Computer system security [ LINGI2347 ]

> https://moodleucl.uclouvain.be/course/view.php?id=4793

• Forged E-Mail, Spam and Malwares,
• Basics in cryptography,
• Network and Application Vulnerabilities: IT spoofing, session hijacking, exploits, sniffing,
• Firewalls,
• Proxies, IDS, Hacking methods,
• Passwords and time-memory trade-off,
• Secure communications,
• Security at the User Level.

Given the learning outcomes of the "Master in Computer Science and Engineering" program, this course contributes to the development, acquisition and evaluation of the following learning outcomes:

• INFO1.1-3
• INFO2.1-5
• INFO5.2, INFO4-5
• INFO6.1, INFO6.3, INFO6.4

Given the learning outcomes of the "Master [120] in Computer Science" program, this course contributes to the development, acquisition and evaluation of the following learning outcomes:

• SINF1.M1
• SINF2.1-5
• SINF5.2, SINF4-5
• SINF6.1, SINF6.3, SINF6.4

The course provides a broad view of computer system security that provides a general knowledge of the field for non-specialists and a base for future specialists.

Students completing successfully this course will be able to

• defend the need for protection and security, and the role of ethical considerations in computer use,
• identify security strengths and weaknesses in computer systems,
• explain the problems addressed by digital forensics and outline the basic principles involved in its practice,
• compare and contrast current methods for implementing security.

• Homework and projects 35%
• Final exam 65%

Homework and projects are mandatory and cannot be repeated for the second examination session. For the second examination session, an alternate project (to be determined by the lecturer) can be carried out.

• Lectures
• In-class exercices and practical lab sessions.
• Homework and projects are mandatory to be solved individually.

The course covers a wide spectrum of the security problems related to computer systems and principles of building secure systems. This course will introduce fundamentals of computer security and applied cryptography. Topics include software vulnerabilities, malware, security in web applications, networking and wireless security, and applied cryptography.

Textbooks (not mandatory)

• Introduction to Computer Security' by Michael Goodrich & Roberto Tamassia (ISBN-10: 0321512944, ISBN-13: 9780321512949)
• Security Engineering: A Guide to Building Dependable Distributed Systems' 2^nd ed. by Ross J. Anderson (ISBN-10: 0470068523, ISBN-13: 978-0470068526)

Mandatory documents: slides, notes and readings on the course website

INGI2347 vs INGI2144

• Class INGI2347 is an introductory to computer system and network security, while class INGI2144 is an advanced course on application security.

Background:

• LINGI2141 or eventually LELEC2920 : Background in computer networks
• LFSAB1402 : Basic knowledge in programming
• INFO2MS and SINF2MS students are both compliant with these prerequisites. Student who do not know if their background allows them the attend the course (e.g. students from ELEC, ELME or MAP) should contact the teaching assistant or lecturer.
• Weaknesses in network can be filled by reading the book "Computer Network" by Andew Tanenbaum. The most important topics that will be used in INGI2347 are: SMTP, Telnet, IP, TCP, ARP, MAC, OSI layered model.