4TU.
Cyber Security
Part of the
4TU.
Cyber Security
TU DelftTU EindhovenUniversity of TwenteWageningen University
4TU.
Cyber Security
Close

4TU.Federation

+31(0)6 48 27 55 61

secretaris@4tu.nl

Website: 4TU.nl

4TU.Research
Applied Mathematics InstituteBuilt EnvironmentDesign UnitedEnergyEthics & TechnologyHealthHigh-Tech MaterialsHistory of TechnologyNIRICT (ICT)Resilience EngineeringResearchDataHTSF I (high tech research)HTSF II (high tech research)
4TU.Education
Centre for Engineering Education4TU.VO (secondary education)SAI (Engineering Doctorate)Education programmes
4TU.Valorisation
4TU.IMPACTThematic Technology TransferSpin-off Stories4TU Impact Challenge
View all

ESA

4TU.CybSec Syllabus Empirical Security Analysis & Engineering (ESA)

Credits: 5 EC

Prerequisites: Security and Cryptography (Crp). Students need to have previous experience working with Python and Java.

Motivation: Dan Geer once famously said: “Any security technology whose effectiveness can’t be empirically determined is indistinguishable from blind luck.” Or indeed, we may add, from placebo. The foundation of sound engineering is a deep understanding of the problem space, the technological state of the art, and the human element in both. In the past two decades, the security community has learned many important and sometimes painful lessons about what it means to design secure systems. Very frequently, these lessons were the result of large-scale study of a particular technology involving empirical methods. On too many occasions, the results that the analysts obtained proved previous assumptions wrong, and sometimes dangerously so. Successful security engineers need to know how they can approach and solve a new security problem by using empirical methods that will yield reliable results. This course will teach students the path from understanding a problem via measurement and analysis to deriving a successful design that achieves the appropriate level of security.

Synopsis: This course will present a selection of the most important lessons that the security community learned through the application of empirical methods of measurement and analysis. We introduce results from recent research and from case studies of practice to bring students the skills to assess and improve the security of deployed systems. A particular focus is on data-driven approaches to collect operational data about a system's security. We explore deployment issues at local and global scale and also take human factors explicitly into account. Examples are network security, Web security, mobile security and privacy, and the application of machine learning in security. As a result, students will learn to put building blocks of security together in a sound way, to arrive at engineering solutions that are empirically verifiable, functional, and secure against realistic threats.

Learning outcomes: After completion of the course, the students will be able to:

Lecturers: Dr Ralph Holz (UT) and Dr Andrea Continella (UT)

Examination: Closed book written exam, 50%. Two assignments, each 25%.

Contents:

Core study material: 

HomeCoursesESA
4TU.
Cyber Security
Part of the 4TU.Federation
Close
4TU.Research
Applied Mathematics InstituteBuilt EnvironmentDesign UnitedEnergyEthics & TechnologyHealthHigh-Tech MaterialsHistory of TechnologyNIRICT (ICT)Resilience EngineeringResearchDataHTSF I (high tech research)HTSF II (high tech research)
4TU.Education
Centre for Engineering Education4TU.VO (secondary education)SAI (Engineering Doctorate)Education programmes
4TU.Valorisation
4TU.IMPACTThematic Technology TransferSpin-off Stories4TU Impact Challenge
TU DelftTU EindhovenUniversity of TwenteWageningen University
© 2024 4TU.Federation