Aniello CASTIGLIONE | SYSTEM SECURITY PROGRAMMING TECHNIQUES
Aniello CASTIGLIONE SYSTEM SECURITY PROGRAMMING TECHNIQUES
cod. 1212500018
SYSTEM SECURITY PROGRAMMING TECHNIQUES
| 1212500018 | |
| DEPARTMENT OF MANAGEMENT & INNOVATION SYSTEMS | |
| EQF6 | |
| DIPLOMATIC, INTERNATIONAL AND GLOBAL SECURITY STUDIES | |
| 2024/2025 |
| OBBLIGATORIO | |
| YEAR OF COURSE 3 | |
| YEAR OF DIDACTIC SYSTEM 2019 | |
| AUTUMN SEMESTER |
| SSD | CFU | HOURS | ACTIVITY | |
|---|---|---|---|---|
| INF/01 | 6 | 42 | LESSONS |
| Exam | Date | Session | |
|---|---|---|---|
| CASTIGLIONE | 08/01/2025 - 10:00 | SESSIONE ORDINARIA | |
| CASTIGLIONE | 08/01/2025 - 10:00 | SESSIONE DI RECUPERO | |
| CASTIGLIONE | 22/01/2025 - 10:00 | SESSIONE ORDINARIA | |
| CASTIGLIONE | 22/01/2025 - 10:00 | SESSIONE DI RECUPERO |
| Objectives | |
|---|---|
| THE COURSE AIMS AT PRESENTING THE BASIC PRINCIPLES OF SECURE PROGRAMMING. IT WILL PROVIDE GUIDELINES AND BEST PRACTICE FOR DESIGN AND IMPLEMENTATION OF SECURE SYSTEMS. TO THIS AIM, IT WILL EXPLORE MAIN SOFTWARE VULNERABILITIES IN ORDER TO ALLOW STUDENTS TO UNDERSTAND THE CONDITIONS UNDER WHICH SUCH ATTACK VECTORS CAN BE IMPLEMENTED. IT WILL ALSO PROVIDE STRATEGIES TO MITIGATE KNOWN VULNERABILITIES. |
| Prerequisites | |
|---|---|
| BASIC KNOWLEDGE OF COMPUTER ARCHITECTURE, OPERATING SYSTEMS AND COMPUTER NETWORKS. KNOWLEDGE OF PROGRAMMING TECHNIQUES. |
| Contents | |
|---|---|
| THE COURSE WILL PROVIDE BASIC METHODOLOGIES FOR THE EVALUATION OF INFORMATION SYSTEM SECURITY. SPECIFICALLY, THE COURSE WILL PROVIDE: - AN INTRODUCTION TO THE TECHNIQUE FOR SYSTEMS' EVALUATION (8 HOURS) - BASICS OF STATIC ANALYSIS (8 HOURS) - DEFINITIONS OF SYSTEM VULNERABILITY AND INTRODUCTION TO DATABASES OF KNOWN VULNERABILITIES (4 HOURS) - INTRUSION VECTORS AND TECHNIQUES. LOCAL AND REMOTE CODE INJECTION (10 HOURS) - TECHNIQUES FOR VULNERABILITY MITIGATION (12 HOURS) |
| Teaching Methods | |
|---|---|
| THE COURSE CONSISTS OF THEORETICAL LECTURES AND OF PRACTICAL SESSIONS IN LAB. DURING THE LATTER THE STUDENTS WILL BE REQUIRED TO SOLVE EXERCISES UNDER THE GUIDANCE OF THE INSTRUCTOR. |
| Verification of learning | |
|---|---|
| THE EXAM CONSISTS OF AN ORAL EXAMINATION THAT WILL EVALUATE THE LEVEL OF COMPREHENSION OF COURSES TOPICS AND THE ABILITY OF STUDENTS TO APPLY SUCH KNOWLEDGE TO REAL-LIFE CASES. |
| Texts | |
|---|---|
| LOREN KOHNFELDER DESIGNING SECURE SOFTWARE (A GUIDE FOR DEVELOPERS) NO STARCH PRESS INC., 2022, ISBN (PRINT): 978-17185-0192-8 ISBN (EBOOK): 978-17185-0193-5 HTTPS://DESIGNINGSECURESOFTWARE.COM/ JUSTIN SEITZ, TIM ARNOLD BLACK HAT PYTHON, 2ND EDITION (PYTHON PROGRAMMING FOR HACKERS AND PENTESTERS) NO STARCH PRESS INC., 2021, ISBN (PRINT): 978-1-7185-0112-6 ISBN (EBOOK): 978-1-7185-0113-3 HTTPS://NOSTARCH.COM/BLACK-HAT-PYTHON2E COREY J. BALL HACKING APIS (BREAKING WEB APPLICATION PROGRAMMING INTERFACES) NO STARCH PRESS INC., 2022, ISBN (PRINT): 978-1-7185-0244-4 ISBN (EBOOK): 978-1-7185-0245-1 HTTPS://NOSTARCH.COM/HACKING-APIS |
| More Information | |
|---|---|
| STUDENTS ARE ENCOURAGED TO JOIN THE TEAMS GROUP (WHOSE CODE IS EJQAT8A - ALL LETTERS IN THE TEAMS CODE HAVE TO BE LOWERCASE) FOR ANY UPDATE ON THE COURSE OR FOR RECEIVING ADDITIONAL INFORMATION / MATERIAL PROVIDED BY THE INSTRUCTOR. |
BETA VERSION Data source ESSE3 [Ultima Sincronizzazione: 2024-12-13]
