Course contents *

• introduction to security
• introduction to cryptography
• authentication, access control, security models
• intrusion detection, firewalls
• malware: virus/worm/trojans
• web attacks
• buffer overflows 
• secure programming
• human factors, audits, social engineering.

Intended learning outcomes *

The students should be able to:

• recognize threats to confidentiality, integrity, and availability of systems,
• explain the basic computer security terminology and concepts and use them correctly,
• find and apply documentation of security-related problems and tools,
• analyze small pieces of code or system descriptions in terms of their security,
• identify vulnerabilities of such code or descriptions and predict their corresponding threats,
• select counter-measures to identified threats and argue their effectiveness,
• compare counter-measures and evaluate their side-effects,
• present and explain their reasoning to others

in order to be able to:

• develop software or computer systems with security in mind,
• go on to more specialized topics, such as network security.

Course Disposition

No information inserted

Specific prerequisites *

No information inserted

Recommended prerequisites

Internet protocols and principles, basics of command-line interface and operating systems, and general programming skills are prerequisites. Web programming (html, javascript, sql) knowledge is needed for lab exercises.

Equipment

No information inserted

Literature

The course literature is not yet decided but will be announced on the course web page at least 4 weeks before course start.

Grading scale *

A, B, C, D, E, FX, F

Examination *

• LAB1 - Laboratory Work, 3.0 credits, Grading scale: P, F
• TEN1 - Examination, 3.0 credits, Grading scale: A, B, C, D, E, FX, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

In this course all the regulations of the code of honor at the school apply, see:https://www.kth.se/en/eecs/utbildning/hederskodex/. As an example of a concrete application of the code of honor, course participants will not attack systems without the consent of the owner and users of the system.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted

Examiner

Sonja Buchegger

Course web

Further information about the course can be found on the Course web at the link below. Information on the Course web will later be moved to this site.

Offered by

EECS/Computer Science

Main field of study *

Computer Science and Engineering

Education cycle *

Second cycle

Add-on studies

DD2449 Foundations of Cryptography, DD2460 Software Safety and Security, EP2500 and EP2520 Networked Systems Security

Contact

Sonja Buchegger, e-post: buc@kth.se

Ethical approach *

• All members of a group are responsible for the group's work.
• In any assessment, every student shall honestly disclose any help received and sources used.
• In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Supplementary information

In this course, the EECS code of honor applies, see:
http://www.kth.se/en/eecs/utbildning/hederskodex