It is offered in the framework of the Security and Privacy Master| of the European Institute of Innovation and Technology (ICT Labs).
It is also available in the normalMaster Degree in Computer Science and in Communication Engineering at the University of Trento.
The course aims at advancing students’ concrete knowledge of attacks on operating systems, networks, and applications witha significant spur of creativity. Security notices (and even proof of concept exploits) are a little more than research ideas. They tells that something may be possible but do not explain the details (for obviosu security reasons). The students must use their creativity to understand what can possibly work and transforms the gaps and holes in the description into a workable product.
This course is also part of the 10K students , an European (so far) initiative to improve cyber-security education.
The goal of the 2016/2017 course is from Vulnerabilities to Exploit.
This course will be divided in essentially two tracks: analytic and technical.
The technical track will include the actual development of the exploit an a successful grade will mean that the student has been able to successful craft his or her own exploit. In the analytic track students will analyze other exploits from the wild and discuss their similarities.
This is a practical hand-on course. There would be few lectures and mostly they would be presentations by students themselves to report how they are going.
The course include having access to software that may be used to damage other people's computers. Hence, students who wishes to particpate to this course must sign an ethical code of conduct and a non-disclosure agreement.
Qualification for the Course
In order to be admitted to the course students will have to pass the following lab exercises
Admission to the course is guaranteed if at least 50% of BOTH exercises is completed by the student (at least 2 vulnerabilities approximately identified AND the completed setup of the first exploit kit, bleeding life).
This is an eligible course. This course is available for 12 ECTS Credits.
We also report a selection of past projects successfully pursued by students.
Offensive Technologies (2014/2015). Development of ROP exploits.
Offensive Technologies (2015/2016). Analysis of Governmental malware.
The lectures/seminars etc. are on
|14.09||First lecture||All students||Admin. Technical Introd.|
|19.09||General introduction to vulnerabilities||All||Vulnerabilities|
|21.09||Finding vulns. in source code (excercise, all students)||All||See Google Classroom|
|26.09||General lecture on Exploit Kits||All||Exploit kits||Cybercrime surveys and reports: Targeted attacks in a world of scale Folk models of home comp. sec. Threat inflation; Ekits: Large scale XSS detection Anatomy of Exploit Kits Explit-as-a-service Exploiting ad-based url shortening|
|28.09||Exercise on Exploit Kits||All||See Google Classroom|
|10.1||Feedback on vulnerabilities||All|
|12.1||Feedback on vulnerabilities||All|
|17.1||Presentation on vulnerabilities||Analysts||See Google Classroom|
|19.1||Presentation on vulnerabilities||Technical||See Google Classroom|
|24.1||Recent Attacks to USA||All||NYT Coverage of the attack to Dyn and earlier coverage, Mirai's reported distribution, NYT Coverage of Mirai, OVH and Krebs; OVH initial attack and Mirai's description, Kreb's moaning, read the posts!, The actual vulnerability and one of the first IoT Botnet|
|26.1||Feedback on exploits||All||Exploit assignment|
|2.11||Feedback on exploits||All||,|
|7.11||Presentation on Linux 0-day, Tomcat, HT exploits||Analysts|
|9.11||Demo of Tomcat Exploits||Technical|
|28.11||Presentation on NSA attacks/targets||Analysts|
|30.11||Demo of Jenkins and Spring Exploits||Technical|
|5.12||Feedback session (problems, failures, ideas)||All|
|7.12||Feedback session (problems, failures, ideas)||All|
|12.12||Presentation on comparison between exploits||Analysts|
|14.12||Presentation on comparison between exploits||Analysts|
|19.12||Skeleton of final report||All||Optional submission of a skeleton to get feedback of content|
|19.12||Demo of working exploit||Technical|
|21.12||Demo of working exploit||Technical|
|15.01||Report Submission||All||See Google Classroom|
|22.01||Grading and Discussion||All||For final day see Google Classroom/ESSE3|
Other material is available in Google Classroom or in the Malware Lab Shares.