Advanced Topics in Security and Privacy

Uitgebreide vaknaam	Advanced Topics in Security and Privacy
Leerdoelen	At the end of the course, the student is able to: 1) identify various security and privacy problems that are present in today's networked devices. 2) apply techniques (e.g. differential privacy, role-based access control) from security/privacy to address real-world situations/problems. 3) select a relevant security/privacy technique (e.g. taint analysis) for a given problem (e.g. mobile security) and argue for the choice of this technique. 4) evaluate the selected technique on relevant aspects (e.g. scalability, correctness).
Omschrijving	Computers and networks are the backbones of our modern society. We are surrounded by smart devices (mobile phones, smart watches) that collect and process sensitive information more than ever. While we enjoy the benefits of these IT infrastructures/devices in almost every aspect of our lives (e.g. education, healthcare), these infrastructures pose many security and privacy risks. Data and/or digital assets can be stolen, a system can be manipulated to misbehave or a service can be made unavailable, to name a few. We need to be able to think like an adversary in order to be one step ahead and defend against ever sophisticated attacks. This course aims to provide an overview of some of the recent developments in security and privacy research in the form of lectures, presentations and course projects. The lectures will cover various data-centric security/privacy topics starting from traditional (but still valid!) areas of research including access control (RBAC, ABAC), Web security (CSRF, XSS) and mobile security. Then we will turn our attention to more privacy related topics such as privacy-enhancing technologies (e.g. differential privacy, homomorphic encryption), secure multi-party computing and perhaps more importantly machine learning security/privacy (backdoors, membership inferences). There will also be a dedicated lecture on the applications of blockchain technology (DApps) with an emphasis on security aspects (e.g. smart contract security, verifiable credentials, reentrancy attacks). The overall goal of the course is to equip students with the state-of-the-art information on the chosen topics while providing them an opportunity for a hands-on experience. The course will proceed in an interactive manner and promote constructive discussions. Students will be asked to make a presentation over a research paper they choose (a list will be provided a priori) and they will work on a practical course project within groups.
Uren per week
Onderwijsvorm	Bijeenkomst (S), Hoorcollege (LC), Opdracht (ASM), Practisch werk (PRC)
Toetsvorm	Opdracht (AST), Practisch werk (PR), Presentatie (P) (The final grade (F) is calculated as follows: if Pr>=5 and Pa>=5 then F=(Pr * .5 + Pa * .25 + As * .25) else F=Min(5, (Pr * .5 + Pa * .25 + As * .25)) where Pr is Project, Pa is Paper and As is the lab assignments.)
Vaksoort	master
Coördinator	F. Turkmen, PhD.
Docent(en)	F. Turkmen, PhD.
Verplichte literatuur	Titel Auteur ISBN Prijs - Not mandatory: Security Engineering: A Guide to Building Dependable Distributed Systems (3rd edition, 2021) Ross Anderson 9781119642787 €  56,00 - Not mandatory: Secure Multiparty Computation and Secret Sharing 1 2015 Ronald Cramer, Ivan Bjerre Damgård, Jesper Buus Nielsen 9781107043053 €  68,00
Entreevoorwaarden	The course assumes basic knowledge of security and thus recommends the course unit "Information Security" (WBCS004-05) to be followed earlier in the Computing Science minor. However, this is not a strict requirement since relevant reading material will be provided for self-study.
Opmerkingen	This course has limited enrollment: - CS students can always enter the course, regardless of whether the course is mandatory for them or not. - The number of enrolments for other non-CS students is limited. These students need to meet the course prerequisite requirements as mentioned on Ocasys. Priority is given to students for which the course is an official elective (see list below). - An exception can be made for exchange students, if they have a CS background: please contact the FSE International Office. See here for more info about the enrollment procedure.
Opgenomen in	Opleiding Jaar Periode Type MSc Computing Science: Data Science and Systems Complexity  (Compulsory course units) 1 semester I a verplicht MSc Computing Science: Intelligent Systems and Visual Computing  (Guided choice course units) - semester I a keuze MSc Computing Science: Science Business and Policy  (Elective course units) 1 semester I a keuze MSc Computing Science: Software Engineering and Distributed Systems  (Guided choice course units) - semester I a keuze MSc Courses for Exchange Students: AI - Computing Science - Mathematics - semester I a