. "Security And Privacy"@en . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . "Space and security"@en . . "7.5" . "Not provided" . . "Hybrid"@en . "FALSE" . . "Data security"@en . . "8" . "Processing data is often realized through systems that can operate under hostile conditions, where adversaries try to monetize access to sensitive data. In this course we provide a short introduction of data security, and we review the basic arsenal we have for protection. We cover a large portion of applied cryptographic primitives and protocols that facilitate secure transmission of data. We then proceed and review how systems that process data can be attacked and protected. Finally, we discuss advanced attacks, and potential defenses, for systems that are based on Machine Learning.\n\nOutcome: Not Provided" . . "Presential"@en . "TRUE" . . "Introduction to cybersecurity"@en . . "6" . "The course “Introduction to Cybersecurity” is an essential component of IT specialist theoretical training that enables students to orient effectively in modern IT and security issues. This course focuses on basics and methods that ensure a global approach to the company’s IT security organization and management decision making to ensure the secured and effective achievement of business objectives. The course thoroughly examines the modern cyber security approach in the overall enterprise IT management context, IT governance frameworks, the company's IT security strategy, IT governance control methodology and IT audit, as well as the practical application of acquired knowledge.\n\nOutcome:\nAre able to define, interpret and use professional terminology in cybersecurity area. - While conducting discussions, the ability to constructively discuss the problem using professional terminology and to select the proper solution is demonstrated.\r\nAre able to reasonably discuss the choice of cybersecurity solutions, as well as to summarise the ideas of their colleagues when working in groups and present the results of group work. - During seminars and labs, the ability to constructively discuss the problem to be solved is shown (using brainstorming, discussions, group problem solving, etc.), based on theoretical knowledge and using professional terminology.\r\nAre able to analyse specific situations and draw independent conclusions on the use of cybersecurity and IT management methodologies in business. - While doing individual research project, the ability to suggest alternative solutions to the selected problem as well for performing a comparative analysis of those alternatives has been demonstrated.\r\nAre able to explain the cybersecurity approach, opportunities and role in business. - When passing the examination, the ability to understand the essence of the task stated is shown as well as the ability to provide a laconic and well-reasoned proper cybersecurity solution to the business." . . "Presential"@en . "TRUE" . . "Information security and personal data protection"@en . . "6" . "Information security is the protection of corporate and personal data and digital identities. It is defined as the strategic capability of companies to ensure their continuous operation and achieve goals. The study course covers information security and personal data protection, information security management processes and information protection measures.\n\nOutcome:\nUnderstands the key concepts of information security and personal data protection. - Test and exam (in the form of knowledge test). Tests will include theoretical and practical tasks. To pass the tests, at least 70% of the questions must be answered correctly.\r\nAble to classify information. - Practical work in classes. Individual and group work.\r\nAble to analyse IT risks - be able to identify and assess the risks of IT resources and the risks of third parties. - Practical work in classes. Individual and group work.\r\nAble to plan business continuity, perform business impact analysis and plan IT business recovery. - Practical work in classes. Individual and group work.\r\nAble to identify, classify, analyse, prevent and communicate an information security incident. - Practical work in classes. Individual and group work.\r\nUnderstands forensic methods and is able to apply them to the investigation of an information security incident. - Practical work in classes. Individual and group work.\r\nUnderstands information security and personal data protection management methodologies, regulatory enactments and applicable standards (ISO 27000 group, etc.). - Test and exam (in the form of knowledge test). Tests will include theoretical and practical tasks. To pass the tests, at least 70% of the questions must be answered correctly.\r\nAble to define and implement the main necessary measures for the protection of personal data in the company's IT control environment. - Practical work in classes. Individual or group work." . . "Presential"@en . "TRUE" . . "Cybersecurity solutions in high performance computing environment"@en . . "6" . "The study course covers the theoretical and practical principles of high-performance computing in the context of cybersecurity by using graphics processing hardware and dedicated software. The study course includes an overview of architecture, computing algorithms, software libraries and tools of parallel computing platform CUDA based on graphics processors. An in-depth attention is devoted to the cross-disciplinary application of CUDA in the areas of vulnerability analysis, parallel data encryption, surveillance data mining, object detection and recognition. Among to the theoretical knowledge acquisition during the lectures, the laboratory lessons provide opportunities to obtain practical skills in the development of information technology solutions with CUDA.