Københavns Universitet - Kurser
NDAA09031U Proactive Computer Security
Volume 2013/2014
Education
MSc Programme in Computer
Science
Content
The goal of
this course is to familiarize the student with aspects of
it-security. This course will be based on the offensive part of
it-security and present the student with selected topics, whereby
the student will acquire a basic knowledge of penetration testing.
Learning Outcome
At course completion,
the successful student will have:
Knowledge of:
Find and evaluate security issues using fuzzing, static analysis, reverse engineering, and auditing of the source code.
Knowledge of:
- The foundation of the internet including firewall functionality, IDS
- What is: portscanning, fuzzing, stack and heap overflow, shellcode
- Web security
- Tools used for it-security and their limitations
- Mitigation techniques
- Do reconnaissance of a given target
- Analysing simple web-services for security problems, especially injection attacks, and demonstrate how to fix them
- Do basic binary reverse engineering
- Describe and apply stack overflows and heap overflows, as well as counter mechanisms.
- Use and develop shellcode
Find and evaluate security issues using fuzzing, static analysis, reverse engineering, and auditing of the source code.
Literature
See Absalon when the course
is set up.
Academic qualifications
You need to be proficient
in both high-level and low-level programming, and will be expected
to hand-in solutions written in C, assembler, and perhaps PHP or
Python. You are expected to have an understanding of the low-level
architecture of computers.
The practical work in the course is based on command-line UNIX tools, thus you are expected to have access to a Linux box and have a working knowledge of how to use Linux via a command prompt.
The practical work in the course is based on command-line UNIX tools, thus you are expected to have access to a Linux box and have a working knowledge of how to use Linux via a command prompt.
Teaching and learning methods
Lectures, exercise labs, and
mainly work on the practical individual mandatory given
assignments.
Workload
- Category
- Hours
- Lectures
- 14
- Practical exercises
- 14
- Project work
- 178
- Total
- 206
Sign up
Self Service at KUnet
As an exchange, guest and credit student - click here!
Continuing Education - click here!
As an exchange, guest and credit student - click here!
Continuing Education - click here!
Exam
- Credit
- 7,5 ECTS
- Type of assessment
- Continuous assessmentContinuous assessment with six to eight written assignments. Pass / Fail. Internal grading. Submission in Absalon.
- Marking scale
- passed/not passed
- Censorship form
- No external censorship
- Re-exam
- Re/-submission of mandatory assignments.
Criteria for exam assesment
See learning outcome.
Course information
- Language
- English
- Course code
- NDAA09031U
- Credit
- 7,5 ECTS
- Level
- Full Degree Master
- Duration
- 1 block
- Placement
- Block 4
- Schedule
- B
- Course capacity
- 50
- Continuing and further education
- Study board
- Study Board of Mathematics and Computer Science
Contracting department
- Department of Computer Science
Course responsibles
- Ken Friis Larsen (kflarsen@di.ku.dk)
Lecturers
External lectures from industry
Saved on the
30-04-2013