Studying at the University of Verona
Here you can find information on the organisational aspects of the Programme, lecture timetables, learning activities and useful contact details for your time at the University, from enrolment to graduation.
Academic calendar
The academic calendar shows the deadlines and scheduled events that are relevant to students, teaching and technical-administrative staff of the University. Public holidays and University closures are also indicated. The academic year normally begins on 1 October each year and ends on 30 September of the following year.
Course calendar
The Academic Calendar sets out the degree programme lecture and exam timetables, as well as the relevant university closure dates..
Period | From | To |
---|---|---|
I sem. | Oct 3, 2016 | Jan 31, 2017 |
II sem. | Mar 1, 2017 | Jun 9, 2017 |
Session | From | To |
---|---|---|
Sessione invernale Appelli d'esame | Feb 1, 2017 | Feb 28, 2017 |
Sessione estiva Appelli d'esame | Jun 12, 2017 | Jul 31, 2017 |
Sessione autunnale Appelli d'esame | Sep 1, 2017 | Sep 29, 2017 |
Session | From | To |
---|---|---|
Sessione estiva Appelli di Laurea | Jul 19, 2017 | Jul 19, 2017 |
Sessione autunnale Appelli di laurea | Oct 18, 2017 | Oct 18, 2017 |
Sessione invernale Appelli di laurea | Mar 21, 2018 | Mar 21, 2018 |
Period | From | To |
---|---|---|
Festa di Ognissanti | Nov 1, 2016 | Nov 1, 2016 |
Festa dell'Immacolata Concezione | Dec 8, 2016 | Dec 8, 2016 |
Vacanze di Natale | Dec 23, 2016 | Jan 8, 2017 |
Vacanze di Pasqua | Apr 14, 2017 | Apr 18, 2017 |
Anniversario della Liberazione | Apr 25, 2017 | Apr 25, 2017 |
Festa del Lavoro | May 1, 2017 | May 1, 2017 |
Festa della Repubblica | Jun 2, 2017 | Jun 2, 2017 |
Vacanze estive | Aug 8, 2017 | Aug 20, 2017 |
Exam calendar
Exam dates and rounds are managed by the relevant Science and Engineering Teaching and Student Services Unit.
To view all the exam sessions available, please use the Exam dashboard on ESSE3.
If you forgot your login details or have problems logging in, please contact the relevant IT HelpDesk, or check the login details recovery web page.
Academic staff
Study Plan
The Study Plan includes all modules, teaching and learning activities that each student will need to undertake during their time at the University.
Please select your Study Plan based on your enrollment year.
1° Year
Modules | Credits | TAF | SSD |
---|
2° Year activated in the A.Y. 2017/2018
Modules | Credits | TAF | SSD |
---|
Modules | Credits | TAF | SSD |
---|
Modules | Credits | TAF | SSD |
---|
Modules | Credits | TAF | SSD |
---|
Legend | Type of training activity (TTA)
TAF (Type of Educational Activity) All courses and activities are classified into different types of educational activities, indicated by a letter.
Network security (2016/2017)
Teaching code
4S02798
Teacher
Coordinator
Credits
6
Language
Italian
Scientific Disciplinary Sector (SSD)
ING-INF/05 - INFORMATION PROCESSING SYSTEMS
Period
II sem. dal Mar 1, 2017 al Jun 9, 2017.
Learning outcomes
The course objective is to present the main methodologies and technologies to ensure the security of computer networks and distributed IT systems in general. At the end of the course, each student must demonstrate to know the main theoretical and applied concepts for the design, implementation and formal analysis of tools and protocols for network security and the security of distributed IT systems.
Program
Frontal Teaching (44 hours)
- Introduction to Information Security
- Classical Security Properties (Confidentiality, Integrity, Availability, Accountability, Authentication)
- Goals, risks, attacks
- Symmetric and asymmetric key cryptography
- The problem of the distribution of secret keys
- Integrity of messages and message authentication
- Trust certificates and templates
- Public Key Infrastructure
- Public Key Infrastructure Study Cases (X.509, PGP)
- Classic cryptographic protocols for key exchange
- Taxonomy of attacks for classic cryptographic protocols
- Techniques for designing correct cryptographic protocols
- Network security protocols at different levels
- Case Studies (Kerberos, Security Socket Layer SSL, Internet Key Exchange IKE, IP Security IPSec)
- Privacy and anonymity
- Anonymity policies, technical problems, implementation mechanisms (pseudonyms and proxies)
- Case Studies (Mix Networks, Crowds, Onions networks, TOR)
- Firewalls (packet filter, stateful, application level, circuit level)
- Intruders and Intrusion Detection Systems.