\n\nOutcome:\nAre able to define, interpret and use the professional terminology in the areas of graphics processors based high performance computing technologies. - Successfully completed test.\r\nAre able to develop CUDA based software solution. - During the execution of the laboratory work, the ability to perform the assigned tasks following the instructions are shown.\r\nAre able to estimate the development ways, as well as application constraints and optimization possibilities of the proposed high-performance software solution. - During the laboratory work and individual studies, the student is able to identify possible solutions, limitations and alternative solutions of the given tasks.\r\nAre able to explain the essence, opportunities, constraints and role of high-performance computing in certain scientific and practical areas. - The ability to recognize the essence of the formulated thematic questions, as well as to provide a concise and correct explanation of the reasoned topics has been demonstrated during the exam." . . "Presential"@en . "TRUE" . . "Network security"@en . . "12" . "The study course covers principles of computer systems and network security. Various attack and defense techniques will be covered. Topics include network attacks, defense methods, operating system security, e-mail and other network service problems, social engineering attacks and privacy issues. The study course is aimed for designers of building reliable and attack resistant networks.\n\nOutcome:\nUnderstands computer systems' security basics, computer networks security analysis and protection methods. Main advantages and limitations of security methods. Demonstrates knowledge of infrastructure and technologies life cycles. - Exam.\r\nAble to access the necessity for network security technology implementation (non-implementation) depending on the type of production (business) process. - Tasks in the lab and homeworks.\r\nBy means of corresponding tools, is able to use ready-made methods and tools to implement network security. - Tests during semester.\r\nAble to specify, interpret and use cybersecurity terminology. - Tests during semester." . . "Presential"@en . "TRUE" . . "Software security"@en . . "6" . "Software security risk analysis and security assurance is the essential part of the information technology management. Students learn security risk analysis and management in the context of software life cycle, risks of software development process and risks mitigation methods, a use of reverse engineering techniques for analysis of weaknesses in software security, security testing and legal aspects of information system security. Teamwork approach is used for analysis of practical case studies.\n\nOutcome:\nCan summarize arguments on risk management stages and quantitative and qualitative methods of risk evaluation - Passed assignment or quiz on risk management and exam. Criteria: is able to explain and provide arguments on the stages of risk management; is able to explain risk assessment methods; is able to evaluate the strengths and weaknesses of risk assessment methods.\r\nIs able to perform risk analysis of software development project and prepare risk mitigation plan - Passed practical assignment performed on software development project risk evaluation case study. Criteria: is able to identify and assess project risks; is able to propose and justify a risk mitigation plan for a specific project.\r\nIs able to perform information system security risk analysis and prepare risk mitigation plan - Passed practical assignment performed on security risk evaluation case study. Criteria: is able to identify and assess the security risks of information systems; is able to propose and justify a risk mitigation plan for a specific project.\r\nCan summarize arguments on reverse engineering techniques for discovering software security risks and protecting intellectual property - Passed assignment or quiz on reverse engineering techniques and exam. Criteria: is able to explain the stages of risk management in a reasoned manner; is able to explain risk assessment methods; is able to assess the strengths and weaknesses of risk assessment methods.\r\nIs able to apply reverse engineering techniques for discovering software security risks and protecting intellectual property - Passed practical assignment. Criteria: is able to orientate in reverse engineering methods for software security risk detection; is able to select and apply specific methods for detection of security risks and protection of intellectual property.\r\nIs able to justify software security testing types and perform security testing - Passed practical assignment. Criteria: is able to explain the characteristics of software security testing methods; is able to assess the suitability of the security testing method for the task; is able to independently apply the chosen security method in testing.\r\nCan summarize arguments on personal data protection rules and principles of e-documents security - Passed assignment and exam. Criteria: is able to list the main articles of the specified law; is able to formulate the principles of e-document protection; is able to apply legal requirements and e-document protection principles in the analyzed situation." . . "Presential"@en . "TRUE" . . "Cryptography and data security technologies"@en . . "6" . "The study course covers organizational and technological aspects related to cryptography and data security technologies. It provides the in-depth knowledge needed to protect corporate information resources through cryptographic technology. Basics of number theory, electronic signature, cryptography and cryptanalysis, digital forensics, steganography, privacy, cryptographic currency are considered. It provides an overview of data protection tasks and their solutions, substitution and permutation-based encryption algorithms, virtual private and wireless networks, their security protocols, authentication and authorization.