- Forged E-Mail, Spam and Malwares,
- Basics in cryptography,
- Network and Application Vulnerabilities: IT spoofing, session hijacking, exploits, sniffing,
- Proxies, IDS, Hacking methods,
- Secure communications,
- Security at the User Level.
Given the learning outcomes of the "Master in Computer Science and Engineering" program, this course contributes to the development, acquisition and evaluation of the following learning outcomes:
- INFO5.2, INFO4-5
- INFO6.1, INFO6.3, INFO6.4
Given the learning outcomes of the "Master  in Computer Science" program, this course contributes to the development, acquisition and evaluation of the following learning outcomes:
- SINF5.2, SINF4-5
- SINF6.1, SINF6.3, SINF6.4
The course provides a broad view of computer system security that provides a general knowledge of the field for non-specialists and a base for future specialists.
Students completing successfully this course will be able to
- defend the need for protection and security, and the role of ethical considerations in computer use,
- identify security strengths and weaknesses in computer systems,
- explain the problems addressed by digital forensics and outline the basic principles involved in its practice,
- compare and contrast current methods for implementing security.
The contribution of this Teaching Unit to the development and command of the skills and learning outcomes of the programme(s) can be accessed at the end of this sheet, in the section entitled “Programmes/courses offering this Teaching Unit”.
The course covers a wide spectrum of the security problems related to computer systems and principles of building secure systems. This course will introduce fundamentals of computer security and applied cryptography. Topics include software vulnerabilities, malware, security in web applications, networking and wireless security, and applied cryptography.
- In-class exercices and practical lab sessions.
- Homework and projects are mandatory to be solved individually.
Evaluation methods: - Project (35% of the final mark) - Final exam (65% of the final mark) The project work is mandatory and cannot be repeated for the second examination session. ******
INGI2347 vs INGI2144
- Class INGI2347 is an introductory to computer system and network security, while class INGI2144 is an advanced course on application security.
- LINGI2141 or eventually LELEC2920 : Background in computer networks
- LFSAB1402 : Basic knowledge in programming
- INFO2MS and SINF2MS students are both compliant with these prerequisites. Student who do not know if their background allows them the attend the course (e.g. students from ELEC, ELME or MAP) should contact the teaching assistant or lecturer.
- Weaknesses in network can be filled by reading the book "Computer Network" by Andew Tanenbaum. The most important topics that will be used in INGI2347 are: SMTP, Telnet, IP, TCP, ARP, MAC, OSI layered model.
Textbooks (not mandatory)
- Introduction to Computer Security' by Michael Goodrich & Roberto Tamassia (ISBN-10: 0321512944, ISBN-13: 9780321512949)
- Security Engineering: A Guide to Building Dependable Distributed Systems' 2nd ed. by Ross J. Anderson (ISBN-10: 0470068523, ISBN-13: 978-0470068526)
Mandatory documents: slides, notes and readings on the Moodle course.