COMPUTER SECURITY E LABORATORIO

Academic Year 2021/2022 - 1° Year - Curriculum Sistemi di Rete e Sicurezza
Teaching Staff Credit Value: 9
Taught classes: 36 hours
Exercise: 24 hours
Laboratories: 12 hours
Term / Semester:

Learning Objectives

  • Computer Security
    1. Knowledge and understanding. Students will get to grips with "frontier" security issues such as non-repudiation, penetration testing and formal analysis.
    2. Applying knowledge and understanding. Students will complete their fundamental security knowledge with the practical applications of the tools for penetration testing and formal analysis.
    3. Making judgements. Students will become expert players of the "security game", and in particular of the tools to play actively and successfully in a Capture The Flag in the style brought forward by Professor Giovanni Vigna and his team.
    4. Communication skills. Students will familiarise with advanced cyber security terms, building their capacity to conjugate penetration testing and formal analysis towards the deployment of secure systems.
    5. Learning skills. Students will get the critical attitude and competences to tackle and solve advanced security problems are they arise in various forms.
  • Computer Security
    1. Knowledge and understanding. Students will get to grips with "frontier" security issues such as non-repudiation, penetration testing and formal analysis.
    2. Applying knowledge and understanding. Students will complete their fundamental security knowledge with the practical applications of the tools for penetration testing and formal analysis.
    3. Making judgements. Students will become expert players of the "security game", and in particular of the tools to play actively and successfully in a Capture The Flag in the style brought forward by Professor Giovanni Vigna and his team.
    4. Communication skills. Students will familiarise with advanced cyber security terms, building their capacity to conjugate penetration testing and formal analysis towards the deployment of secure systems.
    5. Learning skills. Students will get the critical attitude and competences to tackle and solve advanced security problems are they arise in various forms.

Course Structure

  • Computer Security

    Teaching consists of traditional upfront classes, enriched with a variety of practical applications demonstrated during class. The final exam requires passing an individual, practical project and an oral interview.


    Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus. Learning assessment may also be carried out on line, should the conditions require it.

  • Computer Security

    Practical laboratory experiments of penetration testing based upon Metasploit and Kali Linux.

    Should teaching be carried out in mixed mode or remotely, it may be necessary to introduce changes with respect to previous statements, in line with the programme planned and outlined in the syllabus. Learning assessment may also be carried out on line, should the conditions require it.


Detailed Course Content

  • Computer Security

    1. Non-repudiation
    - Validity of evidence and fairness
    - Application to e-commerce
    - Application to delegation
    - Application to certified e-mail

    2. Essentials of penetration testing

    - Metasploit

    - Kali Linux

    - Information gathering

    3. Tools for security protocol verification
    - Theorem proving: the Inductive Method
    - Model checking: Avispa
    - Ad hoc tools: Proverif

  • Computer Security

    1. Non-repudiation
    - Validity of evidence and fairness
    - Application to e-commerce
    - Application to delegation
    - Application to certified e-mail

    2. Essentials of penetration testing

    - Metasploit

    - Kali Linux

    - Information gathering

    3. Tools for security protocol verification
    - Theorem proving: the Inductive Method
    - Model checking: Avispa
    - Ad hoc tools: Proverif


Textbook Information

  • Computer Security

    Lecture notes offered by the lecturer.

    • William Stallings: Sicurezza delle reti. Applicazioni e standard
    • Bruce Schneier: Sicurezza digitale. Miti da sfatare, strategie da adottare
  • Computer Security

    Lecture notes offered by the lecturer.

    • William Stallings: Sicurezza delle reti. Applicazioni e standard
    • Bruce Schneier: Sicurezza digitale. Miti da sfatare, strategie da adottare