2020-2021 / INFO8013-1

Advanced Computer Security

Durée

20h Th, 20h Labo., 30h Proj.

Nombre de crédits

 Master : ingénieur civil en informatique, à finalité5 crédits  
 Master : ingénieur civil en informatique, à finalité (double diplômation avec HEC)5 crédits  
 Master en sciences informatiques, à finalité5 crédits  
 Master en sciences informatiques, à finalité (double diplômation avec HEC)5 crédits  

Enseignant

Benoît Donnet, Laurent Mathy

Langue(s) de l'unité d'enseignement

Langue anglaise

Organisation et évaluation

Enseignement au deuxième quadrimestre

Horaire

Horaire en ligne

Unités d'enseignement prérequises et corequises

Les unités prérequises ou corequises sont présentées au sein de chaque programme

Contenus de l'unité d'enseignement

This course is the natural follow-up of INFO0045 (Introduction to Computer Security). The objectives behind this course are to extend students' knowledge on Computer Security by discussing and practicing up-to-date Computer Security concepts.
The course is divided in two parts. In the first part, a few theoretical lessons are provided on advanced concepts based on cryptography mechanisms usage (see below for the table of content). In the second part, students practice advanced concepts in Computer Security, such as Data Protection and Penetration Testing. Students are also exposed to scientific papers on Computer Security.
Table of Content (Theoretical lessons)

  • Administrative Details
  • Chapter 1: Advanced Digital Signatures
  • Chapter 2: Authentication Protocol
  • Chapter 3: Bank Card Payment
  • Chapter 4: Merkle Tree
  • Chapter 5: BlockChains

Acquis d'apprentissage (objectifs d'apprentissage) de l'unité d'enseignement

Upon completing this course, students will have a better understanding on how cryptography can be used through several use cases.
Students will also be aware on how to read a scientific paper dedicated to Computer Security and, consequently, be aware of advanced topics in Computer Security.
Finally, Students will increase their practical knowledge of Computer Security

Savoirs et compétences prérequis

Good knowledge of basics in Computer Security (INFO0045 or assimilated), in Computer Networking (INFO0010 or assimilated), in Operating Systems (INFO0940 or assimilated), and in Computation Structure (INFO0012 or assimilated).
Being comfortable with programming in C is also suitable (Students must be comfortable with pointers and memory management).

Activités d'apprentissage prévues et méthodes d'enseignement

The course is organized as follows:

  • Lectures (30 hours) describing in details the theoretical and practical concepts of the course
  • Lab sessions.  Labs are done individually and a short report (a simple text file to fill in) must be completed by the end of the lab
  • Several assignments to be done in teams of 2 students

Mode d'enseignement (présentiel, à distance, hybride)

Face-to-face lectures, lab sessions, and seminars.
The course is entirely given in English.

Adaptations organisationnelles liées au contexte sanitaire

Lectures recommandées ou obligatoires et notes de cours

Slides, labs, and assignment subjects are available on the course web page.
Following books have been used for building the theoretical lessons:

  • A. J. Menezes, P. C. van Oorschot, S. A. Vanstone. Handbook of Applied Cryptography. CRC Press. 5th Edition. August 2001
  • K. Finkenzeller. RFID Handbook, Fundamentals and Applications in Contactless Smartcards, Radio Frequency Identification, and Near-Field Communication. Ed. Wiley (3rd Edition). 2010.
Additional references are provided throughout the slides, labs, assignment subject.

Modalités d'évaluation et critères

Vous trouverez ci-dessous les modalités d'évaluation envisagées pour les examens en présentiel et à distance ainsi que celle souhaitée en cas de session hybride. En fonction de l'évolution sanitaire, la modalité choisie vous sera communiquée au plus tard un mois avant le début de la session d'examen.

The evaluation will be mainly based on practical sessions (both labs and the assignment).  An oral exam will also be organized on theoretical lessons, the assignment, and possible seminars.
In more details:

  • Labs will account for 30% of the final grade
  • Assignment will account for 30% of the final grade (15% for the written report, 15% for the oral presentation and Q/As)
  • The Oral Exam (in June) will focus on theoretical lesson (1 question) and on assignment and seminar (1 question).  It will account fro 40% of the final grade.
Presence at labs is mandatory.  Attending all labs and doing the assignment is required for attending the oral exam.  In case of Lab absence and/or assignment not provided, the student will receive an "Absence" grade (and automatically be postponed to the resit). 
Resit
In case of failure in June, students must improve their assignment for the resit (deadline: 1st day of the resit session) if the grade was below 10/20 (only the report will be taken into account).  This must be done individually (note that no support will be provided, either by the TA or the lecturers, during summer).  Labs cannot be redone.
If the grade of the labs is favorable to the students, the resit session is identical to the first one, with the same weighting. On the other hand, if the grade of the labs is not favorable to the student, it will not be taken into account in the weighting in September, which becomes 30% for the assignment and 70% for the exam. Oral exam must be redone.

Stage(s)

Remarques organisationnelles

The course is organized during the Second term (from early February to mid-May), on Monday morning. All lectures are in English.

Contacts

Lecturers:

  • Benoit Donnet (email -- office 1.15/B28)
  • Laurent Mathy (email-- office 1.15/B37)
Teaching Assistants:
  • Gaulthier Gain (email -- office 1.8/B37)
  • Kenich Yasukata (email -- office 1.9/B37)
 
 

Notes en ligne

Course Web Site
The course web site contains PDF of the slides, labs/assignments subjects, details about gradings, and the course agenda.  It also allows students to interact with the Pedagogical Team through the Discussion forum.