Intrusion detection, firewalls, intrusion prevention systems, and threat intelligence. These fundamental cybersecurity themes will be explored in detail this week with Fernando Silvia in the “EU and Global Cybersecurity Fundamentals” course within the ECPC Advanced Master in Privacy, Cybersecurity and Data Management!
In this fifth week of the course, students will gain in-depth knowledge about intrusions, cyber trespass, building secure systems to prevent attacks, the “Know your enemy” principle, and the role of threat intelligence in a comprehensive cyber/data security strategy.
We’ll kick-off the lecture with an intro into unwanted or hostile trespassing by either users or software, which represent a significant security problem for networked systems. User trespass may consist of unauthorized logon or other access to a machine, or the acquisition of privileges or performance of actions beyond those that have been authorized.
Students will then be acquainted with the “Know your enemy” principle, which can be used to build a secure system to protect from attacks. According to this principle, the more that is known about the enemy, the higher the chance an organization will have to discover attack vectors and predict potential exploitations. To this end, we’ll look at firewalls which can be an effective means of protecting a local system (or a network of systems) from network-based security threats while at the same time affording access to the outside world via wide area networks and the Internet.
Finally, we will delve into intrusions! Focus will be placed on the importance of intrusion prevention systems. To this end, the role of Red/Purple/Blue teams and the frameworks methodologies around the role of threat intelligence will be dealt with. We will furthermore examine the nature of intruders and how they attack and then students will be presented with different strategies for intrusion detection.