Checking date: 23/04/2024

Course: 2024/2025

Persistent Threats and Information Leakage
Master in Cybersecurity (Plan: 325 - Estudio: 288)


Department assigned to the subject: Computer Science and Engineering Department

Type: Electives
ECTS Credits: 3.0 ECTS


Requirements (Subjects that are assumed to be known)
COMPETENCES Master the knowledge required to propose original designs or developments, often in a research process within the area of cyber security. Ability to apply acquired knowledge to solve problems under novel or almost novel situations or within broader (multidisciplinar) contexts related with cyber security. Ability to state critical opinions and judgements having incomplete or limited information in the field of cyber security. These judgements must take into account include considerations about social and ethical responsibilities Discuss in a public audience about their acquired knowledge, and the conclusions from the work. Students will be able to give their foundational and most convincing reasons to a specialized and non specialized audience in a clear way, without ambiguities. Students should have the learning skills required to continue studying in a autonomous or self-directed way. Understand and apply methods and techniques to investigate vulnerabilities of a given site. Analyze and detect anomalies and attack signatures y systems and networks. Analyze and detect hiding techniques in attacks to systems and networks. Knowledge of trends in the cyber attacks techniques and knowledge about learned experiences in real cases Know and apply the cryptographic and steganographic mechanisms required to protect data stored in a system or data transiting a network. LEARNING OUTCOMES Regarding learning outcomes, this course contributes to the following ones: Knowing the type of information and defense mechanisms deployed in a system, explain the impact of different threats and intrusions and, in particular, information leaks. Explain the mechanisms that can be used to conceal an intrusion in a system.
Skills and learning outcomes
Description of contents: programme
Persistent threats and information leakage: 1. Persistent threats 1.1. Persistent techniques in compromised systems 1.2. APTs. Definitions, description and analysis. Current trends. 1.3. Advanced Command and Control Techniques 1.4. Stealthiness and evasion mechanisms. Rootkits 2. Covert channels. Steganography and steganalysis 2.1. Science of steganography definition. History 2.2. Steganographic system classification. Security evaluation 2.3. Modern steganography 2.4. Modern steganalysis
Learning activities and methodology
LEARNING ACTIVITIES Theoretical lectures Practical lectures Mixed theoretical and practical lectures Laboratory practices Tutoring sessions Teamwork Individual work by the student LEARNING METHODOLOGY Lectures by means of audiovisual media and computes. The main concepts will be exposed and bibliography will be provided to complete the students learning. Critical reading of recommended texts provided by the teacher: Press articles, reports, manuals, academic papers, etc. A further discussion can be done in class or it can be considered a way to consolidate and expand the knowledge on the subject. Practical case resolution, problems, etc. They can be assigned by the teacher in a team or individual manner Report assignments that can be done either individually or in group
Assessment System
  • % end-of-term-examination 30
  • % of continuous assessment (assigments, laboratory, practicals...) 70

Calendar of Continuous assessment

Basic Bibliography
  • Eric Cole. Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization. Syngress. 2012
  • Shabtai, Asaf, Elovici, Yuval, Rokach, Lior. A Survey of Data Leakage Detection and Prevention Solutions. Springer. 2012
  • Thales and Verint. The cyberthreat handbook. Thales. 2019
Recursos electrónicosElectronic Resources *
Additional Bibliography
  • ISACA. Advanced Persistent Threats: How To Manage The Risk To Your Business . ISACA. 2015
(*) Access to some electronic resources may be restricted to members of the university community and require validation through Campus Global. If you try to connect from outside of the University you will need to set up a VPN

The course syllabus may change due academic events or other reasons.