Cybersecurity Laboratory

Recommended Prerequisites

Solid knowledge on practical and theoretical cybersecurity concepts; Knowledge on Network Protocols; Knowledge on software engineer and network communication concepts.

Teaching Methods

The methodologies used in the course unit will be organized as follows:

- Presentation and discussion of concepts in theoretic-practical classes.

- Practical exercises and preparation of assignments in real-life scenarios, with guidance in laboratory classes.

Practical assignments will be structured in a project logic, allowing for a deeper exploration of a (sub)topic of the program, through the application of concepts taught, in the scope of vulnerability and risk analysis, and subsequent planning and development of alternative solutions.

Evaluation:

- Intermediary presentation: Architecture design, requirements gathering: 20%

- Final presentation: Final architecture, experimental results: 70%

- Participation in the curricula unit: 10%

Learning Outcomes

• Develop skills in the implementation of Cyberseurity Mechanisms.
• Understand the diverse types of atacks and the most appropriate defense mechanisms.
• Manage the lifecycle of cyberseurity mechanisms from development to production.
• Manage the process of risk assessment in serviços and projects.
• Tackle challenges related to security and compliance concerning legal aspects.

Work Placement(s)

No

Syllabus

The curriculum has different areas with diverse topics that are associated with projects that students must perform in groups of two.

Area of secure software

- SecDevOps Practices

- Intrusion Detection in Applications

- Software Secure Development

- Risk and security assessment

- Security Tests

- Vulnerabilities Detection

Cybersecurity and Services Area:

- Security of applications and services in the cloud

- Authentication, Authorization and Accounting Protocols and Single Sign On mechanisms.

- Botnet Detection and Mitigation

- Security Protocols in Software Defined Networks

- Intrusion Detection and Prevention in IoT and Critical Infrastructures

- Risk Assessment and auditing processes and technical conformance

Area of communications and services:

- Resource management in cloud and edge

- Services in Software Defined Networks

- Services in IoT networks

- Communications in Critical Infrastructures

- Data communications

Professors will supervise students in the Project elaboration.

Head Lecturer(s)

David Alejandro Perez Abreu

Assessment Methods

Assessment
Other: 10.0%
Project: 90.0%

Bibliography

-Stallings, W. Cryptography and Network Security: Principles and Practice, Prentice Hall, 2020.
-Fotios, C.; Deirme, E.; Stais, I. Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things. San Francisco, CA: No
Starch Press, 2021.
-Rais, R.; Morillo, C.; Gilman, E.; Doug B. Zero Trust Networks. O’Reilly Media, 2024.
-Knapp, Eric D, Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control
Systems, Syngress Media, 2024.
-Smith, P., Pentesting Industrial Control Systems: An ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial
processes, Packt Publishing, 2021.
-Blair, R. Aligning Security Operations with the MITRE ATT&CK Framework: Level up your security operations center for better security,
Packt Publishing, 2023.
-Smith, C. The Car Hacker’s Handbook: a guide for the penetration tester, No Starch press, 2016.