User Tools

Site Tools


master

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
master [2021/11/02 17:30] – [External Projects:] zannonenmaster [2023/06/01 17:06] (current) ggankhuyag
Line 1: Line 1:
 =====Master Degree in Cyber Security at TU/e===== =====Master Degree in Cyber Security at TU/e=====
-TU/ein joint collaboration with the RU Radboud University, offers a Master Specialization in Cyber Security. +Starting from 2021-2022 TU Eindhoven offers a fully local Information Security Technology master track where all lectures are offered on the TU/e campus. The IST track used to be part of the "TRU/e Master in Cyber Security" which was offered in collaboration with Radboud University (RU). The last intake of the TRU/e master was in 2020-2021. For more info, visit the [[https://educationguide.tue.nl/programs/graduate-school/special-masters-tracks/information-security-technology/|website]].
-For more info, visit the website https://true-security.nl/+
 ====Courses offered by SEC==== ====Courses offered by SEC====
  
 ===2IMS00: Seminar IST=== ===2IMS00: Seminar IST===
-In this course students train the skills required for doing independent research in security. The student has to be able to explore a new security topic on his/her own and present the results in oral and written form. The Seminar is a preparation for the masters thesis project. The students get a project assignment, consisting of a literature study and a practical assignment. They have to hand in a report and to present their results orally to their fellow students. The reports are subjected to peer review.+In this coursestudents train the skills required for doing independent research in security. The student has to be able to explore a new security topic on his/her own and present the results in oral and written form. The Seminar is a preparation for the master'thesis project. The students get a project assignment, consisting of a literature study and a practical assignment. They have to hand in a report and present their results orally to their fellow students. The reports are subjected to peer review.
  
 ===2IMS10: Physical Aspects of Digital Security=== ===2IMS10: Physical Aspects of Digital Security===
 The course covers a number of subjects where digital security is heavily influenced by interaction with the physical world: The course covers a number of subjects where digital security is heavily influenced by interaction with the physical world:
 Fuzzy extractors, true random number generation, distance bounding, physical unclonable functions, quantum computers, quantum key exchange. Fuzzy extractors, true random number generation, distance bounding, physical unclonable functions, quantum computers, quantum key exchange.
-The emphasis lies on the adaptation of algorithms and protocols to cope withand maximally exploit, the properties of the physical world.+The emphasis lies on the adaptation of algorithms and protocols to cope with and maximally exploit, the properties of the physical world.
 ===2IMS15: Verification of Security Protocols=== ===2IMS15: Verification of Security Protocols===
 The student will learn what are security protocols, which kind of flaws they can contain and how to detect and fix such flaws. The following topics are treated:  The student will learn what are security protocols, which kind of flaws they can contain and how to detect and fix such flaws. The following topics are treated: 
Line 19: Line 18:
     * Information flow     * Information flow
  
-===2IMS20: Hacker's Hut  === +===2IMS20: Cyberattacks, Crime and Defenses  === 
-The course comprises both theoretical lessons as well as practical exercisesTopics include: stack overflowbuffer overflows, cross site scripting attacks, cross site request forgery, sql injections, rootkits. +Objectives 
-===2IMS25: Principles of Data Protection=== +    * Learn the principles of how IT systems can be exploited by cyberattackers. 
-This course focuses on data protection technologies designed to prevent dissemination of sensitive information of individuals. The course will provide a solid introduction to most important access control models (e.g., DAC, MAC, RBAC) and their extensions for distributed systems (e.g.RT) and usage control (e.g., UCON). The course also covers industry standards in the area of access control and privacy (e.g.XACML and EPAL). See the [[http://zannone.win.tue.nl/teaching/dtm.html|course website]] for more information. +    * Learn how cyber attackers actually operate
-=====Master Projects=====+    * Learn the principles of defense technologies and how they can be used, 
 +    * Learn the basics of cybercrime, and the organization of the criminal markets.
  
