This feature allows you to view your educational path, if you enrolled in previous years

Curriculum(s) for 2026 - Cybersecurity (33516)

Single curriculum
Lesson [SSD] [Language] YearSemesterCFU
10630016 | CRYPTOGRAPHY [INFO-01/A] [ENG]1st1st6

Educational objectives

General Objectives:
The goal of the course is to hand down the foundations of cryptography, which is at the heart of security in nowadays digital applications.

Specific Objectives:
The students will learn the methodology of provable security, which allows to prove security of modern cryptosystems in a mathematically sound way.

Knowledge and Understanding:
-) Knowledge of the mathematical foundations of modern cryptography.
-) Knowledge of the main hardness assumptions, on which the security of cryptographic constructions is based.
-) Knowledge of the cryptographic schemes currently used in real life. Understanding of their (practical and theoretical) properties.

Applying knowledge and understanding:
-) How to select the right cryptographic scheme for a given application.
-) How to analyze the security of a given cryptographic scheme.

Critiquing and judgmental skills:
The students will be able to judge whether a given cryptographic scheme is secure or not.

Communication Skills:
How to describe the security of a cryptographic construction in the language of provable security.

Ability of learning:
The students interested in research will learn what are the main open challenges in the area, and will obtain the necessary background for a deeper study of the subjects.

10626272 | NETWORK INFRASTRUCTURES [IINF-03/A] [ENG]1st1st6

Educational objectives

Educational goals

The Network Infrastructures course aims to provide students with an in-depth understanding of the main architectures, technologies, and protocols underlying modern network infrastructures. The course covers wired and wireless access networks, optical transport networks, advanced networking technologies, and the main intra- and inter-domain routing protocols. Special attention is also devoted to practical aspects related to the configuration and management of IP networks, through hands-on activities based on network emulation tools such as Kathara. At the end of the course, students will be able to understand, analyze, and configure realistic network infrastructures, assessing their performance, scalability, and security requirements.

Knowledge and understanding

Students will acquire in-depth knowledge of the main network architectures and technologies used in modern telecommunication infrastructures. In particular, they will be able to understand the operation of broadband access networks, optical transport networks, next-generation wireless technologies, MPLS and BGP protocols, as well as the main routing and network security mechanisms.

Applying knowledge and understanding

Students will be able to apply the acquired knowledge to the design, configuration, and analysis of IP networks. The hands-on activities will allow them to configure realistic network scenarios, addressing topics such as IP addressing, routing, DNS, VPNs, and firewalling. These activities will enable students to connect the theoretical aspects of the course with operational issues typical of network infrastructures.

Making judgements

Students will develop the ability to critically evaluate different technological solutions for network infrastructures, comparing them in terms of performance, scalability, reliability, and security. They will also be able to select the most appropriate solutions according to the application requirements and the considered operational context.

Communication skills

Students will be able to clearly describe and discuss the main network technologies and architectures, using appropriate technical terminology. They will also be able to present the design and configuration choices adopted in practical scenarios, explaining them with respect to network requirements and application objectives.

Learning skills

The course will provide students with the methodological foundations needed to keep up with the continuous evolution of network technologies and to independently study new protocols, standards, and infrastructure solutions. The theoretical and practical skills acquired will provide a solid basis for further studies and professional activities in the field of telecommunication networks.

10626055 | Distributed Systems [IINF-05/A] [ENG]1st1st6

Educational objectives

Educational goals
The course is about distributed systems, with a specific focus on fault tolerance. Students will learn to appreciate the difficulties introduced by the unavoidable coexistence of local knowledge, asynchrony, and failures. They will understand how and when, despite these difficulties, it is possible to build powerful distributed algorithms. At the end of the course, the student is expected to design fault-tolerant distributed algorithms and to provide formal and convincing arguments for their correctness.

Knowledge and understanding
The student knows and understands the fundamental concepts and principles of distributed systems, such as processes, communication, failures, time, synchronization, consistency, consensus, broadcast, replication, and fault tolerance.

Applying knowledge and understanding
The student can apply the knowledge and understanding of distributed systems to design and implement distributed algorithms that solve problems in different settings and scenarios, such as leader election, shared memory, total order broadcast, replicated state machines, consensus, and fault-tolerant replication.

Making judgements
The student can critically analyze and compare different distributed algorithms in terms of correctness, efficiency, scalability, robustness, and complexity. The student can also identify the assumptions and limitations of each algorithm and evaluate their suitability for different applications and requirements.

