Master's in Cybersecurity: Practical Network Defense

Course Introduction

• The course is Practical Network Defense, a part of the Master's degree in Cybersecurity at Sapienza Università di Roma, academic year 2023-24.
• The lecturer is Angelo Spognardi, an associate professor at the Department of Informatics (Dipartimento di Informatica).
• The lecturer's contact information: tel: 06 4925 5164, email: [email protected], and website: https://angelospognardi.site.uniroma1.it.

Practical Info

• Student hours are available on request by email, and meetings will be held in the lecturer's office (G29, v.le Regina Elena, 295, Edificio G).
• Research interests of the lecturer include computer network security, security in social networks, ML and AI in cybersecurity, privacy, applied cryptography, operating systems, and programming.

Course Website and Schedule

• The course website is https://sites.google.com/di.uniroma1.it/practical-network-defense.
• The course has 6 CFUs, and students are required to join the class in Google Classroom using the code "mumait2" and their @studenti.uniroma1.it account.
• The schedule includes Thursday classes from 12-15 pm at Tiburtina Labs (lab XV) and Friday classes from 11-13 am at Aula 3, v.le Castro Laurenziano 7a.

Objectives

• The course aims to teach students methods and tools for protecting computer networks.
• Students will learn to apply practical concepts, including protocols in networked computer systems, security mechanisms, and intrusion detection.
• By the end of the course, students will be able to monitor traffic, apply security policies, perform network scans, and select appropriate firewall rules and protection mechanisms.

Topics Covered

• Network monitoring and traffic analysis
• Network attacks (e.g., session hijacking, man-in-the-middle)
• Minimizing exposure (attack surface and vectors)
• Network hardening and policy development
• Defense in depth and perimeter networks (DMZs)/Proxy Servers
• Implementing firewalls and virtual private networks (VPNs)
• Implementing IDS/IPS and network access control

Class Structure and Assignments

• Theoretical concepts will be presented in classroom hours, with practical activities during lab hours.
• Some topics will have assignments with two parts: an implementing part in the virtual lab environment and a reporting part.
• Assignments are part of the exam and are a prerequisite for accessing the written exam.

Tools and Resources

• The course will use Kathará (formerly known as netkit), a container-based framework for experimenting with computer networking.
• A virtual machine will be provided for students, and access to the virtual infrastructure (ACME co.) will be granted.
• Recommended textbooks include "Introduction to Computer Networks and Cybersecurity" by Chwan-Hwa (John) Wu and J.David Irwin.

Exam and Assessment

• The exam consists of 3/4 mandatory assignments and a full written exam.
• Optional oral exams are available for students with a written exam score of 27 or higher.
• Assignments are evaluated as A, B, or C, and provide an increment to the final grade of the written exam (up to +3 points).

Feedback and Self-Assessment

• Feedback is always welcome, and students are encouraged to share suggestions and resources.
• Self-assessment questions are provided to help students identify areas where they need to improve.
• The self-assessment questions cover topics such as Linux, network security, and cryptography.

Bonus Reference

• A bonus reference is provided to help students get used to Linux CLI and tools: http://overthewire.org/wargames/bandit/bandit0.html.