Studying at the University of Verona
Here you can find information on the organisational aspects of the Programme, lecture timetables, learning activities and useful contact details for your time at the University, from enrolment to graduation.
Academic calendar
The academic calendar shows the deadlines and scheduled events that are relevant to students, teaching and technical-administrative staff of the University. Public holidays and University closures are also indicated. The academic year normally begins on 1 October each year and ends on 30 September of the following year.
Course calendar
The Academic Calendar sets out the degree programme lecture and exam timetables, as well as the relevant university closure dates..
Period | From | To |
---|---|---|
I semestre | Oct 1, 2020 | Jan 29, 2021 |
II semestre | Mar 1, 2021 | Jun 11, 2021 |
Session | From | To |
---|---|---|
Sessione invernale d'esame | Feb 1, 2021 | Feb 26, 2021 |
Sessione estiva d'esame | Jun 14, 2021 | Jul 30, 2021 |
Sessione autunnale d'esame | Sep 1, 2021 | Sep 30, 2021 |
Session | From | To |
---|---|---|
Sessione Estiva | Jul 15, 2021 | Jul 15, 2021 |
Sessione Autunnale | Oct 15, 2021 | Oct 15, 2021 |
Sessione Invernale | Mar 15, 2022 | Mar 15, 2022 |
Period | From | To |
---|---|---|
Festa dell'Immacolata | Dec 8, 2020 | Dec 8, 2020 |
Vacanze Natalizie | Dec 24, 2020 | Jan 3, 2021 |
Epifania | Jan 6, 2021 | Jan 6, 2021 |
Vacanze Pasquali | Apr 2, 2021 | Apr 5, 2021 |
Santo Patrono | May 21, 2021 | May 21, 2021 |
Festa della Repubblica | Jun 2, 2021 | Jun 2, 2021 |
Exam calendar
Exam dates and rounds are managed by the relevant Science and Engineering Teaching and Student Services Unit.
To view all the exam sessions available, please use the Exam dashboard on ESSE3.
If you forgot your login details or have problems logging in, please contact the relevant IT HelpDesk, or check the login details recovery web page.
Should you have any doubts or questions, please check the Enrollment FAQs
Academic staff
Study Plan
The Study Plan includes all modules, teaching and learning activities that each student will need to undertake during their time at the University.
Please select your Study Plan based on your enrollment year.
1° Year
2° Year activated in the A.Y. 2021/2022
Modules | Credits | TAF | SSD |
---|
Modules | Credits | TAF | SSD |
---|
Modules | Credits | TAF | SSD |
---|
Legend | Type of training activity (TTA)
TAF (Type of Educational Activity) All courses and activities are classified into different types of educational activities, indicated by a letter.
Type D and Type F activities
Le attività formative in ambito D o F comprendono gli insegnamenti impartiti presso l'Università di Verona o periodi di stage/tirocinio professionale.
Nella scelta delle attività di tipo D, gli studenti dovranno tener presente che in sede di approvazione si terrà conto della coerenza delle loro scelte con il progetto formativo del loro piano di studio e dell'adeguatezza delle motivazioni eventualmente fornite.
years | Modules | TAF | Teacher |
---|---|---|---|
1° 2° | Matlab-Simulink programming | D |
Bogdan Mihai Maris
(Coordinator)
|
1° 2° | Programming Challanges | D |
Romeo Rizzi
(Coordinator)
|
years | Modules | TAF | Teacher |
---|---|---|---|
1° 2° | Introduction to 3D printing | D |
Franco Fummi
(Coordinator)
|
1° 2° | Python programming language | D |
Vittoria Cozza
(Coordinator)
|
1° 2° | HW components design on FPGA | D |
Franco Fummi
(Coordinator)
|
1° 2° | Rapid prototyping on Arduino | D |
Franco Fummi
(Coordinator)
|
1° 2° | Protection of intangible assets (SW and invention)between industrial law and copyright | D |
Roberto Giacobazzi
(Coordinator)
|
years | Modules | TAF | Teacher |
---|---|---|---|
1° 2° | The fashion lab (1 ECTS) | D |
Maria Caterina Baruffi
(Coordinator)
|
1° 2° | The course provides an introduction to blockchain technology. It focuses on the technology behind Bitcoin, Ethereum, Tendermint and Hotmoka. | D |
Nicola Fausto Spoto
(Coordinator)
|
Network security (2020/2021)
Teaching code
4S008904
Credits
6
Language
Italian
Scientific Disciplinary Sector (SSD)
INF/01 - INFORMATICS
The teaching is organized as follows:
Teoria
Laboratorio
Learning outcomes
The course aims to present the main methodologies and technologies to ensure the security of computer networks and, more generally, distributed information systems. At the end of the course, the student must demonstrate to be able to know the main theoretical and applicative notions for the design, the practical implementation and the formal analysis of tools and protocols for the security of distributed networks and distributed information systems. This knowledge will allow the student to compare different techniques of network protection and choose between them the most appropriate according to the context of use and to make the most appropriate design choices when defining a new computer network. The student will then be able to continue his/her studies in the field of network security and distributed information system in autonomy, studying autonomously and presenting in clear way new vulnerabilities in computer networks and the related solutions adopted to mitigate their effects
Program
Frontal Teaching (44 hours)
- Introduction to Information Security
- Classical Security Properties (Confidentiality, Integrity, Availability, Accountability, Authentication)
- Goals, risks, attacks
- Symmetric and asymmetric key cryptography
- The problem of the distribution of secret keys
- Integrity of messages and message authentication
- Trust certificates and templates
- Public Key Infrastructure
- Public Key Infrastructure Study Cases (X.509, PGP)
- Classic cryptographic protocols for key exchange
- Taxonomy of attacks for classic cryptographic protocols
- Techniques for designing correct cryptographic protocols
- Network security protocols at different levels
- Case Studies (Kerberos, Security Socket Layer SSL, Internet Key Exchange IKE, IP Security IPSec)
- Privacy and anonymity
- Anonymity policies, technical problems, implementation mechanisms (pseudonyms and proxies)
- Case Studies (Mix Networks, Crowds, Onions networks, TOR)
- Firewalls (packet filter, stateful, application level, circuit level)
- Intruders and Intrusion Detection Systems.