\n\nOutcome:\nUnderstands the basic principles of numerical theory and their application in solving the problem. Able to characterize encryption algorithms based on substitution and permutation - Laboratory work Nr.1. Test Nr.1. Exam.\r\nAble to solve tasks using the Euler function, the Euclidean algorithm, and the theorem on the Fermi. Orienteering to encryption algorithms based on substitution and permutation. - Homework No.1.\r\nAble to characterize the DES standard. - Laboratory work Nr.2. Test Nr.2. Exam.\r\nAble to describe the 'Public Key' (RSA) algorithm and SSL / TLS encryption protocol. - Laboratory work Nr.3. Test Nr.3. Exam.\r\nUnderstands network security protocols. Able to characterize the Information Authentication and Electronic Signature Principles. - Laboratory work Nr.4. Test Nr.4. Exam.\r\nAble to describe PGP algorithm. - Laboratory work Nr.5. Test Nr.5. Exam.\r\nAble to describe computer viruses, antivirus programs. Able to characterize the methods of creating a firewall. - Laboratory work Nr.6. Test Nr.6. Exam." . . "Presential"@en . "TRUE" . . "Engineering systems security"@en . . "6" . "The study course covers principles of engineering systems and the security of its networks. Various attack techniques and defend strategies will be discussed. Topics include network attacks, defense methods, operating system security, taking into account specifics of various engineering systems. the study course is aimed for designers of building reliable and attack resistant engineering systems.\n\nOutcome:\nUnderstands computer systems' security basics, computer networks security analysis and protection methods. - Exam.\r\nAble to apply tools and perform computer system security analysis and propose improvements. - Practical tasks in the lab and homeworks.\r\nAble to discuss basic aspect of computer systems security. Compare different solutions and define advantages and disadvantages. - Tests during semester.\r\nAble to specify, interpret and use professional cybersecurity terminology. - Tests during semester." . . "Presential"@en . "TRUE" . . "Cybersecurity and law"@en . . "3" . "The course develops basic orientation of the students in \r\nthe legal instruments of securing protection against cybercrime by providing knowledge of the \r\nenforced criminal and administrative legislation and its implementation, as well as practical \r\nknowledge and skills to recognize, investigate and prevent cybercrime. The course provides \r\nknowledge in the field of types of cybercrime, modus operandi, criminal consequences, \r\nperpetrator’s profile, crime discovery and proving. The training methodology includes interactive \r\nlectures, role-plays, practical tasks and simulations. It also envisages the participation of practicing \r\njudges, prosecutors and special-unit investigators in the seminars, conducting of topic-based \r\nseminar exercises, case-solving, visits and internship in the judiciary, prosecution and law\u0002enforcement institutions, incl. General Directorate ‘Fight against Organized Crime’ and Interpol. \r\nThe knowledge and skill which are expected to be developed by the students establish conditions \r\nfor their high-competitive professional realization in the sectors of criminal justice, state \r\nadministration, international relations, national security, and businesses\n\nOutcome:\nAfter the course has been accomplished the \r\nacquired knowledge and skills include:\r\n- free professional usage of penal-law terminology and familiarity with the special preventive \r\nand regulative legislation and its terminology;\r\n- ability to recognize types of cybercrime related to abuse of or impact against information \r\nsystems, technology, or data, modus operandi and tools for their perpetration, typical crime \r\nschemes, motivation mechanism, perpetrator’s profile;\r\n- differentiation of criminal from non-criminal conduct;\r\n- ability to undertake measures within students’ main professional domain to prevent \r\ncybercrime in the area of their professional activities;\r\n- well-integrated basic knowledge of cybercrime discovery and investigation and the ole of the \r\ncourt-expertise and court experts in the evidence-gathering process, including innovative \r\napproaches and techniques in the area;\r\n- basic personal experience in the recognition of a cybercrime, its detection, investigation and \r\nestablishing, court-expert’s counteraction with investigation and judiciary authorities, \r\nincluding team-work and performing under role-distribution." . . "Presential"@en . "TRUE" . . "Is (information system) architecture and security"@en . . "4" . "Acquire the vocabulary specific to the IS, which integrates specific business data (spatial cartridge, topology, graphs) as well as knowledge and experimentation of what is the security of an IS. The implementation of control procedures and the dimensioning of an IS are part of this module.\n\nOutcome: Not Provided" . . "Presential"@en . "TRUE" . . "Security, quality and audit"@en . . "3" . "No Description, Outcome Not Provided" . . "Presential"@en . "TRUE" . . "Human aspects of cyber security"@en . . "6" . "Descriptions \nThe course introduces threats and challenges/concerns arising from the human behaviour and decision making regarding technology use. In lectures we are focusing on raising the ability to assess and cope with cyber scams/threats (eg. social manipulation), on research skills to conduct studies in the field and to create and implement study materials, training programs and tools based on them in order to increase level of cyber hygiene in users and companies.