Communication skills
The student can communicate effectively the main concepts and results of distributed systems using appropriate terminology and notation. The student can also present and discuss distributed algorithms using diagrams, pseudocode, oral presentations, and written reports.

Learning skills
The student develops the ability to independently explore advanced topics in distributed systems and to stay updated on developments in the field.

10628637 | Statistics [STAT-01/A] [ENG]1st1st6
Elective course [N/D] [ENG]1st1st12

Educational objectives

Provided for by the study plan, at the student's choice.

10627598 | Cyber and Computer Law [GIUR-17/A] [ENG]1st2nd6

Educational objectives

General Objective

The aim of the course is to provide an in-depth analysis of the main issues concerning the legal regulation of computer-related activities within companies and public administrations, with particular reference to cybersecurity, cybercrime, European regulation on the processing and protection of personal data, e-commerce, and intellectual property in the field of information technology. The course also examines the legal instruments, protocols, and standards of European cooperation in the fight against cybercrime. The course is structured into thematic modules, including the analysis and discussion of practical cases.

Knowledge and Understanding

At the end of the course, students will be able to identify and develop the main legal knowledge relating to data processing and to operate effectively within public administrations, particularly in interactions with judicial authorities and law enforcement bodies. Students will also be able to participate effectively in working groups or joint investigation teams, having acquired a clear understanding of the essential legal concepts and responsibilities involved. The course enables students to integrate technological and computer-related skills with organizational, economic, and legal competencies concerning the use of information technology and digital tools in both business and public-sector contexts.

Application of Knowledge and Understanding

In order to achieve the educational objectives, teaching activities are organized into thematic modules aimed at analysing and addressing specific operational contexts and particular situations of risk or emergency. To better understand the needs of professionals and practitioners, the course also includes joint initiatives with other academic programmes on topics such as cybersecurity, resilience, and methodologies for the acquisition of digital traces and evidence in cybercrime investigations, including in international contexts.

Making Judgements

The course aims to develop students’ ability to independently assess legal issues related to artificial intelligence and, more generally, to the relationship between law and technological innovation. Through the analysis of specific cases and classroom discussions, students are encouraged to critically examine the legal, ethical, and organizational implications arising from the use of emerging technologies, developing autonomous and informed opinions free from prejudicial assumptions. Particular attention is devoted to the development of critical thinking and argumentation skills through questions, problems, debates, and challenges proposed during the course.

Communication Skills

The course aims to develop students’ ability to communicate legal and technical concepts clearly and effectively, enabling them to acquire structured communication skills based on active listening, empathy, interdisciplinary dialogue, public speaking, and the ability to produce written documents appropriate to different professional contexts.

Learning Skills

The course aims to provide students with methods and tools to develop, organize, and consolidate autonomous learning skills related to the knowledge acquired during the lessons. In particular, teaching activities are based on active participation, immediate feedback on possible difficulties, and the implementation of improvement strategies through revision, repetition, and critical re-elaboration of course contents. Students are encouraged to discuss and exchange ideas in order to achieve the learning objectives and to develop an informed awareness of their acquired competencies.

10625800 | ETHICAL HACKING [INFO-01/A] [ENG]1st2nd9

Educational objectives

General objectives

Ethical hackers are a category of professionals increasingly in demand by companies and governments aware of the need to effectively protect their infrastructure from possible cyberattacks. The course deals with the fundamentals of ethical hacking. In particular, it starts from the systematic study of the methodologies and tools used by hackers to carry out the various attacks in cyberspace. Next, it illustrates how the professionals of ethical hacking can carry out a series of legal and useful activities by subjecting the computer systems to vulnerability tests. These tests are intended to evaluate and prove the cybersecurity of an organization and to help owners and managers to become aware of, and solve their cybersecurity problems. Particular attention is paid to the practical application of the concepts learnt.

Specific objectives
The course explains in detail what hackers are doing, how hacking activities occur, how hackers illegally manage to enter a computer system protected by security measures, and how to defend against them.

Knowledge and understanding
Understanding the Ethical Hacking concepts and scope. Casing the Establishment: the hacking techniques used to enumerate the targets completely. Endpoint and Server Hacking: the ultimate goals of any hacker including Advanced Persistent Threats. Infrastructure hacking: the way hackers attack the equipment our systems connect to. Application and Data Hacking: attacks to web/databases world as well as mobile hacking techniques. The countermeasures that can be used to hinder hackers' activities on the subsystems considered. Penetration testing execution standards.