Laboratory (12 hours):
--Network Traffic Analysis:
* Most commonly used firewall filtering systems. Introduction to Netcat, Wireshark, and tcpdump.
* Writing a port scanner in Python. Hints on the nmap tool.
* Physical Addresses and ARP Protocol, ARP Tables, and ARP spoofing attacks. The concept of ARP poisoning. The Ettercap tool. Attachment detection methods based on spoofing and risk mitigation.
* Hints on String Strips HTTP.Tool SSLStrip and Bettercap Headers.
* Network layer limits as a defense tool for attacks at the application level.
- Anomalies detected in network traffic:
* Log Logging for Attack Detection. Hints about how IPS and Intrusion Prevention Systems (IPSs) and Intrusion Detection Systems (IDSs) are configured based on logs.
* Typical network layer configuration errors and consequent higher-level risks. The major vulnerabilities of web based networking (A5: security misconfiguration, A6: sensitive data exposure), theft of authentication credentials, session tokens, and sensitive information in general. Examples using ARP poisoning techniques.
* The Linux Netfilter firewall: default functionality and operating modes, tables, chains, rules, targets, and policies. QoS (Quality of Service) hints and use for connections that require special latency guarantees. Hints on how to optimize filtering rules to help them work.
* Netfilter extensions for connection status (new, established, related, and invalid), address types (unspec, local prohibit, unicast, broadcast), comments, limitations and burst concepts, filters At the MAC address level, using firewall to mitigate ARP spoofing attacks.
- Checking network and IDS filtering configurations:
* Designing an IDS system. Example of activating IDS for a web infrastructure. IPS system implementation for brute force attacks on ftp credentials and port scanning. IPS prototype writing through the iptables firewall and the Linux shell. IPS OSSEC.
* Case study: SYN flood type (half-open-attack) attacks and impaction mitigation methods: limiting the absorbed resources of the attack by means of network tools.
* Security effectiveness considerations through progressive network closures.
* Comparison of Netfilter firewalls with ASA of CISCO (hints) and PF (BSD systems).
* PfSense (community edition) firewall wizard.
* Connecting, port forwarding, and filing rules provided by the OpenWRT firewall for embedded systems.
Bibliography
Activity | Author | Title | Publishing house | Year | ISBN | Notes |
---|---|---|---|---|---|---|
Teoria | William Stallings | Network Security Essentials: Applications and Standards (6th Edition) (Edizione 6) | Prentice Hall | 2017 | ISBN-10: 013452733X |
Examination Methods
Examination consists of:
- an oral examination on the topics dealt with during frontal lessons;
- a project on subject related to the lab.
The final vote comes from the average of the evaluations obtained in the oral test and in the discussion of the project.
Career prospects
Module/Programme news
News for students
There you will find information, resources and services useful during your time at the University (Student’s exam record, your study plan on ESSE3, Distance Learning courses, university email account, office forms, administrative procedures, etc.). You can log into MyUnivr with your GIA login details: only in this way will you be able to receive notification of all the notices from your teachers and your secretariat via email and soon also via the Univr app.
Graduation
Deadlines and administrative fulfilments
For deadlines, administrative fulfilments and notices on graduation sessions, please refer to the Graduation Sessions - Science and Engineering service.
Need to activate a thesis internship
For thesis-related internships, it is not always necessary to activate an internship through the Internship Office. For further information, please consult the dedicated document, which can be found in the 'Documents' section of the Internships and work orientation - Science e Engineering service.
Final examination regulations
List of thesis proposals
Attendance
As stated in the Teaching Regulations for the A.Y. 2022/2023, attendance at the course of study is not mandatory.