\nLearning outcomes\nAfter completing this course, the student:\n- understands the current state of research in this area;\n- can critically evaluate original research articles;\n- is able to analyze cyber competences and find gaps and solutions to reduce human-related cyber risks;\n- is able to plan cyber attacks which include elements of social engineering and propose defense mechanisms against them,\n- is able assess and evaluate it-security interventions with employees;\n- is able to understand the behavioral science underpinnings of security-critical decision-making;\n- understand how cognitive biases and human failure compromise cyber security performance in practitioners." . . "Presential"@en . "TRUE" . . "Legal aspects of cyber security"@en . . "6" . "Descriptions \nThe course introduces the role of law in (international) cyber security and digital forensics. The lectures focus on relevant legal aspects in the context of national and international law. Topics include the spectrum of cyber conflict and related legal aspects, cyber crime, digital evidence and its handling, data protection and privacy, electronic communication, basics of ethics, international cooperation, international and regional legal and policy instruments. Throughout the course relevant concepts and terminology are explained, and several case studies analysed.\nLearning outcomes\n The student will:\n* know key terms and how to use them in the correct context\n* has an overview of key legal and political instruments that are relevant in (international) cyber security and digital forensics, including the topics of privacy and data protection.\n* can analyze the main legal problems and cases that are related to (international) cyber security and digital forensics.\n* understands the properties and sources of digital evidence.\n* knows, is able to assess and choose the relevant actions to protect and analyze digital evidence.\n* can explain the most important (legal-) ethical problems that are related to (international) cyber security and digital forensics (for example, ethical hacking)" . . "Presential"@en . "TRUE" . . "Cyber security management"@en . . "6" . "Description:\nThe course begins with overall description of cybersecurity management and connected principles, during the lectures the main topics are:\n1. Business process modelling and analysis;\n2. Information mapping, analysis and valuation;\n3. Information- and cyber risks analysis and management;\n4. Information- and cyber measures planning and implementation;\n5. Security-related audit considerations;\n6. Business continuity planning.\nLearning outcomes\n Student has knowledge about cybersecurity management standards and best practices, has experience to use the main methods to analyse management decisions" . . "Presential"@en . "TRUE" . . "Cryptography"@en . . "6" . "Description:\nBrief description of the course:\n1. Mathematics: boolean algebra, number theory, modular algebra, abstract algebra\n2. Historical cryptography: Caesar cipher, Vigenere cipher, transposition cipher, Affine cipher, main crypto-analytic techniques\n3. Theory of unbreakable (information-theoretically secure) ciphers: one-time pad, perfect secrecy, elements of probability theory\n4. Symmetric cryptography: stream ciphers, block ciphers, modes of operation\n5. Computability and Computational Complexity: Turing machine, computability, big O notation, Search-Decision problems\n6. The problem of key establishment: Public Key Cryptography, Diffie-Hellman key exchange, Man in the middle attack\n7. Limited Adversaries and Security: one-way functions, bit security, adversary models, security definitions\n8. The RSA cryptosystem: Description, properties, and security\n9. RSA Attacks and Implementation Failures: Description of several protocol weaknesses if the RSA is used in improper ways\n10. Probabilistic Encryption. ElGamal-type Cryptosystems: Probabilistic vs Deterministic Encryption, IND-CPA, IND-CCA\n11. Digital signatures and Hash functions: Definitions and security properties\n12. Identification schemes and Zero Knowledge proofs.\n13. Public Key infrastructure: certificates, ID-Card, Smart-ID, TLS\n14. Introduction to Post-Quantum and Esoteric Cryptography\nLearning outcomes:\nAfter completing this course, the student:\n- accurately uses standard cryptographic notation and terminology;\n- accurately recalls and explains cryptographic definitions from the topics covered during the course;\n- explains and analyses the most important symmetric cryptography and public key cryptography schemes;\n- solves practical problems that illustrate the usage of cryptographic primitives studied during the course;\n- identifies the security problems that arise in case of incorrect instantiation of cryptographic primitives studied during the course;\n- applies basic security definitions to analyse cryptographic primitives studied during the course;\n- identifies cryptographic algorithms that are suitable to solve simple security goals." . . "Presential"@en . "TRUE" . . "Cyber incident handling"@en . . "6" . "Description:\nTriage and basic incident handling\nCreating incident handling procedures and testing\nLarge scale incident handling\nCooperation with Law Enforcement agencies\nIdentifying and handling cyber-crime traces\nIncident handling and cooperation during phishing campaign\nLaw enforcement view of computer security incidents\nLaw enforcement needs for evidence analysis\nRole of (tabletop) exercises in developing incident handling capability\nLearning outcomes:\n After completing this course, the student:\n- is able to establish incident handling team and typical team designs;\n- manages cyber incidents, preserving needed evidence and chain of evidence;\n- builds incident management system and manages cooperation between law enforcement and incident handlers;\n- establishes procedures for evidence and incident management." . . "Presential"@en . "TRUE" . . "Principles of secure software design"@en . . "6" . "Description:\nTopics covered by the course include: security risk management, security modelling languages and models, security threats and security requirements, security controls (role-based access control, introduction to cryptography), secure software processes, security patterns, social engineering, real-life security applications (e.g., i-voting, xRoad, e-examination).