2023

Security of Computer Systems

Name: Security of Computer Systems
Code: INF13269M
6 ECTS
Duration: 15 weeks/156 hours
Scientific Area: Informatics

Teaching languages: Portuguese, English
Languages of tutoring support: Portuguese, English
Regime de Frequência: E-learning

Sustainable Development Goals

Learning Goals

Upon completion of this course, students should obtain advanced knowledge of computer systems security that allows them to create secure software as well as the implementation, management and maintenance of secure computer systems. Specifically, students should:

Know malicious software and defense measures;
Know "denial of service" attacks, defend and respond to this type of attacks;
Have notions about intrusion detection, forms of analysis and detection;
Apply security concepts associated with operating systems;
Implement security audit mechanisms in computer systems;
To know the ethical and legal aspects associated with computer security;
Apply Internet security protocols and standards;
Use and implement authentication applications on the Internet;
Understand the security aspects associated with wireless networks and implement secure wireless networks
and Linux systems; and securely manage and maintain linux systems

Contents

-- Malicious Software
-- Types of Malicious Software
-- Countermeasures

- Denial-of-Service Attacks
-- Distributed Denial-of-Service
-- Defenses
-- Responses

- Intrusion Detection
-- Intruders
-- Intrusion Detection
-- Analysis Approaches
-- Honeypots

- Operating System Security
-- Security Planning and Maintenance
-- Application Security
-- Linux/Unix, Windows and Virtualization Security

- Internet Security Protocols and Standards
-- Secure E-Mail and S/MIME
-- SSL and TLS
-- HTTPS
-- IPv4 and IPv6


- Internet Authentication Applications
-- Kerberos
-- X.509
-- Public-Key Infrastructure


- Wireless Network Security
-- Mobile Device Security

- Linux Security
-- Security Model
-- Filesystem Security
-- Vulnerabilities
-- Access Controls


- Security Auditing
-- Security Auditing Architecture
-- Security Audit Trail
-- Logging Function
-- Audit Trail Analysis


- Legal and Ethical aspects
-- Cybercrime and Computer Crime
-- Intellectual Property
-- Privacy
-- Ethical Issues

Teaching Methods

The teaching methodology will be based on lectures and practical classes. Active learning is sought to stimulate the student to develop the various topics that are addressed in this curricular unit. Group problems will be solved during the practical classes, which will be part of a project that will be developed throughout the curricular unit, with the purpose of developing a software from scratch, resorting to the concepts of Software Engineering presented in the lectures and to the tools explored in the practical classes, allowing students to consolidate the knowledge acquired in this curricular unit.

The evaluation elements will be composed of 2 components: 1) theoretical component (60%) and 2) practical component (40%). The theoretical component consists of 2 tests or one exam. The practical component is composed by the development of a group project, developed throughout the curricular unit.

Teaching Staff