The learning goals of the theory part of this minor are:
- to understand and explain the basic concepts at the basis of the functioning of the Internet and of the major types of cyberattacks.
- to understand and apply methods to find, collect, filter, combine, analyze and visualize (public) data for forensic purposes applied to cybercrimes.
- to understand the principles of “data minimalization”, “proportionality” and “subsidiarity” in privacy and the technical and organizational measures for information security. They will then apply the acquired knowledge to a set of hands-on case studies.
- to understand the ways in which cybersecurity can be governed and regulated, and how differences across jurisdictions post challenges. They are able to find and apply the key international agreements on cybersecurity cooperation and will understand the key governance approaches behind it.
- to explain the principles of situational approach to crime, social engineering and compliance in relation to cybersecurity and cybercrime, and develop ideas for social intervention.
- to understand the risk posed by cyber attacks to various organisations, model and assess the impact of a cyberattack on an organisation and finally propose an optimal security strategy for a firm.
- to reason about the ethical aspects of security research.
Internet Technology - As users, we depend on the Internet in every aspects of our daily life. But the Internet is also an enabling technology for a plethora of malicious activities ranging from cyberdeviance to actual cybercrime. This component will treat the following topics. First, it will teach the students the basic concepts for the functioning of the Internet which are misused in the most common Internet attacks, such as networks, addressing at network and transport level, core Internet services like the Domain Name System. Then the component will link these concepts to common types of Internet attacks, such as scans, worms and Denial of Service attacks. For each of these attacks, the component will also briefly describe existing mitigation techniques.|
Introduction to Digital Forensic for Cybercrime - Cybercrime (e.g., fraud and identity theft, information warfare, phishing scams, spam, and distributed denial of service attacks) has been recently taken more and more seriously by organizations and society at large. However, we do not yet master the knowledge about what to do when victim of an attack. How do we understand what type of attacks hit us? How do we document it for others to understand? This component is practically oriented. Via a set of examples and real network traffic (for example, using real denial of service attacks, explained in IT), the students will learn how to collect relevant data (e.g. network packets), how to extract from these data information relevant to a specific attacks (e.g. the IP addresses, a DNS query that has been misused..), how theses data can be analyzed (for example, by means of simple statistics) and finally how attack evidences can be reported.
Privacy and Information Security - Privacy and Information Security are two separate, but inextricably linked topics. Privacy concerns are about the fair collection of (sensitive) data on private individuals. Information security is about protecting the information managed by an organization against unauthorized access (from within and outside of the organization). Often, the information that needs to be protected is privacy-sensitive. This component will address the following topics. The students will first familiarize with the principles of “data minimalization”, “proportionality” and “subsidiarity” in the context of privacy. Then they will learn about technical (e.g. encryption) and organizational measures (e.g. what/who constitutes a threat?) for information security.
Governance & Regulation of Cybersecurity - As a transnational phenomenon, cybersecurity cannot be regulated by individual states. International and EU cooperation is needed to formulate rules on security standards as well as on fighting cybercrime. This component will investigate the differences across countries and organizations and identify and analyze the challenges introduced by such differences. It will then explore how the involvement of governmental as well as non-governmental rule-makers at the national, EU and global level results in new governance challenges.
Psychological aspects of Cybercrime - The human side of cybersecurity has many facets. This thematic component will present an overview of a number of topics that all show how human factors increasingly affect cybersecurity. First, it will discuss the topic of crime, as a result of human nature and human development (the person approach to crime), and also as affected by the context of crime (crime science). The component will also describe cybercrime (what is it, how much is there?). Second, this component will discuss social engineering, or “the art of hacking the human” (what is it, can we change human vulnerabilities?). Last, this component will discuss compliance and fraud in organizations.
Economical Aspects of Cybercrime - Organizations need to invest in cybersecurity to protect themselves from cybercrime. However, when, how and how much they need to invest, it is not always clear or in line with an organization strategy. This thematic component aims at making students capable of evaluating the present cybersecurity readiness of an organization and estimating the net economic impact of a cyber attack. The component will address the following topics: (1) economics of information goods; (2) measurements of cybersecurity; (3) modelling the impact of cybersecurity breaches; (4) security strategies in organizations.
Vulnerability Disclosure & Ethics - A security vulnerability is a weakness that can be misused to reduce the overall security strength of a system. In cybercrime, a new security vulnerability is extremely valuable, since it will give an attacker advantage on other attackers and also on security experts and authorities. At the same time, research into security vulnerabilities is also a necessary component for the prevention of cybercrime. Vendors must know about vulnerabilities in order to fix them, or the police may require vulnerabilities to investigate or perform forensics. The question then becomes, how do we balance these activities? This component will teach the students to critically discuss the issue of vulnerabilities in an ethical context. It will also discuss issues about the legal/illegal status of working with (undisclosed) vulnerabilities. In addition, the component will explain and discuss guidelines about vulnerability disclosure (how do we communicate to others that a vulnerability has been identified, without creating new opportunities for attacks?). Finally, we will ask the students for an ethical paragraph of their project, which will be discussed with the students. We will supervise and discuss the ethical dilemmas of their projects during execution as well.
Assumed previous knowledge
|No prerequisite knowledge||Required materials-Recommended materials-Instructional modesTests|
|Intro to Digital Forensic for Cybercrime|
|Privacy and Information Security|
|Governance & Regulation of Cybersecurity|
|Psychological aspects of Cybercrime|
|Economical Aspects of Cybercrime|
|Vulnerability Disclosure and Ethics|