Course contents

• introduction to computer security
• introduction to cryptography
• authentication, access control, security models
• intrusion detection, firewalls
• malware: virus/worms/troyans
• web attacks
• buffer overflow attacks
• human factors, security audits, and social manipulation
• selected current security related problems and technologies

Intended learning outcomes

After passing the course, the student should be able to

• identify threats against confidentiality, integrity and availability in system
• explain basic terminology and concepts in computer security and use them
• find and use documentation of security related problems and tools
• analyse simple program code and system descriptions to identify vulnerabilities and predict their corresponding threats
• select countermeasures against identified threats and argue for their applicability
• compare countermeasures and evaluate their side effects,
• present and explain their reasoning to others, 

in order to

• be able to develop software and computer system with security in mind
• if interested, be able to move on and specialise in computer and network security.

Course Disposition

No information inserted

Specific prerequisites

Completed courses in programming equivalent to DD1310/DD1311/DD1312/DD1314/DD1315/DD1316/DD1318/DD1331/DD1337/DD100N/ID1018 and computer science equivalent to DD1338/DD1320/DD1321/DD1325/DD1327/ID1020.

Active participation in a course offering where the final examination is not yet reported in LADOK is considered equivalent to completion of the course. This applies only to students who are first-time registered for the prerequisite course offering or have both that and the applied for course offering in their individual study plan.

Recommended prerequisites

Internet protocols and principles, basics of command-line interface and operating systems, and general programming skills are prerequisites. Web programming (html, javascript, sql) knowledge is needed for lab exercises.

Equipment

No information inserted

Literature

No information inserted

If the course is discontinued, students may request to be examined during the following two academic years.

Grading scale

A, B, C, D, E, FX, F

Examination

• LAB1 - Laboratory Work, 3,0 hp, betygsskala: P, F
• TEN1 - Examination, 3,0 hp, betygsskala: A, B, C, D, E, FX, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted

Examiner

Sonja Buchegger

Ethical approach

• All members of a group are responsible for the group's work.
• In any assessment, every student shall honestly disclose any help received and sources used.
• In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Course web

Further information about the course can be found on the Course web at the link below. Information on the Course web will later be moved to this site.

Offered by

EECS/Computer Science

Main field of study

Computer Science and Engineering

Education cycle

Second cycle

Add-on studies

DD2520 Applied Cryptography, DD2449 Foundations of Cryptography, DD2460 Software Safety and Security, EP2500 and EP2520 Networked Systems Security

Contact

Sonja Buchegger, e-post: buc@kth.se

Supplementary information

In the autumn semester 2020, the course component TEN1 will be assessed using a quiz for grade E and a master's test with oral assessment for higher degrees.

In this course, the EECS code of honor applies, see:
http://www.kth.se/en/eecs/utbildning/hederskodex