The course will deal with most of the practical and theoretical issues involved in designing a secure system, ranging from application-level security to host and network security. However, differently from the course offered at the M.Sc. level, we will cut short on the details of implementation, and add open research challenges and themes. Therefore, the course can be profitable even for students who already took courses on cryptography or security during the earlier levels of study.

The topics we will talk about are:

1. Attacker goals and motivations and the economics of cybercrime
2. Software vulnerabilities and their detection
3. Large-scale analysis of security data
4. Malware analysis, computer virology (theoretical and practical)
5. Hardware and embedded systems security
6. Cyberwarfare and cyberdefense; protection of critical infrastructures

The format of the course is partly composed of lectures, but mostly based on review and discussion of recent papers describing the latest research results in computer security.

Students will hold several short seminars during the course, reviewing literature assigned by the instructor. Alternatively to part of the load, a short research-oriented project can also be discussed.

The first class (frontal lecture) will be held on June 5th. The other 6 classes (flipped classroom with paper discussions) will be held on June 19, 20, 21, and then July 1, 2, 3.

The lectures will be in the Conference room of DEIB, from 2pm to 6pm - except on July 1st when the class will be in E.G.2 at the same time.