UCL - Computer system security

[INGI2347]

[30h + 15h] 5 credits

This course is taught in the 2d semester.

Teacher(s): Gildas Avoine

Language: English

Level: Second

Aims
Main themes
Content and teaching methods
Other information (prerequisite, evaluation (assessment methods), course materials recommended readings, ...)

Aims

The provide a wide spectrum of the security problems everyone may face when using a computer, and explain how to mitigate them.

Main themes

- Forget E-Mail and Spam.
- Viruses and other malwares.
- Netwok and Application Vulnerabilities: IT spoofing, session hijacking, exploits, sniffing.
- Firewals, proxies an address translation.
- Cryptography: exhaustive search, RSA, birthday pardox, bash function, secret key and public key encryption, etc.
- Secure communications: VPN, SSL/TLS, IPSec.
- WEP, WPA.
- Security at the User Level: passwords, PGP, Kerberos, Challenge/response protocols.

- Lectures
The schedule of the lectures is posted on the class web site. Students can get a sense of the topics to the covered by looking at the textbook. Lectures notes are not provided but handouts are available on the class web site

-In-class Exercices
In-class exercices take place every to weeks. Exercises are given and solved during the session and solution sheet in supplied afterwards.

- Challenges
Challenges are practical exercises that are introduced at the end of the lectures. Students solve these challenges by themselves, at home or in the INGI's computer rooms. Results of the challenges are giving during the in-class exercises.

Content and teaching methods

see "Main themes"

Other information (prerequisite, evaluation (assessment methods), course materials recommended readings, ...)

- INGI2347 vs INGI2144
Class INGI2347 is an introduction to network and application security, while class INGI2144 is an azdvanced course on application security.

- Prerequisite :
Background in computer networks (e.g. INGI2141 or ELEC2920) and basic knowledges in programming are expected. INFO2MS and SING2MS are both compliant with these prerequisites.

Student who do not know if their background allows them the attend the course (e.g. , students from ELEC, ELME or MAP) should contact the teaching assistant or lecturer.

Weaknesses in network can be filled by reading the book "Computer Network" by Andew Tanenbaum. The most important topic that will be used in INGI2347 are: SMTP, Telnet, IP, TCP, ARP, MAC, OSI layered model.

- Texbook (not mandatory)
Students are not required to buya texbook, although lectures and in-class exercices ruky on the book mentioned below.

Title : Computer system security, basic concepts and solved Exercices
Authors: G. Avoine, P. Junod and Ph. Oechslin
Harcover: 270 pages
Publisher: EPFL Press; 1 edition (July 2007)
Language: English
ISBN-10: 1420046209
ISBN-13: 978-1420046205