Application of knowledge and understanding
At the end of the course, students will have the ability to analyze complex cybersystems and gain a better understanding of the target organization's vulnerabilities. Produce reports in a manner that provides the most value to the target organization executives.

Wisdom of judgement
Students develop the ability to plan ethical hacking activities in a way that does not violate current applicable law. Ability to follow a code of ethical conduct and provide assurance of good intentions in conducting systems penetration testing activities.

Communicative Capabilities
Students will learn how to document their choices, including through the use of automated reporting tools. They will also have acquired the ability to prepare presentations on scientific subjects.

Ability to pursue learning independently
The notions acquired during the course will provide students with a solid knowledge in order to further investigate the most technical aspects, and to keep themselves informed about the continuous developments and updates of the ethical hacking sector.

10630073 | MALWARE ANALYSIS AND INCIDENT FORENSICS [IINF-05/A] [ENG]2nd1st9

Educational objectives

General Objective
The aim of the course is to provide students with the knowledge, methods, and basic tools required to analyse, identify, categorize, and understand the behaviour of different classes of malicious software. Considering the continuous growth of malware used to perpetrate cyber attacks, the course aims to provide students with the theoretical and practical skills necessary to address malware analysis within the broader framework of cybersecurity. The course adopts a practical approach, with frequent application of the acquired methods to real-world cases.

Knowledge and Understanding

At the end of the course, students will acquire knowledge of the main characteristics of malicious software, including different malware classes, their behaviours, and the methodologies used for their identification and analysis. Students will understand the fundamental concepts, techniques, and tools employed in malware analysis and threat intelligence processes.

Application of Knowledge and Understanding

Students will be able to analyse malicious software of different natures, both manually and through the use of automated tools, in order to identify its relevant characteristics. They will be able to extract and classify technical information from malware samples and correlate these features with existing knowledge bases, applying the acquired methodologies to real-world cybersecurity scenarios.

Making Judgements

Students will develop the ability to independently evaluate malware-related information, interpret analysis results, and contextualize malicious software activities within broader cybersecurity processes, including threat intelligence and incident management. They will be able to assess the relevance of identified indicators and support decision-making processes in response to cyber threats.

Communication Skills

Students will acquire the ability to communicate technical findings related to malware analysis clearly and effectively, using appropriate terminology and methodologies for interaction with cybersecurity professionals, technical teams, and other stakeholders involved in incident response activities.

Learning Skills

Students will develop the ability to independently apply and expand the knowledge acquired during the course, using analytical methods, technical documentation, and existing knowledge bases to address evolving malware threats. The practical approach of the course will support continuous learning and adaptation to the rapidly changing cybersecurity landscape.

10627182 | Security Governance [IINF-05/A] [ENG]2nd1st6

Educational objectives

General Objectives

The course has the main aim to provide students with the capability of analyzing and designing processes for cyber security management.

Knowledge and understanding

The main objective of the course is to provide an introduction to all the issues related to the security governance.
In particular, the student will learn how building up a security governance environment is a vertical problem with respect to the organization and that its management impacts different enterprise's levels.
Aspects related to laws, regulations and both international and national standards will be analyzed. It will then be discussed how, from a methodological point of view, these aspects are transposed and implemented through the definition of appropriate frameworks for cybersecurity management.

- Apply knowledge and understanding

Another fundamental aspect of the course is to provide students with methodologies and tools to let them able to face open problems with respect to the analysis, verification and certification of cybersecurity.

- Critical and judgment skills

The student will acquire the necessary tools to analyse, evaluate and compare different situations and design the appropriate countermeasures to improve the security status of the considered enterprise.

- Communication skills

The student will learn the domain specific language.

- Learning ability

The student will be able to adopt and re-apply all the methods discussed during the course

AAF1803 | Cyber Security Seminars [N/D, N/D] [ENG]2nd2nd6

Educational objectives

Organizations today are facing an increasing sophistication, stealth and persistence of cyber-attacks – from nation-states, organised crime, hacktivists, as well as threats from within the organisation.
The goal of the course is to describe the main critical challenges of protecting information systems and assets – financial information, customer data, intellectual property – and the implications of failing to do so.

AAF1028 | Final exam [N/D] [ITA]2nd2nd30

Educational objectives

The final exam consists in the discussion of a master thesis, composed of a document written in English, which presents the results of an original study conducted on a problem of an applicative, experimental or research nature. The preparation of the thesis takes place under the direction of a teacher in the second year of the course.

The final exam assesses the ability to apply the knowledge learnt to a specific problem, the ability to make autonomous decisions and to communicate the methodological and technical aspects of the work carried out.