Course syllabus

Avancerad datasäkerhet
Advanced Computer Security

EITN50, 7,5 credits, A (Second Cycle)

Valid for: 2016/17
Decided by: Education Board A
Date of Decision: 2016-04-05

General Information

Elective for: C4-da, C4-sec, D4-ks, D4-se, E4
Language of instruction: The course will be given in English

Aim

The goal of this course is to give the students an in-depth insight into the main problems and solutions within security for computers, embedded devices and networks. As such it deepens acquired knowledge on computer security from earlier courses and gives an analytic understanding behind today’s security solutions. This will allow the student to select by him/herself among existing solutions and/or to present solutions with good quality.

Learning outcomes

Knowledge and understanding
For a passing grade the student must

• analyze a security problem in a computer system or a consumer device
• present solutions of good quality to many standard security problems in processing systems and networks
• basic insight in procedures for forensic data and network analysis
• possess detailed knowledge of building blocks used in computer and network security
• understand the mechanisms of the most frequently used attack methods

Competences and skills
For a passing grade the student must

• present detailed descriptions of systems that are applied to improve security in computer and network systems
• be able to perform a basic forensic data and network analysis procedure
• be able to analyse and explain how an existing protection mechanism works
• give a sound motivation of a proposal of a solution to an IT system security problem

Judgement and approach
For a passing grade the student must

apply the acquired knowledge in a series of five projects that require the student to gather additional knowledge and insight to finalize the project. Quality of motivation in solutions in depth and reflection on alternatives will be judged. Factual knowledge is trained through self-passed studies and assignments within the course time frame.

Contents

Introduction: In-depth knowledge in computer, embedded devices, and network security is needed when designing secure information systems and (computer) applications. Modern systems will operate more autonomously and their security will depend increasingly on the availability of trusted execution environments. Special care is needed in the software development process for these systems. Since attacks on systems will occur it is also important to understand how intrusion can be analyzed and should be dealt with in a professional way. The course contents is focusing on the following two main areas; Platform Security and Secure Software.

The course will also contain certain deep dive in Network security and overviews on connected areas such as Computer Forensics and  DRM protection.

Computer Forensics (overview 1)

• principles,
• standard practices,
• steganography
• tools.

Network Security (selected deep dives):

• Authentication: Radius and Diameter, Login protocols, LTE,
• Protocols in use: IPSec, types of VPNs,
• Threats: Network threats, DDOS, Botnets

Platform security (main area I):

• Secure execution: Special OSes, SELinux, Virtualisation and security, Java type VMs,
• Trusted Computing Group TCG (TPM),
• ARM Trustzone,
• Intel SGX,
• RFID, smartcards.
• Mobile phone security: Android

DRM (overview 2):

• Basic protection problem,
• Historical perspective on (failed) solutions
• Content protection, SW protection, Licensing systems,
• Obfuscation, white-box cryptography

Secure SW (main area II):

• Common (security) faults in programs,
• Secure SW development process,
• Assisting code analysis tools,
• Malware: Development, phising, clickfraud

Projects (tentative content)

• Project A: Forensic Analysis of disc and USB drive image
• Project B: IPSec lab, setup and traffic logging
• Project C: DDos attack lab
• Project D: TPM 1.2 use
• Project E: Reverse Engineering of binary executables

 

Examination details

Grading scale: TH
Assessment: To pass this course all projects must be approved and all theme tests (5) must be passed. Final grade 3, 4, or 5 is based on the cumulative score of the individual theme tests. Candidates eligible for grade 5 may be called to an oral verification test. A passing grade can also be obtained after successful oral exam, but then highest grade 3 or 4 is achievable. Students should always sign-up for an oral exam.

Admission

Required prior knowledge: EIT060 Computer Security or EDI051 Cryptology.
The number of participants is limited to: No
The course overlaps following course/s: EIT015

Reading list

• Powerpoint slides and Lecture notes on the main course topics.

Contact and other information

Course coordinator: Professor Ben Smeets, ben.smeets@eit.lth.se
Course homepage: http://www.eit.lth.se/course/eitn50
Further information: With less than 16 participants, the course may be given with reduced teaching and more self studies.