CODE 98228 ACADEMIC YEAR 2023/2024 CREDITS 4 cfu anno 1 ENGINEERING TECHNOLOGY FOR STRATEGY (AND SECURITY) 10728 (LM/DS) - GENOVA SCIENTIFIC DISCIPLINARY SECTOR ING-INF/03 LANGUAGE English TEACHING LOCATION GENOVA SEMESTER 2° Semester TEACHING MATERIALS AULAWEB OVERVIEW Enterprise strategic choices are heavily influenced by “changes” modifying the operating context. One of the most important is the “digitalization”: currently every business is a digital one. Some digital technologies, listed in the aim, will have a special impact on future industrial strategies, allowing the development of smart cities, manufacturing, factory and agriculture. The knowledge, use and application of these technologies will be essential to make decisions in strategic environments. AIMS AND CONTENT LEARNING OUTCOMES The lectures are aimed at providing theoretical and practical knowledge about advanced Information and Communication Technologies which will influence strategic choices in the next future allowing the development of new paradigms and services such as smart cities, manufacturing, factory and agriculture. The lectures will provide a basic know-how about networking technologies such as IP and TCP/UDP architectures and will develop this information to explain concepts such as Cloud Computing and Internet of Things; 5G and Satellite Technology, Automated and Connected Mobility; Big Data Analytics, Artificial Intelligence and Machine Learning, and Cybersecurity. AIMS AND LEARNING OUTCOMES The lectures are aimed at providing theoretical and practical knowledge about advanced Information and Communication Technologies which will influence strategic choices in the next future allowing the development of new paradigms and services such as smart city, home, factory, and agriculture. At the end of the Course the students will know main ICT technologies and to make decisions about their application to different operational contexts. The lectures will provide a basic know-how about networking technologies, such as IP and TCP/UDP architectures, and will develop this information to explain concepts such as Internet of Things (IoT), Industrial Control Systems (ICS), Cloud and Edge Computing, 5G, Vehicular and Aerial/Satellites communications, and Cybersecurity. TEACHING METHODS Lectures. SYLLABUS/CONTENT Basic of Telecommunications General structure of telecommunication systems Telecommunication network topologies Telecommunication network taxonomy Protocol stack Interconnection nodes Circuit and packet switching Multiplexing and Demultiplexing Principles of IP and TCP protocols Cybersecurity Basic concepts Introduction of Machine Learning for Cybersecurity Intrusion Prevention Systems Intrusion Detection Systems Advanced ICT technologies and application scenarios Internet of Thing (IoT) – Smart Home, Smart Cities, Smart Factory, Smart Agriculture Industrial Control Systems (ICS) – Smart Grid Vehicular communications – Smart Transportation Aerial/Satellite communications – Smart Logistics RECOMMENDED READING/BIBLIOGRAPHY - Slides on specific topics issued by the lecturers. - Extracts of internatiaonal regulatory and scientific documentation provided by the lecturers. TEACHERS AND EXAM BOARD ENRICO CAMBIASO MAURIZIO MONGELLI FABIO PATRONE Exam Board FABIO PATRONE (President) ENRICO CAMBIASO MAURIZIO MONGELLI MARIO MARCHESE (President Substitute) LESSONS LESSONS START https://corsi.unige.it/10728/p/studenti-orario Class schedule The timetable for this course is available here: Portale EasyAcademy EXAMS EXAM DESCRIPTION The exam is structured in three parts: Assignment for the networking part of the course Each candidate has to prepare a 15 minutes presentation about a telecommunication network he/she tried to design for a particular application and a particular use case of his/her own choice. The student can collect material wherever he/she finds it and uses it during the presentation (properly mentioning the source(s)). For example, the student can find a research paper describing a telecommunication network designed for a particular use case and application and use it as a sort of “starting point” for the presentation. You can also tell me about the paper you found but the two important things are: 1. you need to know and understand in detail what you are talking about. I could ask you some questions about what you are presenting. 2. Add something “from yourself” among the things you are going to tell me. Additional considerations not already included by the authors, possible improvements you are proposing, and modifications that could have some advantages are a few examples of what I mean. During the exam, we are going to have a discussion about them. After the presentation, I will also ask questions about this part’s topics. Assignment for the machine learning part of the course The candidate presents a 3-page (including figures) dissertation concerning the following topic. Apply the matlab code of Bayes Decision Theory to a dataset and discuss the results according to the discussion presented during the lessons. The final vote is as follows. >From 18 to 24 if the dataset is the same DNS tunneling database used for the lessons. >From 24 to 28 if the candidate uses another open-source dataset, e.g., taken from the UCI repository (https://archive.ics.uci.edu/ml/index.php). The candidate can work with different couples of features available from the dataset (as done during the lessons) and compare the results. >From 28 to 30 laudae if the discussion includes at least