Engelsk   Dansk
Velkommen til Københavns Universitets kursuskatalog

NDAA09031U  Proactive Computer Security Volume 2014/2015

Course information

LanguageEnglish
Credit7,5 ECTS
LevelFull Degree Master
Duration1 block
Placement
Block 4
Schedule
B (Mon 8-12 + Tues 13-17 + Fri 8-12)
Course capacity60
Continuing and further education
Study boardStudy Board of Mathematics and Computer Science
Contracting department
  • Department of Computer Science
Course responsible
  • Ken Friis Larsen (8-736e74697a7b6d76486c7136737d366c73)
Lecturers
External lectures from industry
Saved on the 11-12-2014
Content

 

 

The goal of this course is to familiarize the student with aspects of it-security. This course will be based on the offensive part of it-security and present the student with selected topics, whereby the student will acquire a basic knowledge of penetration testing.

 

 

Learning Outcome

At course completion, the successful student will have:

Knowledge of:

  • The foundation of the internet including firewall functionality, IDS
  • What is: portscanning, fuzzing, stack and heap overflow, shellcode
  • Web security
  • Tools used for it-security and their limitations
  • Mitigation techniques

Skills in:

  • Do reconnaissance of a given target
  • Analysing simple web-services for security problems, especially injection attacks, and demonstrate how to fix them
  • Do basic binary reverse engineering
  • Describe and apply stack overflows and heap overflows, as well as counter mechanisms.
  • Use and develop shellcode

Competences to:
Find and evaluate security issues using fuzzing, static analysis, reverse engineering, and auditing of the source code.

Literature

See Absalon when the course is set up.

Teaching and learning methods
Lectures, exercise labs, and mainly work on the practical individual mandatory given assignments.
Academic qualifications
You need to be proficient in both high-level and low-level programming, and will be expected to hand-in solutions written in C, assembler, and perhaps PHP or Python. You are expected to have an understanding of the low-level architecture of computers.

The practical work in the course is based on command-line UNIX tools, thus you are expected to have access to a Linux box and have a working knowledge of how to use Linux via a command prompt.
Sign up
Self Service at KUnet
Exam
Credit7,5 ECTS
Type of assessment
Continuous assessment
Continuous assessment with six to eight written assignments. Each assignment will have equal weight towards to final grade, with the exception of the final assignment which will count as double. Submission in Absalon.
Marking scale7-point grading scale
Censorship formNo external censorship
Several internal examiners.
Re-examRe/-submission of slightly modified mandatory assignments.
Criteria for exam assesment

See learning outcome.

Workload
CategoryHours
Lectures14
Practical exercises14
Project work178
Total206
Saved on the 11-12-2014