Laboratory (12 hours):
--Network Traffic Analysis:
* Most commonly used firewall filtering systems. Introduction to Netcat, Wireshark, and tcpdump.
* Writing a port scanner in Python. Hints on the nmap tool.
* Physical Addresses and ARP Protocol, ARP Tables, and ARP spoofing attacks. The concept of ARP poisoning. The Ettercap tool. Attachment detection methods based on spoofing and risk mitigation.
* Hints on String Strips HTTP.Tool SSLStrip and Bettercap Headers.
* Network layer limits as a defense tool for attacks at the application level.
- Anomalies detected in network traffic:
* Log Logging for Attack Detection. Hints about how IPS and Intrusion Prevention Systems (IPSs) and Intrusion Detection Systems (IDSs) are configured based on logs.
* Typical network layer configuration errors and consequent higher-level risks. The major vulnerabilities of web based networking (A5: security misconfiguration, A6: sensitive data exposure), theft of authentication credentials, session tokens, and sensitive information in general. Examples using ARP poisoning techniques.
* The Linux Netfilter firewall: default functionality and operating modes, tables, chains, rules, targets, and policies. QoS (Quality of Service) hints and use for connections that require special latency guarantees. Hints on how to optimize filtering rules to help them work.
* Netfilter extensions for connection status (new, established, related, and invalid), address types (unspec, local prohibit, unicast, broadcast), comments, limitations and burst concepts, filters At the MAC address level, using firewall to mitigate ARP spoofing attacks.
- Checking network and IDS filtering configurations:
* Designing an IDS system. Example of activating IDS for a web infrastructure. IPS system implementation for brute force attacks on ftp credentials and port scanning. IPS prototype writing through the iptables firewall and the Linux shell. IPS OSSEC.
* Case study: SYN flood type (half-open-attack) attacks and impaction mitigation methods: limiting the absorbed resources of the attack by means of network tools.
* Security effectiveness considerations through progressive network closures.
* Comparison of Netfilter firewalls with ASA of CISCO (hints) and PF (BSD systems).
* PfSense (community edition) firewall wizard.
* Connecting, port forwarding, and filing rules provided by the OpenWRT firewall for embedded systems.
Author | Title | Publishing house | Year | ISBN | Notes |
---|---|---|---|---|---|
William Stallings | Cryptography and Network Security: Principles and Practice (7th Edition) (Edizione 7) | Prentice Hall | 2016 | ISBN-10: 0134444280 | |
William Stallings | Network Security Essentials: Applications and Standards (6th Edition) (Edizione 6) | Prentice Hall | 2017 | ISBN-10: 013452733X |
Examination Methods
Examination consists of:
- an oral examination on the topics dealt with during frontal lessons;
- a project on subject related to the lab.
The final vote comes from the average of the evaluations obtained in the oral test and in the discussion of the project.
Type D and Type F activities
Documents and news
- PIANO DIDATTICO LM-18 LM-32 (octet-stream, it, 17 KB, 21/09/18)
Modules not yet included
Career prospects
Module/Programme news
News for students
There you will find information, resources and services useful during your time at the University (Student’s exam record, your study plan on ESSE3, Distance Learning courses, university email account, office forms, administrative procedures, etc.). You can log into MyUnivr with your GIA login details: only in this way will you be able to receive notification of all the notices from your teachers and your secretariat via email and also via the Univr app.
Graduation
Deadlines and administrative fulfilments
For deadlines, administrative fulfilments and notices on graduation sessions, please refer to the Graduation Sessions - Science and Engineering service.
Need to activate a thesis internship
For thesis-related internships, it is not always necessary to activate an internship through the Internship Office. For further information, please consult the dedicated document, which can be found in the 'Documents' section of the Internships and work orientation - Science e Engineering service.
Final examination regulations
List of thesis proposals
Attendance modes and venues
As stated in the Teaching Regulations, attendance at the course of study is not mandatory.
Part-time enrolment is permitted. Find out more on the Part-time enrolment possibilities page.
The course's teaching activities take place in the Science and Engineering area, which consists of the buildings of Ca‘ Vignal 1, Ca’ Vignal 2, Ca' Vignal 3 and Piramide, located in the Borgo Roma campus.
Lectures are held in the classrooms of Ca‘ Vignal 1, Ca’ Vignal 2 and Ca' Vignal 3, while practical exercises take place in the teaching laboratories dedicated to the various activities.