making problems in the context of cybersecurity problems in cyber-physical systems.

Lesson [SSD] [Language]	Year	Semester	CFU
1044415 \| MOBILE APPLICATIONS AND CLOUD COMPUTING [ING-INF/05] [ENG]	2nd	1st	6
Educational objectives Knowledge and understanding. The course aims to provide the knowledge required for understanding: (i) the specific characteristics of mobile apps compared to desktop apps; (ii) the main design patterns for mobile apps; (iii) the main security issues; (iv) the use of the main backend cloud services for mobile applications; (v) methods for designing and developing simple backend services deployed in the cloud; (vi) the classification of cloud service models Applying knowledge and understanding. The student must be able to design, develop and test native applications for android operating systems that interact with cloud services using the main official development, test and design tools. The student must also be able to design/develop and test their simple services deployed on cloud platforms, supporting mobile applications Making judgments. Based on the skills acquired, the student must be able to assess the advantages and disadvantages of the different technologies for developing apps (native applications, hybrid and web based), evaluate / choose optimally and critically the cloud support functions for the operation of mobile applications; to judge the feasibility, complexity and implications of new possible applications, also indicated by third parties. It will also have to be able to keep updated on the basis of possible future technologies related to mobile apps or cloud services. Communication skills. The student must be able to motivate the technological, methodological and architectural choices for new applications to other people in the sector, as well as to present, even to non-expert people, the functioning and characteristics of possible new applications. Learning skills. Practical exercises will be carried out on the various topics covered and will be requested to critically use information available for specific problems on various discussion platforms (e.g. Stack Overflow, official sites, blogs, etc.).
1055050 \| Risk management [SECS-P/11] [ENG]	2nd	1st	6
Educational objectives General objectives The course deals with the evaluation of cyber risks that can damage an enterprise information system, the methodologies to mitigate these risks and the necessary countermeasures to be applied with the aim of making the company or public institution secure from the IT point of view. Specific objectives The course deals with the relationships between the operating mechanisms of information systems and computer networks and the computer threats to which they may be subject, the mechanisms for identifying and opposing attacks and their implementation through the application of specific countermeasures to reduce cyber risk. Particular attention is paid to the practical application of the notions learned through the analysis of case studies and exercises. The basic reference for the Risk Management course is the ISO 27005 standard, complemented by the NIST SP 800-30 framework. Knowledge and understanding Analyze the most common and dangerous threats, relating them to the vulnerabilities of systems and networks on which threats can have an impact. Assess the business risks associated with this impact and recommend the implementation of appropriate countermeasures; alternatively, suggest criteria for accepting the risks identified. Explain the basic mechanisms used to identify intrusion attempts into computers and networks. Determine and establish continuous improvement processes. Application of knowledge and understanding At the end of the course, students will be able to identify and assess the risks that can affect the functioning and security of an information system and their impacts. Based on the risk analysis and management methodologies learned in the course, the students will develop the ability to identify and select the appropriate countermeasures to protect the information system, from a technical, administrative, and cost point of view, determining the best governance profile of the security process. Judgment skills Students will develop the analytical skills necessary to evaluate different alternatives during the process of identifying the security risks of an Information System, with particular reference to the assessment of the architectural choices and the risks that they may involve and the security objectives imposed on the system in relation to the level of sensitivity of the information it manages. Communicative skills Students will learn how to document their choices, including through the use of automated reporting tools. They will also have acquired the ability to prepare presentations on topics related to risk management. Ability to continue learning in an autonomous way The notions acquired during the course will provide students with a basic knowledge in order to further deepen the more technical aspects, and to keep themselves informed about the continuous developments and updates of the assessment of cybersecurity risks of systems and networks.
10600490 \| Blockchain and distributed ledger technologies [INF/01] [ITA]	2nd	1st	6
Educational objectives General goals: Blockchains emerged as a novel, game-changing paradigm for the distributed management of transactional systems. A blockchain is a protocol for the management of distributed ledgers, that is for the decentralised storage of a tamper-proof sequence of transactions (ledger), maintained and verified by the nodes participating in the network. A combination of peer-to-peer networks, consensus-making, cryptography, and market mechanisms is at the core of blockchains, which ensure data integrity and transparency thereby. An increasing number of blockchain platforms provides support for so-called smart contracts, that is, executable code expressing how business is to be conducted among contracting parties (e.g., transfer digital assets after a condition is fulfilled). The design of a secure, verifiable and efficient blockchain-based application requires the capability of properly architecting the behavioural structures amid the involved parties. The course covers in details the principles and technologies underpinning blockchain platforms and the properties they guarantee, on one hand, and is aimed at providing the means for the creation and analysis of blockchain-based solutions and applications, on the other hand. Specific goals: The course revolves around four main topics: 1) fundamentals of blockchains and distributed ledger technologies; 2) smart contracts programming; 3) development of a full-stack blockchain-based application; 4) assessment and analysis of a blockchain-based application. Knowledge and understanding: Students will learn the basics of blockchain technologies and the interplay of the underlying techniques that lead to the immutability, persistency, security and eventual consistency of the blockchain platforms. Furthermore, they will learn how to encode smart contracts and, thereupon, create full-stack Decentralised Applications (DApps). To properly design DApps and the token systems they rely upon, learners will apply the principles of process behaviour modelling and execution. To that end, an overview of cybersecurity challenges, as well as legal and privacy aspects, will also be provided. Application of knowledge and understanding: At the end of the course, students will have gained a better understanding of the fundamental pillars of distributed ledger technologies and blockchains. Also, they will have the ability to design and implement blockchain-based systems. Furthermore, they will produce reports in a manner that provides the most value to the stakeholders of decentralised applications. Critical and judgmental skills: Learners will develop the ability to assess the quality of decentralized applications and blockchain-based solutions at large from the perspectives of reliability, behavioural soundness, execution cost, on-chain and off-chain load balance, applicability, cybersecurity, and privacy. Communication skills: Students will learn how to document their choices, including through the use of diagramming and reporting tools. They will also have acquired the ability to prepare presentations on scientific subjects. Learning ability: The notions acquired during the course will provide students with solid knowledge in order to further investigate the most advanced technical aspects and to keep themselves informed about the continuous developments and updates of blockchain and distributed ledger technologies.
1047623 \| DATA AND NETWORK SECURITY [INF/01] [ENG]	2nd	2nd	6
Educational objectives The goal of the course "Data and Network Security" is to expose the most up-to-date problems and solutions in the cybersecurity field which is rapidly evolving. Students will learn about the main open research problems, and will obtain the necessary basis for more in-depth studies on the subject and to keep abreast of developments in the field.
1054963 \| Systems and Control Methods for Cyber-Physical Security [ING-INF/04] [ENG]	2nd	2nd	6
Educational objectives General objectives The course aims at providing basic concepts and methodologies of control theory, operations research and game theory, which constitute an analytical framework for the modeling of cyber-physical systems and of the main types of attacks on cyber-physical systems (for example: "denial of service", " replay attack "," covert attack "," false data injection ") and for the solution of security games and decision problems. The course will summarize a number of such methodologies and show how their application is able to deal with cyber-physical security problems in numerous example use cases. Specific objectives Knowledge and understanding: The students will learn methodologies for to model and solve security problems in cyber-physical systems by unsing control theory, game theory and operations research methodologies. Apply knowledge and understanding: At the end of the course, the student will be able to derive abstract mathematical models for a wide class of cyber-physical systems, to analyze, starting from these models, some important properties concerning their security. Critical and judgment skills: The student will be able to to face cybersecurity problems through control theory, game theory and operations research methodologies. Communication skills: The course activities allow the student to be able to communicate / share the main problems concerning cybersecurity problems in cyber-physical systems and the possible design choices for their soultions. Learning ability: The aim of the course is to make students aware on how to deal with control and decision-making problems in the context of cybersecurity problems in cyber-physical systems.
10600449 \| Advanced information systems security and blockchain [ING-INF/05] [ENG]	2nd	2nd	6
Educational objectives GENERAL OBJECTIVES The course aims to approach security and privacy in advanced information systems. The recent developments of future internet technologies (e.g. ICN) decentralised architectures (e.g. blockchain) and the Internet of Things raise new and challenging security and privacy issues. The course will introduce innovative solutions presented in the literature to address such issues in order to design and develop secure and privacy-aware components of a modern integrated ecosystem of services based on the aforementioned technologies. The course will discuss topics related to privacy and security in different domains, including: - Blockchain - Internet of Things - Future Internet Technologies - Machine Learning - Privacy-Preserving Systems SPECIFIC OBJECTIVES Knowledge and Understanding: The course stimulates the curiosity of the students toward new trending topics in cybersecurity. The student learns new concepts that allow them to acquire a basic knowledge of innovative information systems and their security. Apply Knowledge and Understanding: At the end of the course, the students should be able to analyze recent scientific papers related to security, understand the main information, discuss them with their colleagues, and reproduce their results. Critical and Judgment skills: The students acquire the ability to extract the main information from scientific papers and compare them with others in the literature. In this way, the student will be able to elaborate a critical judgment on the security of advanced information systems at the state of art and to assess what can be actually achieved and what is required to further progress in research. Communication skills: The discussion of a scientific paper with the class, as part of the exam program, requires the student to go in-depth with one of the topics seen during the lessons. This stimulates interaction during the class and the student's communication skills. Learning ability: In addition to the classic learning skills provided by the theoretical study of the teaching material, the course development methods, in particular related to the project activities, stimulate student self-learning.