\nLearning outcomes:\n On successful completion of this course, students will able to:\n1. Identify causes and consequences of (lack of) system and software security.\n2. Master essential techniques to reduce and avoid system and software security problems, to introduce and reason on security requirements and controls.\n3. Apply advanced modelling techniques (notations, tools, and processes) to build secure systems and software." . . "Presential"@en . "TRUE" . . "Research methods in cybersecurity"@en . . "3" . "Description:\nthe course is provided by University of Tartu.\n\nThe main topics in the course include: presentation on the methods for the study and research of the cybersecurity topics. The course will include guidelines on how to approach and structure scientific results, how to analyse results and present them to the audience.\nLearning outcomes:\nOn successful completion of this course, students should be able to:\n\n1. Collect, analyze and present information about advanced topics in the field of cybersecurity in a structured manner\n\n2. Formulate informed observations and comments about key issues and approaches in the field of cybersecurity" . . "Presential"@en . "TRUE" . . "System forensics"@en . . "6" . "Description:\n Digital forensics fundamentals tied to evidence acquisition, memory acquisition and unstructured analysis. File systems FAT , Fat 32 NTFS , HPFS , Ext4 in analysis perspective. USB device analysis, system and local domain file analysis. String search, data carving, and e-mail forensics. Registry and log files analysis. Web browser forensics. Different file content (documents, photos and so on) and metadata analysis. Smartphone forensics fundamentals. Timeline creation and analysis.\nLearning outcomes:\n Can form hypotheses for investigative analysis\n- Knows how to perform proper forensic analysis by applying key analysis techniques covering different operating systems\n- Is able to use freely available and open tools for evidence acquisitions and analysis\n- Can establish last usage timeline trough system log and log footprints\n- Can find some deleted data and keep the chain of evidence" . . "Presential"@en . "TRUE" . . "Cyber security technologies II"@en . . "6" . "Descriptions:\nThis course is aimed at students who have a very good understanding of computer technology.\n\nThe lectures cover adversarial threat models, attacks that compromise security, and techniques for achieving security, incident lifecycle and quick overview of tools and tactics used in different lifecycle stages, based on recent research papers.\nTopics include operating system (OS) security, malware, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.\nAssignments include labs that are preparation for small individual research projects where students get to learn usage and application principles of some of these technologies such as basic malware analysis,anonymising principles, Firewall, IDS, IPS basic configuration, etc.\nLearning outcomes:\n\nAfter completing the course, the student:\r\n* knows Möbius defence, Cyber Kill Chain and Threat-based Defense models\r\n* knows the most significant current cyber threats\r\n* knows the basics of Malware handling and quick analysis options.\r\n* knows the basics of Disk and network forensics\r\n* has performed individual research\r\n* has experienced the information gathering aspect of the cyber incident management process" . . "Presential"@en . "FALSE" . . "Cyber security technologies I"@en . . "6" . "Descriptions:\nThis course is aimed at students who have a moderate understanding of computer technology.\n\nThe lectures cover adversarial threat models, attacks that compromise security, and techniques for achieving security, incident lifecycle and quick overview of tools and tactics used in different lifecycle stages, based on recent research papers.\nTopics include operating system (OS) security, malware, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.\nAssignments include labs that are preparation for small individual research projects where students get to learn usage and application principles of some of these technologies such as basic malware analysis,anonymising principles, Firewall, IDS, IPS basic configuration, etc.\nLearning outcomes:\n After completing the course, the student:\n* knows Möbius defence, Cyber Kill Chain and Threat-based Defense models.\n* knows the most significant current cyber threats\n* knows the basics of Malware handling and quick analysis options.\n* knows the basics of Disk and network forensics\n* has performed individual research\n* has experienced the information gathering aspect of the cyber incident management process" . . "Presential"@en . "FALSE" . . "Special course in cyber security I"@en . . "3" . "Description:\nThe content of the course will be defined in accordance to the topics covered in each particular semester.