Visual Information Processing and Protection Group
Protecting the digital ecosystem that surrounds us and plays a more and more essential part in our lives is a pressing need that modern society can no longer ignore. The discipline studying the tools and technology that can be used to this aim is usually, and rather vaguely, referred to as cybersecurity. Such a term broadly encompasses a wide and diverse set of techniques including classical cryptographic tools, security protocols for user authentication, end-to-end communication, network monitoring and protection, intrusion detection, malware recognition, authentication and protection of multimedia contents.
In this framework, the goal of this course is to give a snapshot of some of the most common threats and security measures affecting end-to-end communications and networks, especially wireless networks. The first part of the course focuses on cryptography, since cryptographic tools are the main ingredient behind most security protocols and information protection systems. Then the course passes to review the main threats to cyber-systems and present the main classes of countermeasures security engineers can take to defend against the cyber-threats.
In the second part of the course, the concepts introduced in the first part are put at work in the context of communication security. Rather than attempting to provide a comprehensive treatment, which would be impossible within the time limit of the course, the students will be involved in laboratory activities according to the “learn by doing” paradigm. The laboratory activity will focus on some of the hottest security threats and countermeasures including authentication, application and transport layer security, wireless security.
The third and last part of the course will adopt a different perspective and introduce the students to the problems related to the protection of multimedia contents, including methods for copyright protection, media authentication and covert communication by means of image steganography.
FOUNDATIONS OF CRYPTOGRAPHY. This section aims at introducing the students to the basic concepts underlying modern cryptography.
Cryptanalysis and security models; Symmetric encryption (Block ciphers, DES, AES, Stream ciphers, Key distribution); Asymmetric cryptography (Basic concepts, trapdoor functions, some popular public-key cryptosystems: RSAKey distribution: Diffie-Helman key exchange protocol); Authentication (MAC functions, Hash functions, Digital signatures); Random Number generators; Signal and information processing in the encrypted domain; Application to privacy protection.
COMPUTER SECURITY. This section puts in practice the cryptographic tools developed in the previous sections and enlarges the horizon to discuss several classes of threats against cybersystems and to present possible countermeasures.
User authentication (Password-Based Authentication, Token-Based Authentication, Biometric Authentication, Remote User Authentication); Access control (Basic principles, Discretionary Access Control, Role-Based Access Control, Attribute-Based Access Control); Malicious Software (Classification of Malware, Propagation mechanisms, Payloads, Countermeasures); Denial of Service (DoS) attacks (Classification of DoS, Distributed DoS attacks, Defenses); Intrusion detection and prevention (Host-based intrusion detection, Network-based intrusion detection, Firewalls).
SECURE COMMUNICATIONS. This section involves the student with laboratory activity, according to the “learning by doing" paradigm.
End point authentication (type of attacks: spoofing, playback, man in the middle, countermeasures: nonces, cryptography, certificates); Application layer security (how to secure e-mails, PGP and GPG examples); Traffic analyzers and packet sniffers (tools to sniff, capture and analyse packets, lab exercises on the use of Wireshark traffic analyser); Transport layer security (secure TCP connections, SSL/TLS details); Wireless LANs security (WI-FI, WEP, WPA, WPA2, IEEE_802.11i, How to hack WLAN security); Deep Web, Dark Web (main concepts, keeping anonymous your Internet traffic); Crypto-currencies: blockchain and the Bitcoin.
MULTIMEDIA SECURITY. This section introduces the problems related to the protection and authentication of multimedia contents. The basic concepts will be illustrated by means of laboratory experiments.
Data hiding and watermarking; Steganography; Steganalysis; Multimedia Forensics (Source identification, Tampering detection)