  
 +Content
  
-The Security Group of TU/e offers large variety of projects that can take place in an external company or within the TU/e:+We will start discussing the technical attack vectors (XSS, SQL Injections, XSRF, drive-by download) and how these vectors are embodied in complex attacks (malware, spyware, ransomware, botnets) Then, we will see how these attacks are used in the cybercrime economy (spam, phishing, infections and money laundering). We will discuss the principles of defense technology. We will touch on the economic aspects of cyber criminality, and on the markets of cybercrime as service. Finally, we will discuss attacks sophistication, state-sponsored attacks, and the emergence of a grey market. We will make use of case studies (e.g., Hacking Team, Stuxnet, Flame, etc). 
 + 
 +===2IMS25: Principles of Data Protection=== 
 +This course focuses on data protection technologies designed to prevent the dissemination of sensitive information of individuals. The course will provide a solid introduction to the most important access control models (e.g., DAC, MAC, RBAC) and their extensions for distributed systems (e.g., RT) and usage control (e.g., UCON). The course also covers industry standards in the area of access control and privacy (e.g., XACML and EPAL). See the [[http://zannone.win.tue.nl/teaching/dtm.html|course website]] for more information.
  
-====External Projects:==== +===2IMS30Advanced Network Security=== 
-[[http://www.win.tue.nl/~setalle/external_thesis.pdf|Requirements and procedure for doing an external master thesis at the Security Group.]]+The course is divided in THREE (3) parts 
 +  - The first part is dedicated to the recall of basic notions, such as cryptography, hashing, and fundamental related security services, that will be the roots of the following part of the course 
 +  - The second part of the course is dedicated to the security of IoT networksThe course will mostly follow a bottom-up approach, following the ISO/OSI StackWe will establish several comparisons between traditional security protocols and the way these protocols are integrated into constrained IoT networks. 
 +  - The third part will focus on specific network security applications. It will cover network security and privacy aspects of several use-case protocols, such as avionics protocols, maritime scenarios, and GNSS architectures
  
-  * [[https://www.brightsight.com/Vacancies/internship-at-brightsight|Internships at SGS Brightsight]] +===2IMS40Intrusion Detection Laboratory=== 
-  * [[https://almende.com/careers/internships/|Proposals for internships and Master projects at Almende]] +The goal of this course is to provide students with a platform to get in-depth, hands-on experience on the building blocks of cyber security monitoringnetwork-based, hostand log-based intrusion detection
-  * [[https://www.secura.com/career/students|Proposals for internships and Master projects at Secura]] +To do so, the course is not focused on front classes but rather adopts a reverse classroom setupthe course will start by providing students with material covering practical and theoretical elements of security monitoring and additional material and pointers covering all three pillars, and their relationshipThe students will then form groups and will be able to choose one of the building blocks to explore in depth by developing a fully-fledged laboratory activity for the other students of the course to attendThese laboratory activities will be run and coordinated, in class, by the very students developing themThe development and delivery of these lab sessions in class is also the final examination of the course for the group of students handling it
-  * [[https://www2.deloitte.com/uk/en/pages/careers/articles/graduate-opportunities.html|Proposals for Master projects at Deloitte]] +The outcome of this setup is that all students will have developed, by the end of the course, a profound understanding of a technology of their choice, and at the same time get hands-on experience on a multitude of aspects of intrusion detection, through the lab activities developed by the fellow students.
-  * [[https://security1.win.tue.nl/lib/exe/fetch.php?media=nxp_-_internship_-_information_security_2022_-_r_d_it_published.pdf|Master project on effectiveness of access management of IT systems at NXP Semiconductors]] +
-  * [[iot-applets-NXP|Master Project on a mechanism for automatic trust provisioning of arbitrary IoT applets at NXP Semiconductors]] +
-  * [[https://security1.win.tue.nl/projects/afstudeerproject_ML.docx|Master Project on Security for Machine Learning at NXP]] +
-  * [[https://www.tno.nl/en/career/vacancies/automated-analysis-of-cyber-attacks-using-attack-defence-graphs/a0sb000000zg8m2eak/| Master Project on Automated Analysis of  Cyber-Attacks using Attack-Defence Graphs at TNO]] +
-  * [[https://www.tno.nl/en/career/vacancies/autonomous-response-orchestration-for-programmable-networks/a0sb000000zg87keas/|Master Project on Autonomous Response Orchestration for Programmable Networks at TNO]] +
-  * [[https://www.tno.nl/en/career/vacancies/internship-graduationproject-automated-ict-infrastructure-modeling-for-cyber-security-analysis/a0sb000000nzpwleaz/|Master Project on Automated ICT Infrastructure Modeling for Cyber Security Analysis at TNO]] +
-  * [[http://security1.win.tue.nl/projects/honeypot_tue.pdf|Master Project on Network Honeypot Framework at Auxilium Cyber Security]] +
-  *[[http://www.win.tue.nl/~lallodi/#projects|Master Project on Contextual Risk Assesment for CIED Medical Devices ]] +
-  *[[http://security1.win.tue.nl/projects/8_From_alerts_to_incidents.pdf|Master Project on "From Alerts to Incidents in ICS/SCADA" at SecurityMatters]] +
-  *[[http://security1.win.tue.nl/projects/3_Threat Intelligence Support.pdf|Master Project on Protecting ICS Networks from Attacks at SecurityMatters]] +
-  *[[http://security1.win.tue.nl/projects/5_SecurityMatters_Semantic_Alert_Correlation.pdf|Master Project on Semantic Alert Correlation in ICS/SCADA at SecurityMatters]] +
-  *[[http://security1.win.tue.nl/projects/Brightsight.pdf|Master Projects at Brightsight]] +
-  *[[http://security1.win.tue.nl/projects/NXP_HCE.pdf|Master Project on Vulnerability assessment of HCE applications at NXP Semiconductors]] +
-  *[[http://security1.win.tue.nl/projects/master_project_WB.pdf|Master Project on White-box Cryptography at NXP Semiconductors]] +
-  *[[http://security1.win.tue.nl/projects/NXP_JavaBytecode.pdf|Master Project/Internship on Java Card bytecode verification at NXP Semiconductors]] +
-  *[[http://security1.win.tue.nl/projects/Omron_InternshipDescription.pdf|Master project IPC Security at Omron]] +
-  *[[http://security1.win.tue.nl/projects/HCT.pdf|Graduation assignment at Hudson Cybertec]] +
-  *[[http://security1.win.tue.nl/projects/master_projects_at_ATOS/projects_at_ATOS.html|Master Projects and internships in Security at ATOS]] +
-  *[[http://security1.win.tue.nl/projects/master_projects_at_TNO/projects_at_TNO.html|Master Projects in Security and Privacy at TNO]] +
-  *[[http://security1.win.tue.nl/projects/master_projects_at_PHILIPS/projects_at_Philips.html|Master Projects at Philips Research]] +
-  *[[http://security1.win.tue.nl/projects/crypto_stick/crypto_stick.html|Master Projects in Security at the Stichting NLnet (Crypto Stick)]] +
-  *[[http://security1.win.tue.nl/projects/Intrinsic_ID/Student_project_PandaBoard.pdf|Master Projects in Security at Intrinsic-ID]] +
-  *[[http://security1.win.tue.nl/projects/SEGULA/2015-06-30_One_Password_4_All.docx|Master Project ("One Password 4 All") at SEGULA]] +
-  *[[http://security1.win.tue.nl/projects/AttributeBasedEncryptionInIot.docx|Master Project on Attribute Based Encryption in IoT at THALES]] +
-  *[[https://security1.win.tue.nl/projects/dnb_oracle.pdf|Master Project on trusted data feeds for smart contracts at De Nederlandsche Bank]] +
-  *[[https://security1.win.tue.nl/projects/MasterProject_GGZ_Milan.pdf|Master Project on AI-Supported Treatment of Eating Disorders at GGZ]]+
  
-//Projects listed here are proposed by companies and it is not guaranteed that these projects will be supervised by someone in the SEC group unless a prior agreement has been reached.//\\ 
-====Internal Projects:==== 
  
-   *[[master-projects-Sciancalepore|Master Project Proposals (Savio Sciancalepore)]] 
-   *[[http://www.win.tue.nl/~lallodi/#projects|Master Project Proposals (Luca Allodi)]] 
-   *[[https://zannone.win.tue.nl/teaching/masterthesis.html|Master Project Proposals (Nicola Zannone)]] 
-   *[[https://bskoric.win.tue.nl/mscprojects/|Master Project Proposals (Boris Skoric)]] 
-   *[[http://www.win.tue.nl/~setalle/master_projects/|Master Project Proposals (Sandro Etalle)]] 
-   *[[http://www.win.tue.nl/~jhartog/msc/|Master Project Proposals (Jerry Hartog)]] 
-   *[[https://gitlab.tue.nl/snippets/683|Student Projects in Building Automation Security (Martin Rosso)]] 
master.1635870613.txt.gz · Last modified: 2021/11/02 17:30 by zannonen