Differences

This shows you the differences between two versions of the page.

--- master [2022/01/05 12:03] – ggankhuyag
+++ master [2022/01/26 12:41] – ggankhuyag
@@ Line 28: / Line 28: @@
 Content
-We will start discussing the technical attack vectors (XSS, SQL Injections, XSRF, drive-by download) and how these vectors are embodied in complex attacks (malware, spyware, ransomware, botnets) Then, we will see how these attacks are used in cybercrime economy (spam, phishing, infections and money laundering). We will discuss the principles of defense technology. We will touch on the economic aspects of cyber criminality, and on the markets of cybercrime as a service. Finally, we will discuss attacks sophistication, state-sponsored attacks, and the emergence of a grey market. We will make use of case studies (e.g., Hacking Team, Stuxnet, Flame, etc).
+We will start discussing the technical attack vectors (XSS, SQL Injections, XSRF, drive-by download) and how these vectors are embodied in complex attacks (malware, spyware, ransomware, botnets) Then, we will see how these attacks are used in the cybercrime economy (spam, phishing, infections and money laundering). We will discuss the principles of defense technology. We will touch on the economic aspects of cyber criminality, and on the markets of cybercrime as a service. Finally, we will discuss attacks sophistication, state-sponsored attacks, and the emergence of a grey market. We will make use of case studies (e.g., Hacking Team, Stuxnet, Flame, etc).
 ===2IMS25: Principles of Data Protection===
 This course focuses on data protection technologies designed to prevent the dissemination of sensitive information of individuals. The course will provide a solid introduction to the most important access control models (e.g., DAC, MAC, RBAC) and their extensions for distributed systems (e.g., RT) and usage control (e.g., UCON). The course also covers industry standards in the area of access control and privacy (e.g., XACML and EPAL). See the [[http://zannone.win.tue.nl/teaching/dtm.html|course website]] for more information.
+===2IMS30: Advanced Network Security===
+The course is divided in THREE (3) parts.
+. The first part is dedicated to the recall of basic notions, such as cryptography, hashing, and fundamental related security services, that will be the roots of the following part of the course.
+. The second part of the course is dedicated to the security of IoT networks. The course will mostly follow a bottom-up approach, following the ISO/OSI Stack. We will establish several comparisons between traditional security protocols and the way these protocols are integrated into constrained IoT networks.
+. The third part will focus on specific network security applications. It will cover network security and privacy aspects of several use-case protocols, such as avionics protocols, maritime scenarios, and GNSS architectures.
 =====Master Projects=====
@@ Line 45: / Line 53: @@
   * [[https://www.secura.com/career/students|Proposals for internships and Master projects at Secura]]
   * [[https://www2.deloitte.com/uk/en/pages/careers/articles/graduate-opportunities.html|Proposals for Master projects at Deloitte]]
-  * [[https://security1.win.tue.nl/lib/exe/fetch.php?media=nxp_-_internship_-_information_security_2022_-_r_d_it_published.pdf|Master project on effectiveness of access management of IT systems at NXP Semiconductors]]
+  * [[https://security1.win.tue.nl/lib/exe/fetch.php?media=nxp_-_internship_-_information_security_2022_-_r_d_it_published.pdf|Master project on the effectiveness of access management of IT systems at NXP Semiconductors]]
   * [[iot-applets-NXP|Master Project on a mechanism for automatic trust provisioning of arbitrary IoT applets at NXP Semiconductors]]
   * [[https://security1.win.tue.nl/projects/afstudeerproject_ML.docx|Master Project on Security for Machine Learning at NXP]]
@@ Line 52: / Line 60: @@
   * [[https://www.tno.nl/en/career/vacancies/internship-graduationproject-automated-ict-infrastructure-modeling-for-cyber-security-analysis/a0sb000000nzpwleaz/|Master Project on Automated ICT Infrastructure Modeling for Cyber Security Analysis at TNO]]
   * [[http://security1.win.tue.nl/projects/honeypot_tue.pdf|Master Project on Network Honeypot Framework at Auxilium Cyber Security]]
-  *[[http://www.win.tue.nl/~lallodi/#projects|Master Project on Contextual Risk Assesment for CIED Medical Devices ]]
+  *[[http://www.win.tue.nl/~lallodi/#projects|Master Project on Contextual Risk Assessment for CIED Medical Devices ]]
   *[[http://security1.win.tue.nl/projects/8_From_alerts_to_incidents.pdf|Master Project on "From Alerts to Incidents in ICS/SCADA" at SecurityMatters]]
   *[[http://security1.win.tue.nl/projects/3_Threat Intelligence Support.pdf|Master Project on Protecting ICS Networks from Attacks at SecurityMatters]]
@@ Line 68: / Line 76: @@
   *[[http://security1.win.tue.nl/projects/Intrinsic_ID/Student_project_PandaBoard.pdf|Master Projects in Security at Intrinsic-ID]]
   *[[http://security1.win.tue.nl/projects/SEGULA/2015-06-30_One_Password_4_All.docx|Master Project ("One Password 4 All") at SEGULA]]
-  *[[http://security1.win.tue.nl/projects/AttributeBasedEncryptionInIot.docx|Master Project on Attribute Based Encryption in IoT at THALES]]
+  *[[http://security1.win.tue.nl/projects/AttributeBasedEncryptionInIot.docx|Master Project on Attribute-Based Encryption in IoT at THALES]]
   *[[https://security1.win.tue.nl/projects/dnb_oracle.pdf|Master Project on trusted data feeds for smart contracts at De Nederlandsche Bank]]
   *[[https://security1.win.tue.nl/projects/MasterProject_GGZ_Milan.pdf|Master Project on AI-Supported Treatment of Eating Disorders at GGZ]]