Applied Cybersecurity

General characterization

Prerequisites

TBC.

Bibliography

Teaching method

The curricular unit includes a theoretical briefing for application security and emphasizes the practical application of cyber defense techniques such as threats identification, vulnerability assessment, risk analysis, and defense countermeasures

 

Evaluation method

Students will work in groups. Each group will be divided into attack and defense teams. Each group will be given cybersecurity challenges corresponding to the learning unit. The group members will be asked to simulate the cyber-attack and propose their defense mechanism. Each group will present their case and show how they use the learned skills and knowledge and deploy the cybersecurity tool to mitigate and defend against the cyber-attack. The presentation will include concepts, methodology, attacks, defense, and learning lessons.

 

The evaluation will be based on the following:

 

Use Case (AppSec Challenge)	Requirements/Activities	Weigh
UC1: Sniffing using Wireshark	Attackers will simulate network attack; Detect the attack using Wireshark; Defender will secure the detected vulnerabilities.	10%
UC2: Password Management	Attackers will sniff the traffic; capture weak passwords, and use brute force attacks to recover the password; Defenders will apply a strong password policy to mitigate the attack.	10%
UC3: Symmetric Encryption	Attackers will sniff the plain text over the network; Capture plain text; Defenders will encrypt the text using the AES tool (open source); Sniff the network again showing how encryption secures the transferred data. Bonus: students will be awarded if they manage to provide a code showing how AES works from an application perspective.	10%
UC4: Asymmetric Encryption	Attackers will sniff the network; Show how data can be easily captured without encryption. Defenders will use the PGP tool to create public and private keys; Exchange public keys; Encrypt the plain text. Defenders will sniff the network again showing how encryption secures the transferred data. Bonus: Students will be asked to show how PKI and signature work and demonstrate a full scenario using the mail application.	10%
UC5: Database Security	The team will create a simple database; Attackers will simulate an SQL injection attack; Defenders will write an SQL script to protect against SQL injection attacks. Bonus: Using 3rd party tool (open-source) will be awarded.	10%
UC6: Social Engineering	Attackers will create a spear phishing attack engineered to target victims through email; Steal victims’ credentials; Defenders will show how they could alleviate such attacks. Bonus: Adding a trojan horse or key logger is a Bonus;	10%
UC7: Safe web	Attackers will show how cookies work to collect users' information and invade their privacy, Also they will show how hackers could collect personally identifiable information and steal an online identity to commit illicit activities. The defender will use VPN, ToR, and secure web browsers to defend against these attacks.	5%
Final Project	All groups will be required to deliver a comprehensive report and present a final presentation summarizing what they have practiced during the course and suggesting the emerging trends, future directions, and the state of the art in the AppSec domain.	15%
Final Exam	Theoretical Exam on the concepts acquired during the course	20%

 

Practical workload: Use Cases, presentations, final Project (80%)

Theoretical AppSec concepts: Final Exam (20%)

Notes:

• All deliverables including presentations and reports must be submitted within the stated deliverable dates.
• Penalties (1 point/day) will be applied per day of delay.
• Students will only obtain approval if they score a minimum value of 9.5 on the final exam, regardless of the classification attained on a) and b).
• Special examination period (only for students who can apply for this evaluation period, previously accepted by the academic services.
• This course is emphasizing the practical side of application cybersecurity. So, attendance is a must.
• All students must present their cybersecurity case studies using a physical environment depicting the attackers' team and defenders' team using a real network environment.
• Virtual machines, windows OS, Linux OS, and all open-source security tools are accepted in the presentation as long as they serve the objective of the case study.

a) Practical AppSec: Use cases + presentations + Final report (80%)

b) Theoretical AppSec Concepts: Final Exam (20%)

Subject matter

The AppSec is designed in correspondence with the cybersecurity course and organized in 7 Learning Units (LUs) as shown in the below table.

 

Learning Unit	Applied Security (AppSec)	Correspondence LU in Cybersecurity Course
LU1	Sniffing using Wireshark	Network Security
LU2	Password Management	End-User Security
LU3	Symmetric Encryption	Information Security
LU4	Asymmetric Encryption
LU5	Database Security	Application Security
LU6	Social Engineering Attacks	Threats and Vulnerabilities
LU7	Safe Web; Privacy; Anonymity	Web Security

 

The practical foundation of the course is constructed over NEISA Cybersecurity Framework and NIST cybersecurity framework. The AppSec is a new curricular unit with a more technological focus, in which students can apply theoretical cybersecurity concepts in the real world by applying technological solutions to defend and respond appropriately to cyber-attacks. The instructor will demonstrate practical security use cases using ethical hacking and analysis tools to teach students how to use technical skills and cybersecurity protection tools to learn forensics and cyber defense techniques in real-world scenarios.

Programs

Programs where the course is taught: