Software security (2017/2018)

Course code
4S003736
Name of lecturers
Mila Dalla Preda, Roberto Giacobazzi
Coordinator
Mila Dalla Preda
Number of ECTS credits allocated
6
Academic sector
ING-INF/05 - INFORMATION PROCESSING SYSTEMS
Language of instruction
Italian
Location
VERONA
Period
I sem. dal Oct 2, 2017 al Jan 31, 2018.

Lesson timetable

Go to lesson schedule

Learning outcomes

The course aims at providing knowledge on the main problems related to software security, currently available solutions, and open problems. In particular, we will consider both security issues related to the protection of the intellectual property and the integrity of the code, and those security issues related to the protection of sensitive information.

At the end of the course the student must demonstrate that he has acquired the necessary knowledge to define techniques for the protection of the intellectual property of the code and its integrity, evaluating the trade-off between safety and cost of the proposed technique and providing a critical analysis of the potentials attacks.

This knowledge will allow the student to: i) evaluate the resistance of code protection techniques with respect to potential attack scenarios; ii) assess the security of a system in protecting sensitive information.

At the end of the course the student will be able to: i) compare and choose from among the different existing software protection techniques those that best meet the specific needs of a system; ii) autonomously continue the study (also in the field of research) of code protection and system security.

Syllabus

The course will treat the followings: Software Protection -- Obfuscation Techniques -- Watermarking Techniques -- Tamper-proofing Techniques Similarity Analysis -- Known Algorithms -- Applications and open challenges -- Code Attribution Computer Security -- Secure Systems -- Access Control -- Non-interference & information flow -- Intrusion detection, execution monitors, safety properties

Reference books
Author Title Publisher Year ISBN Note
Christian Collberg, Javis Nagra Surreptitious Software (Edizione 1) Addison-Wesley Professional 2009 978-0-321-54925-9

Assessment methods and criteria

Project on software security and/or software protection. The project can be assigned to groups of at most 3 people. During the course the teacher will present possible topics for projects. The topic of the project can also be suggested by the students to the teacher.
The results of the project will be organized in a written relation and then presented orally to the teacher. During the oral presentation of the project the teacher may ask questions on the whole program of the course.
After the oral exam the teacher will read the relation and propose an evaluation.
Each individual or group exam has to be scheduled by appointment with the teacher.

STUDENT MODULE EVALUATION - 2017/2018