NETWORKS AND SECURITY

Course objectives


GENERALI The "Networks and Security" course provides students with a solid theoretical and practical foundation in network architectures, quality of service (QoS), and secure communications. Students will gain an integrated understanding of telecommunication networks, including their multi-layer structure, transport mechanisms, and access solutions, with a strong focus on performance evaluation and optimization of service systems using models and simulation tools.
A substantial part of the course is dedicated to the fundamentals of cryptography and to the main security protocols ensuring authentication, confidentiality, and data integrity. Practical activities complement the training with hands-on configuration and management exercises focused on IP routing, traffic measurement, and basic network security. The course aims to train professionals capable of understanding, designing, and securing modern network infrastructures, with attention to real-world performance and security challenges. SPECIFICI • Knowledge and understanding: Students will acquire in-depth knowledge of network architectures, performance analysis techniques, QoS models, cryptographic fundamentals, and communication security protocols. • Applying knowledge and understanding: Students will be able to configure IP networks, evaluate service system performance, and implement security protocols using software tools and laboratory environments. • Making judgments: Students will develop the ability to critically evaluate technological solutions for improving QoS and security in complex telecommunication networks. • Communication skills: Students will be able to clearly and effectively present networking and security problems and solutions in both technical and interdisciplinary contexts. • Learning skills: The course will provide methodological tools to independently explore advanced topics in networking and security and stay updated with the technological evolution of the sector.

Channel 1
ANDREA BAIOCCHI Lecturers' profile

Program - Frequency - Exams

Course program
MODULE 1 (60 hours) Review of network architectures and the current structure of the Internet. Quality of service. Scheduling and dispatching. Congestion control and fairness in resource sharing. Tools for performance evaluation. Introduction to communications security. Main cryptographic primitives. Authentication and cryptographic protocols. MODULE 2 (30 hours) Basic configurations (address assignment and static routes), intra and inter domain routing management, delay and bandwidth measurements, asymmetric encryption and digital certificates, stateless firewall rules
Prerequisites
Basic knowledge of calculus, geometry, probability theory, telecommunications networking. Undergraduate level programming skills (e.g., in Matlab or Python).
Books
o Andrea Baiocchi: “Network Traffic Engineering - Stochastic models and applications”. Wiley, 2020 [Chs. 2, 3, 6, 8, 10] o Charlie Kaufman, Radia Perlman, Mike Speciner, Ray Perlner: “Network Security: Private Communications in a Public World”. Addison-Wesley Professional, 3rd Edition, September 2022 [Chs. 1-6, 9-12] o Material available from the course web site (slides, simulation scripts, measured traffic data).
Frequency
Attendance is not mandatory, but is strongly recommended.
Exam mode
Written test oriented to quantitative evaluations or design/dimensioning of network elements or protocols. Oral on topics covered in the course, aimed at ascertaining the understanding of concepts and mastery of technical language.
Bibliography
TEXTBOOKS FOR FURTHER STUDY: o Frank Kelly and Elena Yuodvina: “Stochastic Networks”. Cambridge University Press, 2014. o Mor Harchol-Balter: “Performance modelling and design of computer systems”. Cambridge University Press, 2013. o Niels Ferguson and Bruce Schneier: "Practical Cryptography". John Wiley & Sons Inc., 2003. o James F. Kurose, Keith W. Ross, “Computer networking: a top-down approach”, Pearson, 8th edition, 2020. o Andrew S. Tanenbaum, Nick Feamster, David J. Wetherall: "Computer Networks". Pearson, 6° edizione, 2021.
Lesson mode
Lectures and exercises in the classroom. The lectures serve to introduce the concepts and present the course topics in an orderly manner. The exercises aim to provide application examples, conduct quantitative evaluation examples, applying models introduced in the lectures. Some exercises may be dedicated to computer experience, with the development of simple codes (e.g., simple simulators in Matlab) or the use of state-of-the-art software packages (e.g., Wireshark).
MARCO POLVERINI Lecturers' profile

Program - Frequency - Exams

Course program
Network Architectures (6 hours) - Internet structure: autonomous systems, ISPs, OTTs, IXPs, subnets - Transport networks - Access networks: copper, fiber, wireless - Cellular and satellite networks - Data centers Quality of Service (24 hours) - Network performance evaluation: metrics and stochastic simulation (event-driven and time-stepped) - Scheduling: algorithms and applications; dispatching in data centers - Congestion control: classic TCP (loss-based) and variants (delay-based, network-assisted, AQM, ECN, DCTCP) - Fluid models: TCP, DCTCP and Network Utility Maximization (NUM) - Strategic queuing and the Naor model - Delay analysis and optimization of capacities and routing (Braess paradox) - Dimensioning cellular coverage under QoS constraints Communications Security (30 hours) - Fundamentals of security and cryptography - Number theory and cryptographic primitives (symmetric and asymmetric encryption, digital signatures, elliptic curves) - Hash functions and pseudo-random number generation - Identity authentication and authentication protocols (password, address-based, challenge-response, Needham-Schroeder) - Secure key exchange (authenticated Diffie-Hellman, Lamport hash, EKE, SRP) - IPSec and IKE Network Configuration, Management and Troubleshooting (10 hours) - Basic configuration: IP addressing and static routing - Packet sniffing with Wireshark - ARP protocol analysis - Intra-domain routing with OSPF Network Performance Measurement and Optimization (10 hours) - Wide Area Network emulation - TCP congestion control protocols (HTCP, Cubic, Reno, BBR) - Buffer sizing and bufferbloat - Random Early Detection (RED) - TCP traffic classification with Hierarchical Token Bucket (HTB) Network Security Management (10 hours) - Hands-on exercises on hashing and symmetric encryption - Asymmetric encryption: RSA, digital signatures, Diffie-Hellman - Public Key Infrastructure (PKI): Certificate Authority and digital certificates - Stateful firewall configuration with iptables
Prerequisites
Basic understanding of Computer Networking (including IP/TCP suite) and of Telecommunications (digital data transmission).
Books
Slides and scientific papers available at the Course web site and on the Moodle platform
Frequency
optional
Exam mode
Written and oral exam, practical activity
Bibliography
Slides and scientific papers available at the Course web site and on the Moodle platform
Lesson mode
Theoretical lessons and practical lab activities
  • Lesson code10621060
  • Academic year2025/2026
  • CourseTelecommunication Engineering
  • CurriculumTelecommunication Engineering (percorso valido anche ai fini del rilascio del doppio titolo italo-francese o italo-statunitense )
  • Year1st year
  • Semester2nd semester
  • SSDING-INF/03
  • CFU9
  • Subject areaIngegneria delle telecomunicazioni