Kursussøgning, efter- og videreuddannelse – Københavns Universitet

Videresend til en ven Resize Print Bookmark and Share

Kursussøgning, efter- og videreuddannelse

Proactive Computer Security (PCS)

Practical information
Study year 2016/2017
Time
Block 4
Programme level Full Degree Master
ECTS 7,5 ECTS
Course responsible
  • Ken Friis Larsen (8-7e797f748586788153777c417e8841777e)
  • Department of Computer Science
Course number: NDAA09031U

Course content

The goal of this course is to give students an introduction to IT security on a deeper technical level. The syllabus primarily takes on the viewpoint of the attacker, with excursions into defensive techniques motivated by the concrete attacks.

The course focuses on gaining a deep hands-on understanding of a few selected topics rather than covering more material with the use of specialized tools.

 

 

Learning outcome

After completing the course, the successful student will have:

Knowledge of:

  • Fuzzing, web security, stack and heap buffer overflows, shellcode, reverse engineering.
  • Details of the interaction between user programs and the operating system.
  • Tools used for IT security, especially reverse engineering.
  • Vulnerabilities and how to correct them and/or mitigate attacks against them.

 

Skills to:

  • Analyze simple web applications from a security perspective, locate vulnerabilities, and demonstrate how to rectify them.
  • Describe and apply exploitation techniques such as return-oriented programming and stack and heap buffer overflows, as well as counter mechanisms.
  • Do basic reverse engineering of binary programs and locate vulnerabilities.
  • Understand the link between vulnerabilities in binary programs and the insecure source code that produce them.
  • Recognize insecure source code and suggest corrections.
  • Use and develop shellcode.
  • Determine a vulnerability by reviewing an exploit of it, and suggest corrections.

 

Competences to:

  • Find and evaluate security issues using fuzzing, reverse engineering, and source code auditing.

Recommended prerequisites

You need to be proficient in both high-level and low-level programming, and will be expected to hand-in solutions written in C, assembler, and perhaps PHP or Python. You are expected to have an understanding of the low-level architecture of computers.

The practical work in the course is based on command-line UNIX tools, thus you are expected to have access to a Linux box and have a working knowledge of how to use Linux via a command prompt.

Sign up


As an exchange, guest and credit student - click here!

Continuing Education - click here!

Education

MSc programme in Computer Science

Studyboard

Study Board of Mathematics and Computer Science

Course type

Single subject courses (day)

Duration

1 block

Schedulegroup

A
---- SKEMA LINK ----

Teaching and learning methods

Lectures, exercise labs, student presentations, and mainly work on the practical individual mandatory assignments.

Capacity

60

Language

English

Literature

See Absalon when the course is set up.

Workload

Category Hours
Lectures 14
Practical exercises 14
Project work 164
Seminar 14
English 206

Exam

Type of assessment

Continuous assessment
Continuous assessment based on student presentation and six to eight written assignments. Each assignment will have equal weight towards the final grade, with the exception of the final assignment which will count as double. Submission in Absalon.

Aid

All aids allowed

Marking scale

7-point grading scale

Criteria for exam assessment

See learning outcome.

Censorship form

No external censorship
Several internal examiners

Re-exam

30 min oral exam based on resubmission of mandatory assignments. The assignments must be submitted no later than two weeks before the re-exam week.

Mere information om kurset
Er du BA- eller KA-studerende?
Er du bachelor- eller kandidat-studerende, så find dette kursus i kursusbasen for studerende:

Kursusinformation for indskrevne studerende