Chalmers -- Computer Science and Engineering

Hacker image

Computer Security -- EDA263

Spring semester, study period 3, 2014

(Course code DIT641 for Göteborg University)



News:


Course Description

Examiner: Assistant Professor Magnus Almgren, phone: 031-772 1702, email: magnus.almgren

The Computer Security course gives a broad overiew of the security area. The approach is largely technical, but the course will also address the important societal implications of security (or rather lack of security). Roughly, security deals with how to protect your system against intentional intrusions and attacks. The purpose of intrusions can be made to change or delete resourses (data, programs, hardware, etc), to get unauthorized access to confidential information or unauthorized use of the system's services. The course covers threats and vulnerabilities as well as rules, methods and mechanisms for protection. During a few lectures, a holistic security approach is taken and organizational, business-related, social, human, legal and ethical aspects are treated.

The Computer security course is the first within our Security specialization.

Recommended text book
Stallings & Brown: Computer Security,
Pearson, second edition, ISBN: 978-0-273-76449-6


Course Memo

The Course memo summarizes relevant information of the course.


Reading Instructions

Here are the reading instructions for the recommended course book (edition two): reading instructions for 2nd edition, rev. 140305-A.

The reading instructions for the first edition were provided last year and can be found on last year's homepage. However, these are not updated and there are differences between the versions so we recommend that you use the 2nd edition book (and always check the latest version of the reading instructions for the 2nd edition for changes).


Lab Information

All information concerning the labs is found on the Lab page.

Course Material

The following course material is electronically available. Please note that the lecture slides alone do not give a full coverage of the course contents.

All lectures are given in HC4. As per the course memo, we will only have Friday lectures for the first couple of weeks.

Lectures and slides


Extra Reading

  1. Lecture 1: Here is a description of an attack and the resulting problems for a private individual. Note the difference in assumptions between Amazon and Apple regarding the privacy of the numbers of the credit card.
  2. Lecture 3: An article about how buffer overflows work in detail with code examples: Smashing the stack for fun and profit, Phrack Magazine vol. 7, issue 49
    Jailbreaking your Iphone - shows how complicated attacks can be. Note the discussion about Address Space Layout Randomization, ASLR.
  3. Lecture 4:  GPU cluster guesses 350 billion passwords per second (in Swedish).
  4. Lecture 5: Why cryptosystems fail
  5. Lecture 7: DoS attack against twitter (NY Times)
  6. Lecture 8: Ptacek and Newsham: Insertion, Evasion, and Denial of Service - Eluding Network Intrusion Detection
    Honey Pots and Honey Nets - Security through Deception (SANS Institute)
  7. Lecture 10: Measurement theory
  8. Lecture 11: A security model for military message systems: Retrospective, Carl E. Landwehr, Constance L. Heitmeyer, John D. McLean (accessible from Chalmers network)
  9. Lecture 10: Differential Privacy
  10. Lecture 13: (1) Warm up forensic deductions with (2) the file out2.xlsx and (3) the file contacts.xlsx
    Trends of 2020 (what are your throughts?) Historical reading:  Computer network abuse act
  11. Lecture 15The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research

Course Evaluation


Examination dates 2014/2015

Sat 2014-01-18 am, Sat 2014-03-15 am, 2014-08-27 pm

Previous examinations

2014-03-15, 2014-01-18, 2013-08-28, 2013-03-12, 2013-01-17, 2012-08-29, 2012-03-08 + program for q5 2011-08-17, 2011-01-11, 2010-10-19, 2010-08-18, 2010-01-12, 2009-10-20

The following question from the exams above is no longer applicable: 2009-10-20 - 8c


URL for this page: http://www.cse.chalmers.se/edu/course/EDA263/index.html
Latest change 2014-02-17 by Magnus Almgren