\nLearning outcomes\n To be defined by the beginning of the course in accordance to the topics covered in each particular semester." . . "Presential"@en . "FALSE" . . "Special course in cyber security II"@en . . "3" . "Description:\nThis course aims to give an insight to students regarding Cyber-Physical Systems (CPS) and their potential security problems. The course is prepared and given by three different research groups from the School of Information Technologies, namely, Environmental Sensing and Intelligence, the Centre for Hardware Security, and the Centre for Digital Forensics and Cyber Security.  The first part of the course introduces the fundamentals of cyber-physical systems based on small-scale outdoor sensing systems. The second part focuses on hardware security, and the rest of the course focus on network security of Industrial Control Systems (ICS) and threat modeling.\nLearning outcomes:\nAfter completing this course, the student:\n- recognizes the main components of a cyber-physical system for critical infrastructure protection,\n- discusses potential hardware and firmware-based security attacks;\n- understands basic device/network-based attacks and potential security vulnerabilities;\n- conducts threat modeling and identifies the potential security threats addressing cyber-physical systems." . . "Presential"@en . "FALSE" . . "Special topics of cryptography"@en . . "6" . "Description:\nTopics covered in class varie every semester. Mostly they are focused on esoteric cryptography, cryptographic protocols, distributed ledgers and post-quantum cryptography.\nLearning outcomes:\nAfter completing this course, the student:\n- understands the processes of academic research and novel topics of cryptography;\n- accurately compiles literature review on any given cryptographic topic;\n- presents and shares learnt material in written format." . . "Presential"@en . "FALSE" . . "Strategic communications and cybersecurity"@en . . "6" . "Description:\n In July 2016, NATO recognised cyberspace as a domain of operations in which the alliance must defend itself as effectively as it does in the air, on land and at sea. Within the cyber domain, information is used as the weapon to achieve objectives at the strategic, operational and tactical levels and this course focuses on how can be used in offensive and defensive contexts. A reoccuring theme throughout the course is the nature of power projection and how the behaviour of target audiences can be influenced through operations in cyberspace. This is achieved through several means, including Strategic Communications, Information Operations, Influence Activities and related disciplines, each of which is the theme of an individual lecture. Each subject is discussed in terms of its wider context and how cyber operations can contribute to their success. The role of cybersecurity is emphased throughout as either facilitating the success of a friendly force activity or in preventing an adversary from being successful in their operations. The leadership and management of cyber capabilities is discussed with dedicated time devoted to the development and implementation of cybersecuity strategy and policy. This will equip the students with the information they need to utilise the material that they have studied in a range of scenarios in their future employment in cyber security.\nLearning outcomes:\nBy the end of the course the student will:\n- understand and explain the nature of cyberspace beyond that of a purely technical description;\n- understand the concept on Strategic Communication and Information Operation, is familiar with different Influence Activities and is able to discuss in their related disciplines;\n- is able to analyse and explain the role of strategy, policy, processes and procedures in achieving national objectives in the information environment;\n- understand and describe the nature of hybrid warfare and asymmetric operations in the „grey zone“ of conflict;\n- understand how the behaviour of target audiences are influenced through the use of strategic communication, and understand the role of cyber security in facilitating or denying those activities." . . "Presential"@en . "FALSE" . . "Privacy-preserving technologies"@en . . "6" . "Description:\n The course will describe different privacy-preservation techniques - their constructions, the guarantees they do or do not give, the prerequisites of their use in different applications and processes. The technologies will described by three broad application categories: protecting the privacy of inter-entity communication, privacy-preserving management of rights and credentials, and privacy-preserving data processing. The first category encompasses techniques like encryption, onion routing, or anonymous e-mail. The second category contains anonymous credentials, group and ring signatures. Examples of the technologies from the third category are anonymization and pseudonymization of data, differential privacy, and data clustering. We will also consider primitives useful for techniques of several categories, including privacy-preserving computations, zero-knowledge proofs, or blind signatures.\nBeside the description of different privacy-preservation techniques, we also describe how to select and use them to secure existing or to-be-designed information systems.\nLearning outcomes:\n Students that have passed the course will be able to:\n\n- Understand technological threats to privacy, knowing in which scenarios and to which kind of data they do apply, and how strongly.\n\n- Analyze the privacy risks of using different information systems, as well as the risks stemming from one's own sharing of information.\n\n- Explain the details of different privacy preservation techniques.