ONE of the issues: how does the model generalize to new data? Which is the impact of the features to the classification performance? What is the feature extraction process? Is the Gaussian probability distribution assumption about data applicable? Apply 3D visualization of different features. Compare quadratic vs linear bayes. Apply the neural network Matlab code and discuss a comparison with Bayes Decision Theory. Assignment for the cyber-security part of the course The candidate presents a four page long (figures included; bibliography excluded) dissertation by following the following indications. The candidate selects and discusses either: (I) a specific category of cyber-attacks for investigation (e.g., a specific vulnerability, a specific kind of attacks, etc.), or (ii) a relevant cyber-security-related event/set of events (e.g., a set of cyber-attacks executed by organized groups). In function of the selected option, (i) or (ii), in the following, details on how to proceed are reported. Evaluation of the work: - Context description: [18 to 26) (i) if the functioning of the attack, the targeted components and protocols, impact and countermeasures are presented. (ii) if the chronologic list of attacks executed, details on the executed attacks, the targeted components and protocols, and impact are presented. For this section, it is important to properly present the threat and to provide adequate references, linked in the bibliography. -Proof of exploitation: [26 to 30) (i) a proof-of-concept of the exploitation is provided (e.g., information on exploitation through Metasploit, link to open-source tools available on public repository services like GitHub, details on the network architecture adopted, etc.), also considering amendments to existent tools or programming components integrating with the exploitation concept. In this case, it is important to demonstrate that the proposed threat was replicated by the student with real tests. (ii) details on the process needed to replicate the attack are provided: even if an exact replication of the attack may not be possible (e.g. due to legal limitations, due to the inability to retrieve the original tools, etc.), the student will describe in detail the process required to replicate the attack (with sources and reporting the actions to execute in detail) and, where possible, details on attacks of the same kind of the ones may be analysed(a proof-of-concept is not required, but welcome).In this case, it is important to demonstrate that the student can go deeper into the context, to get valuable information on the threat, not easily accessible. - Personal considerations: [30,30L] If an original dissertation on exploitation is provided (e.g., by extending state-of-the-art attacks, or by proposing the use of different approaches, etc.). For this section, given the results and knowledge achieved in the previous sections, it is important to provide an original and constructive discussion (e.g., on the threat, its impact, how other future threats may be connected to this one, how to protect from the threat, etc.) The final document, to be produced in English language, as a PDF file, will clearly define which option was chosen. Also, the document will be composed of three separated sections, according to the evaluation information reported above. In addition, a final section (whose length will not be considered for the page limit) must report bibliographic citations on the document. ASSESSMENT METHODS Networking part of the course The evaluation will be based on: Relevance to the themes presented in the course, Originality, Execution modalities, Feasibility, Clear presentation/exposition. Machine learning part of the course >From 18 to 24 if the dataset is the same DNS tunneling database used for the lessons. >From 24 to 28 if the candidate uses another open source dataset, e.g., taken from the UCI repository (https://archive.ics.uci.edu/ml/index.php). The candidate can work with different couples of features available from the dataset (as done during the lessons) and compare the results. >From 28 to 30 laudae if the discussion includes at least ONE of the issues: how does the model generalize to new data? Which is the impact of the features to the classification performance? What is the feature extraction process? Is the Gaussian probability distribution assumption about data applicable? Apply 3D visualization of different features. Compare quadratic vs linear bayes. Apply the neural network Matlab code and discuss a comparison with Bayes Decision Theory. Cyber-security part of the course - Description of the attack: [18 to 26) if the functioning of the attack, the targeted components and protocols, impact and countermeasures are presented - Proof-of-concept of the exploitation: [26 to 30) if a proof-of-concept of the exploitation is provided (e.g. information on exploitation through Metasploit, link to open-source tools available on public repository services like GitHub, etc.) - Personal considerations: [30,30L] if an original dissertation on exploitation is provided (e.g. by extending state-of-the-art attacks, or by proposing the use of different approaches) Exam schedule Data appello Orario Luogo Degree type Note 23/01/2024 09:00 GENOVA Orale 13/02/2024 09:00 GENOVA Orale 05/06/2024 09:00 GENOVA Orale 19/06/2024 09:00 GENOVA Orale 03/07/2024 09:00 GENOVA Orale 17/07/2024 09:00 GENOVA Orale 11/09/2024 09:00 GENOVA Orale Agenda 2030 - Sustainable Development Goals Industry, innovation and infrastructure