Questo sito utilizza cookie tecnici e di terze parti. Se vuoi saperne di più o negare il consenso consulta l'informativa sulla privacy. Proseguendo la navigazione o cliccando su "Chiudi" acconsenti all'uso dei cookie. Chiudi
vai al contenuto vai al menu principale vai alla sezione Accessibilità vai alla mappa del sito
Login  Docente | Studente | Personale | Italiano  English
Home page

Cyber security

Degree course Electronic Engineering
Curriculum Curriculum unico
Learnings Orientamento unico
Academic Year 2018/2019
Scientific Disciplinary Sector ING-INF/05
Year First year
Time unit Second semester
Class hours 48
Educational activity Related and integrative training activities

Single group

Supplying course 85M006 SICUREZZA INFORMATICA in Ingegneria Informatica e dei sistemi per le Telecomunicazioni LM-27 BUCCAFURRI FRANCESCO ANTONIO
Professor Francesco BUCCAFURRI
Objectives The aim of this course is to provide the students with solid foundations
about the basic concepts of information security.
The main objective of the course is to enable students to properly reason about information systems
and computer networks also from an information
security perspective.
Topics covered in the course include
standards, the study of the main (stream and block)
ciphers and cryptographic hash functions;
the application of these mechanisms to the
various security services, and the main aspects of network security and software security.
Programme Part I: Introduction
Basic Concepts.
Vulnerability Threat, Attack
The Attacker
Security Services and Security Mechanisms
Managing and Planning IT security
Standars for an Information Security Management Sistem (ISMS):
• ISO-27001/2
Standards for the evaluation of security tools:
Standars for a glossary of Information Security
• CCITT- X.800, IETF - RFC 2828.
Part II. Cryptography
Introduction to Cryptography.
One way functions and Trap Doors
Symmetric and Public Key Ciphers
Confusion and Diffusion Principles
Classic Cryptography
Attacks and Cryptoanalysis
Attacks models
• Known Ciphertext Attack
• Known Plaintext Attack
• Chosen Plaintext Attack
• Chosen Ciphertext Attack
Modern Cryptography
Block Ciphers and Stream Ciphers
Feistel Cipher
Data Encryption Standard (DES).
Drawbacks of DES
• Weak keys
• Size of the Key
• Meet in the middle attack
Triple DES
Block cipher modes of operation
• Cipher feedback
• Counter
Pseudo and True Random Number Generators (PRNG and TRNG)
Stream Ciphers
• RC4.
Cryptographic Hash
• SHA1 – SHA-256
Birthday Attack
Public Key Ciphers
Message Authentication based on Symmetric and Public Key Cryptography
Message Authentication based on Cryptographic Hashs (MAC):
• Secret Prefix
• Secret Postfix
Public Key Cryptography and Digital Signature
PKI X.509 and Certification Authorities
Qualified Electronic Signature
Digital Signature Vulnerabilties
European and National Normative Aspects

Part III Network Security
Peer Entity Authentication: challenge-response protocols
Access Control and Authorizations
Diffie-Hellman Algorithm and Key Exchange
Approaches based on KDC (Key Distribution Center)
• Kerberos
Approaches based on PKI X.509
OTP (One time password)
IP Security
• IPsec: Transport and Tunnelling, Authentication Header (AH) e Encapsulating Security Payload (ESP).
DNS poisoning
Web Security
Wireless security and WEP vulnerabilities
Part IV: Software Security
Password Management
Malware (virus, worm, spyware, trojan, etc.).
Buffer overflow attacks
SQL injection attacks and other Web vulnerabilities
Books William Stallings, Network Security: Applications and Standards – edition 3
Traditional teaching method Yes
Distance teaching method No
Mandatory attendance No
Written examination evaluation No
Oral examination evaluation Yes
Aptitude test evaluation No
Project evaluation No
Internship evaluation No
Evaluation in itinere No
Practice Test No

Further information

No document in this course

Office hours list:

Description News
Office hours by: Francesco Buccafurri
martedì 11.00-13.00, presso lo studio del docente
No news posted
No class timetable posted
Via dell'Università, 25 (già Salita Melissari) - 89124 Reggio Calabria - CF 80006510806 - Fax 0965 332201 - URP:Indirizzo di posta elettronica dell'ufficio relazioni con il pubblico- PEC:Indirizzo di posta elettronica certificata dell'amministrazione
Feed RSS Facebook Twitter YouTube Instagram