Course syllabus

Avancerad datasäkerhet
Advanced Computer Security

EITN50, 7,5 credits, A (Second Cycle)

Valid for: 2013/14
Decided by: Education Board A
Date of Decision: 2013-04-15

General Information

Elective for: C4, C4-ks, C4-da, D4, D4-ks, E4, E4-ks
Language of instruction: The course will be given in English

Aim

The goal of this course is to give the students an in-depth insight into the main stream problems and solutions within security for computers, embedded devices and networks. As such it deepens acquired knowledge on computer security from earlier courses and gives an analytic understanding behind todays security solutions. This will allow the student to select by him/herself among existing solutions and/or to present solutions with good quality.

Learning outcomes

Knowledge and understanding
For a passing grade the student must

• Analyze a security problem in a computer system or a consumer device
• Present solutions of good quality to many standard security problems in processing systems and networks
• Basic insight in procedures for forensic data and network analysis
• Possess detailed knowledge of building blocks used in computer and network security
• Understand the mechanisms of the most frequent used attack methods

Competences and skills
For a passing grade the student must

• present detailed descriptions of systems that are applied to improve security in computer and network system
• be able to perform a basic forensic data and network analysis procedure
• be able to analyse and explain how an existing protection mechanism works
• give a sound motivation of a proposal of a solution to a it-system security problem

Judgement and approach
For a passing grade the student must

You will apply the acquired knowledge in a series of five projects that require you to gather, by yourself, additional knowledge and insight to finalize the project. Quality of motivation in solutions in depth and reflection on alternatives will be judged. Factual knowledge is trained through self-passed studies and assignments within the course time frame. 

Contents

Introduction: In-depth knowledge in computer, embedded devices, and network security is needed when designing secure information systems and (computer) applications. Modern systems will operate more autonomously and their security will depend increasingly on the availability of trusted execution environments. Special care is needed in the software development process for these system. Since attacks on systems will occur it is also important to understand how intrusion can be analyzed and should be dealt with in a professional way. The course contents is focussing on the following areas; Computer Forensics; Network Security; Platform Security, DRM, and Secure Software.

Computer Forensics:

• principles,
• standard practices,
• steganography
•  tools.

 Network Security revisited (main area I):

• Authentication: Radius and Diameter, Login protocols,
• Protocols in use: DTLS, Security in mobile networks UMTS and LTE, IPSec, types of VPNs,
• Threats: Network threats, DDOS, Botnets

Platform security (main area II):

• Secure execution: Special OSes, SELinux, Virtualisation and security, Java type VMs,
• Special security hardware: TCG (TPM), ARM Trustzone, RFID, SMARTCARDS.
• Mobile phone security: Android, MeeGo

 DRM:

• Basic protection problem,
• Historical perspective on (failed) solutions
• Content protection, SW protection, Licensing systems,
• Obfuscation, white-box cryptography

Secure SW (main area III):

• Common (security) faults in programs,
• Secure SW development process,
• Assisting code analysis tools,
• Malware: Development, phising, clickfraud

Projects

• Project A: Forensic Analysis of disc and USB drive image
• Project B: Extracting and analysis of information on computer and network, proxies and anonymity
• Project C: DDos attack lab
• Project D: IPSec lab, setup and traffic logging
• Project E: Secure sw development

 

Examination details

Grading scale: TH
Assessment: Grade 3, 4 requires approved project reports that will be graded. Grade 5 can be obtained after successful oral exam covering the projects and lecture material or approved progress test set (5). Students should sign-up for oral exam. Re-examination in ordinary re-examination period: NO.

Admission

Required prior knowledge: EIT060 Computer Security or EDI051 Cryptology.
The number of participants is limited to: No
The course overlaps following course/s: EIT015

Reading list

• Lecture notes in form of powerpoint slides and articles.

Contact and other information

Course coordinator: Professor Ben Smeets, ben.smeets@eit.lth.se
Course homepage: http://www.eit.lth.se/course/eitn50
Further information: With less than 16 participants, the course may be given with reduced teaching and more self studies.