This course aims at introducing basic concepts and techniques for the development of secure systems and networks. The course is formally split in two modules [CM0475] Security 1 (classes) and [CM0494] Security 2 (lab). This course used to cover cryptography which is now a separate course.
Security is one of the courses of the Laurea Magistrale (Master degree) in Computer Science at Ca’ Foscari, Venice. It is a blended course of the Ca’ Foscari e-learning program and combines traditional classroom teaching with on-line classes, tutoring, challenges and a live Capture The Flag (CTF).
- [20 Sep. 2017] The virtual meeting point is Slack. Read below for more information.
- [18 Sep. 2017] This year the course will be reorganised and spread on the two semesters. The first part will cover the concepts and will be in class, with six on-line challenges, the second part will mostly be on-line with a live CTF concentrated in three days. Stay tuned for more information!
- Written exam giving a base score;
- Challenges giving bonus on the base score: first submitted: +1, second and third: +0.5. Students completing all the six challenges will get +1 bonus;
- To access the bonus, solutions to challenges must include a short but clear explanation and the code of adopted scripts, exhaustively commented.
- The base score is the one of the first part;
- The CTF lab is passed by each team that will implement at least a successful attack and will score better than the “idlers” team in two of the three services of the CTF (more detail will be given in class)l
- The first three teams in the CTF will get a +2, +1, +0.5 bonus on the base score, respectively;
- In the unlikely and unfortunate case that members of a team do not pass the CTF lab, they will need to pass an individual lab exam.
- J. Erickson, Hacking, the art of exploitation, No starch press, 2008.
- R. J. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, 2008.
- The virtual meeting point for the on-line classes is on Slack! You can automatically signup with either your
- We set up a 32bit Linux virtual machine called testbed to let you experiment with the proposed exercises. Learn more!
- Background and tools
- Program exploitation
- [10/10/2017] Seminar by Giancarlo Pellegrino (CISPA, Germany)
- [11/10/2017] Overflow and stack protection
- [17/10/2017] Challenge – OVERSHADE (on-line class) [tips]
- [18/10/2017] Overwriting return address
Course material and books
All of the course material will be made available on-line here. The following books might anyway provide a useful reference: