Lecture Material

Lectures will be held Wednesdays, 10:15 - 11:45 at BIN-2.A.01.

Lecture Date Lecturer(s) Slides 1-up Slides 6-up Release Date Content (keyword(s)) Remarks and References
L00 21.09 BS, BR L00-1up (PDF, 283 KB) L00-6up (PDF, 211 KB) 20.09 Course Introduction and Organization  
L01 21.09 BR L01-1up (PDF, 1 MB) L01-6up (PDF, 850 KB) 20.09 Basic Security Concepts  [1]
L02 28.09 BR L02-1up (PDF, 2 MB) L02-6up (PDF, 1 MB) 28.09 Cryptographic Principles [2]
L03 05.10 BR L03-1up (PDF, 2 MB) L03-6up (PDF, 1 MB) 04.10 Security on Different Network Layers [1,8,9]
L04 12.10 BR L04-1up (PDF, 3 MB) L04-6up (PDF, 1 MB) 12.10 Cloud Security [2,4,10]
L05 19.10 BS L05-1up (PDF, 1 MB) L05-6up (PDF, 1 MB) 14.10 Access Control, Firewalls, Policies [1]
L06 26.10

BR

L06-1up (PDF, 1 MB) L06-6up (PDF, 1 MB) 26.10 Intrusion Detection and Prevention [1,11,12]
L07 02.11 BR, Melchior Limacher L07-1up (PDF, 2 MB) L07-6up (PDF, 1 MB) 01.11 Penetration Tests

[13,14]

L08 09.11 BR L08-1up (PDF, 3 MB) L08-6up (PDF, 1 MB) 08.11 Security Information and Event Management [15.16]
L09 16.11 AH L09-1up (PDF, 2 MB) L09-6up (PDF, 1 MB) 16.11 Cybersecurity and Machine Learning [17,18]
L10 23.11 AH L10-1up (PDF, 1 MB) L10-6up (PDF, 945 KB) 23.11 Concerns of Machine and Federated Learning  
L11 30.11

MF

BS

L11-1up (PDF, 2 MB) L11-6up (PDF, 1 MB) 25.11 Risk Management and Economics  
L12 07.12 BR, GM L12-1up (PDF, 5 MB) L12-6up (PDF, 1 MB) 06.11 Selected Cybersecurity Topics [19, 20]
L13 14.12 BR       Evaluations and Summary -
L14 21.12 BR - - - CT Presentation #1 -
E14 22.12 BR - - -

CT Presentation #2

Simulated Exam (60 mins)

-

The files provided above may only be downloaded from a subnetwork of the University of Zurich's network. Thus, please use a VPN client from the outside. Information on the VPN setup can be found here. In case you have problems with downloading the files (e.g., showing error 404) check your VPN settings and delete your browser's cache!

References

Several references will be used as a basis during the lectures. However, two major references from W. Stallings below are recommended to provide a basis (seen in lectures L01 and L02) to further specific modules (L03 to L11). Specific references will be pointed out during the lectures or exercise sessions.

  1. William Stallings: Network Security Essentials: Applications and Standards (6th Edition 2016), Pearson.
  2. William Stallings: Cryptography and Network Security: Principles and Practice (7th Edition 2017), Pearson.
  3. Michael Steward: Network Security, Firewalls, and VPNS, ISBN 10: 076379130X
  4. Peter Mell, Timothy Grance. The NIST Definition of Cloud Computing. Special Publication 800-145. National Institute of Standards and Technology (NIST). 2011.
  5. Patrick Engebretson. The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. Elsevier, 2013.
  6. Xin, Yang, Lingshuang Kong, Zhi Liu, Yuling Chen, Yanmiao Li, Hongliang Zhu, Mingcheng Gao, Haixia Hou, and Chunhua Wang. "Machine Learning and Deep Learning Methods for Cybersecurity." IEEE Access 6 (2018): 35365-35381.
  7. Khan, Suleman, Abdullah Gani, Ainuddin Wahid Abdul Wahab, Muhammad Shiraz, and Iftikhar Ahmad. "Network Forensics: Review, Taxonomy, and Open Challenges." Journal of Network and Computer Applications 66 (2016): 214-235.
  8. Edwards, P. N., Jackson, S. J., Bowker, G. C., & Knobel, C. P. (2007). Understanding infrastructure: Dynamics, tensions, and design.
  9. Pirayesh, H., & Zeng, H. (2022). Jamming Attacks and Anti-jamming Strategies in Wireless Networks: A Comprehensive Survey. IEEE Communications Surveys & Tutorials.
  10. Cloud Security Alliance. Top Threat to Cloud Computing Pandemic Eleven. URL: https://cloudsecurityalliance.org/artifacts/top-threats-to-cloud-computing-pandemic-eleven/
  11. Debar, H. (2000). An introduction to intrusion-detection systems. Proceedings of Connect2000.
  12. Canzanese, R., Mancoridis, S., & Kam, M. (2015, August). System call-based detection of malicious processes. In 2015 IEEE International Conference on Software Quality, Reliability and Security (pp. 119-124). IEEE.
  13. Engebretson, P. (2013). The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. Elsevier.
  14. Messier, R. (2016). Penetration Testing Basics. Berkeley, CA: Apress.
  15. González-Granadillo, G., González-Zarzosa, S., & Diaz, R. (2021). Security information and event management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures. Sensors, 21(14), 4759.
  16. Bhatt, S., Manadhata, P. K., & Zomlot, L. (2014). The Operational Role of Security Information and Event Management Systems. IEEE security & Privacy, 12(5), 35-41.
  17. Gereon, A. (2018). Hands-on Machine Learning with Scikit-Learn and Tensor Flow. O’Reily Media Inc., USA.
  18. Chio, C., & Freeman, D. (2018). Machine learning and security: Protecting systems with data and algorithms. " O'Reilly Media, Inc.".
  19. Rodrigues, B., Scheid, E., Killer, C., Franco, M., & Stiller, B. (2020). Blockchain signaling system (bloss): Cooperative signaling of distributed denial-of-service attacks. Journal of Network and Systems Management, 28(4), 953-989.
  20. Ax Labs. URL: https://axlabs.com/