DD2497 Project course in System Security 7.5 credits

Projektkurs i systemsäkerhet

A project course that will conclude a track in computer security.

Show course information based on the chosen semester and course offering:

Offering and execution

No offering selected

Select the semester and course offering above to get information from the correct course syllabus and course offering.

Course information

Content and learning outcomes

Course contents *

The course includes several technologies for security of system software. The technologies are based on memory isolation, monitoring, static analysis and diversification to prevent, discover or mitigate illegal behaviour.

  • Part I. Trends in system security: buffer overflow, code injection, control flow manipulation, side channel attack, error injection
  • Part II. Design of system software
  • Part III. Mechanisms for system security: memory inspection, remote control, memory address randomization, reliable start, isolation of error in software

The main assignment in the course are to design, implement and evaluate. The work is carried out in groups as a project.

We base our experiments on an existing operating system.

Intended learning outcomes *

Having passed the course, the student should be able to:

  • identify vulnerability of systems, exploit them and evaluate their impact
  • compare the efficacy of different countermeasures
  • design and implement security mechanisms for computer systems
  • document their arguments and results

in order to

  • be able to evaluate and improve the security of computer systems.

Course Disposition

No information inserted

Literature and preparations

Specific prerequisites *

Data security equivalent to the course DD2395.

Recommended prerequisites

Computer security corresponding to the course DD2395. Operative systems corresponding to one of the courses ID1200/ID1206/ID2200/ID2206/IS1350.

Equipment

No information inserted

Literature

Will be announced on the course web no later than 10 weeks before the start of the course.

Examination and completion

Grading scale *

P, F

Examination *

  • INL1 - Project documentation, 1.0 credits, Grading scale: P, F
  • PRO1 - Project work, 6.5 credits, Grading scale: P, F

Based on recommendation from KTH’s coordinator for disabilities, the examiner will decide how to adapt an examination for students with documented disability.

The examiner may apply another examination format when re-examining individual students.

The examiner will decide, in consultation with KTH's coordinator for disabilities, on possible adapted examination for students with proven disability. The examiner may utilize another examination format when re-examining individual students.

Opportunity to complete the requirements via supplementary examination

No information inserted

Opportunity to raise an approved grade via renewed examination

No information inserted

Examiner

Roberto Guanciale

Further information

Course web

Further information about the course can be found on the Course web at the link below. Information on the Course web will later be moved to this site.

Course web DD2497

Offered by

EECS/Computer Science

Main field of study *

Computer Science and Engineering

Education cycle *

Second cycle

Add-on studies

The degree project.

Contact

Roberto Guanciale robertog@kth.se

Ethical approach *

  • All members of a group are responsible for the group's work.
  • In any assessment, every student shall honestly disclose any help received and sources used.
  • In an oral assessment, every student shall be able to present and answer questions about the entire assignment and solution.

Supplementary information

In this course, the EECS code of honor applies, see:
http://www.kth.se/en/eecs/utbildning/hederskodex