Bygger på

IMT2282 Operating systems and IMT3381 Application security

Forventet læringsutbytte

The course will address the vulnerabilities of released software and of network applications. The students should after the end of the course have a good overview of the threats that exists towards released software, networks, and network services. A deeper analysis and a set of practical exercises will be the foundation for a deeper understanding into some specific security vulnerabilities that exists with and without available source code.

Emnets temaer

• Ethical Hacking and Penetration Testing – definitions
• Password attacks
• Privilege escalation
• DNS vulnerabilities
• Network mapping
• Wireless problems
• Software vulnerabilities
  • Buffer overflow, format strings, integer overflow
• Web application problems
  • XSS, parameters, persistence
  • SQL-injection
• Data mining
• Fuzzing

Pedagogiske metoder

Forelesninger
Gruppearbeid
Lab.øvelser
Oppgaveløsning

Vurderingsformer

Skriftlig eksamen, 2 timer

Karakterskala

Bokstavkarakterer, A (best) - F (ikke bestått)

Sensorordning

Evaluation by the lecturer

Gjennomføring av kontinuasjon

Ordinary re-sit examination

New project(s) at next course dates

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)

None

Obligatoriske arbeidskrav

1-3 Project(s), must be approved. Specifics to be announced at course start.

Læremidler

Articles and book chapters. Specifics to be announced at course start.