\n\n- Classify different privacy preservation techniques in terms of their applicability, efficiency and cost (in terms of computational and organizational efforts necessary to apply them, as well as the loss of utility).\n\n- Choose a good set of privacy-preservation technologies in order to reduce the leaks in a new or an existing information system.\n\n- While designing an information system, apply privacy-by-design principles to define the major components of the system in a way that makes the leaks easy to reduce." . . "Presential"@en . "FALSE" . . "Wireless technologies and security"@en . . "6" . "Description:\n The course will briefly introduce students to wireless signals (frequencies, bandwidth, wavelength) and how they are transmitted and received. Students will learn how to use various hardware (HackRF, RTL-SDR, NFC reader, USB Wi-Fi receiver) and Software Defined Radio (GNU Radio). The course will cover different wireless communication protocols, analyse their security - different types of attacks and counter-measures. The homeworks will involve implementing exercises using Python.\nLearning outcomes:\n Upon successful completion of this course, students should be able to:\n\n+ List and explain the main components of wireless communication\n\n+ Use software defined radio to inspect the radio spectrum\n\n+ Understand the most common weaknesses in wireless protocols\n\n+ Create and implement attacks against wireless protocols and their implementations\n\n+ Identify counter measures for some of the most common wireless attacks" . . "Presential"@en . "FALSE" . . "Cryptographic protocols"@en . . "6" . "Description:\n Formalisation of different cryptographic primitives, and the use of them in protocol design. Zero-knowledge and its applications, secret sharing. Two-party and multi-party computation. \"Cryptographic protocols\" is a direct continuation of \"Cryptology I\" and should be taken before \"Cryptology II\".\nLearning outcomes:\nThe students know different formalisation and analysis methods for protocols and know how to apply them in practice." . . "Presential"@en . "FALSE" . . "Secure programming techniques"@en . . "3" . "Description:\nSQL and secure assembly methods for SQL statements. Shell scripts and the corresponding attacks. Typical programming mistakes in PHP. Security of Java programs. Attacks that are specific to low level languages like C and C++ and the corresponding countermeasures. Attacks against web environments like cross-site scripting.\nLearning outcomes:\nStudents know how to avoid common programming mistakes that create attack vectors in C/C++, SQL, bash, Java, PHP." . . "Presential"@en . "FALSE" . . "Secure programming techniques: project work"@en . . "3" . "Description:\nStudents will analyse security of a concrete software or information system and eliminate weaknesses caused by improper coding techniques. The system to be analysed is chosen together with the course supervisor.\nLearning outcomes:\n Student learn how to organise code auditing and gray-box testing. Students know which tools can be used to streamline the process and how to document the endresult." . . "Presential"@en . "FALSE" . . "Applied cryptography"@en . . "6" . "Description:\nThe use of cryptographic libraries for encrypting files and communication, authentication methods, integrity protection, public key infrastructures, composition of secure protocols, secure methods for obtaining random bits, smartcards, digital signatures.\nLearning outcomes:\nstudents will learn how use popular programming tools to implement various cryptographic constructions. They get practical experiences how to employ cryptographic protocols and public key infrastructure for eforcing practical security goals." . . "Presential"@en . "TRUE" . . "Privacy-preserving technologies"@en . . "6" . "Description:\nThe course will describe different privacy-preservation techniques - their constructions, the guarantees they do or do not give, the prerequisites of their use in different applications and processes. The technologies will described by three broad application categories: protecting the privacy of inter-entity communication, privacy-preserving management of rights and credentials, and privacy-preserving data processing. The first category encompasses techniques like encryption, onion routing, or anonymous e-mail. The second category contains anonymous credentials, group and ring signatures. Examples of the technologies from the third category are anonymization and pseudonymization of data, differential privacy, and data clustering. We will also consider primitives useful for techniques of several categories, including privacy-preserving computations, zero-knowledge proofs, or blind signatures.\nBeside the description of different privacy-preservation techniques, we also describe how to select and use them to secure existing or to-be-designed information systems.\nLearning outcomes:\nStudents that have passed the course will be able to:\n\n- Understand technological threats to privacy, knowing in which scenarios and to which kind of data they do apply, and how strongly.\n\n- Analyze the privacy risks of using different information systems, as well as the risks stemming from one's own sharing of information.\n\n- Explain the details of different privacy preservation techniques.\n\n- Classify different privacy preservation techniques in terms of their applicability, efficiency and cost (in terms of computational and organizational efforts necessary to apply them, as well as the loss of utility).\n\n- Choose a good set of privacy-preservation technologies in order to reduce the leaks in a new or an existing information system.\n\n- While designing an information system, apply privacy-by-design principles to define the major components of the system in a way that makes the leaks easy to reduce." . . "Presential"@en . "TRUE" . . "Criptology I"@en . . "6" . "Description:\nHistoric ciphers. Main notions of information theory. Secret-key cryptography - encryption (DES, differential cryptanalysis) and message authentication codes. Public-key cryptography - encryption and signing (RSA, ElGamal, Rabin). One-way and collision-resistant hash functions. Formally defining and proving (based on sequences of games) of security properties. Identification schemes and zero-knowledge proofs. Public-key infrastructure.\nLearning outcomes:\nThe students know different security goals and cryptographic primitives. They also know, which primitives might be useful in achieving different goals." . . "Presential"@en . "TRUE" . . "Research seminar in cryptography"@en . . "6" . "Description:\n The topic of seminar varies and each year. It is focused on different areas of cryptology.\nLearning outcomes:\n The topic of seminar varies and each year. It is focused on different areas of cryptology." . . "Presential"@en . "FALSE" . . "Foundations of cryptography"@en . . "6" . "LEARNING OUTCOMES OF THE COURSE UNIT\n\nStudents will obtain theoretical foundations of cryptography and computer security. Based on these foundations, students will be able to analyze and design security solutions for information and communication technologies (ICT). Students will be able to explain basic principles of algebraic structures used in cryptography, basic cryptographic primitives (hashes, RNG, provably secure protocols), basic algorithms and describe the internals of symmetric and asymmetric algorithms. Students will be theoretically prepared for follow-up courses from data transfer and ICT security areas.\n\n\n.\nCOURSE CURRICULUM\n\n1. Introduction to cryptography, history\n2. Introduction to number theory\n3. Primes and their use in cryptography\n4. Basic structures used in cryptography I\n5. Basic structures used in cryptography II\n6. Modular arithmetic\n7. Complexity theory, problem classification\n8. Cryptography algorithms I\n9. Cryptography algorithms II\n10. Practical encryption\n11. Practical authentication and digital signature\n12. Provable security I\n13. Provable security II\nAIMS\n\nThe goal of the course is to provide students with the basic knowledge of cryptography and to provide them with information necessary in more advanced courses in information and communication security. During the course, students will study the theoretical foundations (mainly the algebraic structures and their properties), the most common algorithms and concepts used in modern cryptography." . . "Presential"@en . "FALSE" . . "Information systems security"@en . . "2" . "The aim of the study course is to provide a general overview on information systems security. The tasks of the course are to introduce standards, management, general conceptions, the most important elements and new topics. For the presentation of certain technical topics, an expert on the particular topic could be invited. Often this expert could be one of the students. Language of course teaching: English, Latvian.\r\nCourse responsible lecturer\tLeo Trukšāns\r\nResults\tKnowledge: 1.Aware of fundamental concepts of information systems security and standards (eb11, EB12, eb51) Skills: 2. Study and present at least one information security topic and its application (eb13, eb54, eb62) 3. Aware of the legal and social aspects of information security management (eb41, eb43) Competence: 4. Create a simple information security development plan (eb44, eb53)" . . "Presential"@en . "FALSE" . . "Network and computer security"@en . . "6.0" . "Prerequisites\nBachelor courses on computer networks and distributed systems\n\nObjectives\nThe main goal of this course is to provide students with the basic set of concepts, methodologies and tools on computer and network security. This will make them comfortable with security aspects in a broad set of technologies such as: local and global networks, personal and private networks, development of secure code, operating systems, distributed systems, and communication protocols. \n\nProgram\n• Introduction • Programming vulnerabilities and background for the development of secure code • Network security and vulnerabilities • Firewalls and intrusion detection systems • Symmetrical and asymmetrical encryption • Cryptographic hash functions • Message authentication and digital signatures • Distribution protocols and management of symmetrical keys • Digital certificates and public key distribution infrastructures • Authentication and authentication protocols • Authorization • Wireless networks security • Virtual private networks and secure channels\n\nEvaluation Methodology\nExame (60%) + Project (40%)     \n\nCross-Competence Component\nThe final project is proposed by the student in accordance to existing security challenges in the society. The students themselves have to define the goals and requirements for their proposed solution, in accordance with their motivations. The work is structured according to the defined team (typically 3 elements) and according to their knowledge and programming/development skills. This allows students to develop within a team their one solution according to their ideas and interests.\n\nLaboratorial Component\nPractical work on some of the key technologies discussed in the theoretical lectures followed by definition and development of the final project work\n\nProgramming and Computing Component\nIn the course where this UC is offered the Computing and Programming components are assured according to MEPP 2122.\n\n\nMore information at: https://fenix.tecnico.ulisboa.pt/cursos/lerc/disciplina-curricular/845953938490022" . . "Presential"@en . "TRUE" .