Computer Science


Software Security

COMPSCI 725 S2 C

Lecturer Clark Thomborson
Office hours Mon 2-3pm and Wed 3-4pm, in room 303S.593
Scheduled lectures

Time

Room

Monday 12-1pm

303S.279

Wednesday 4-5pm

303S.279

Friday 3-4pm

303S.279

Assessment 60% examination, 25% project, 15% seminar.
Exam date (to be advised)
Texts recommended
  • Mark Stamp, Information Security: Principles and Practice, John Wiley & Sons, Inc., September 2005, ISBN: 0-471-73848-4.
  • Students will read approximately 30 technical articles during the first eight weeks of this paper. These will be the basis of our in-class discussions. Most of these articles are available online; I will hand out hardcopies of the other articles.
  • Please note that the licenses of some of our Library's online databases do not grant permission to make additional copies, even for classroom use.  Students will have to download these articles through http://www.library.auckland.ac.nz/.
Description Software security is taking on new importance as e-commerce moves from hype to reality. Software systems are susceptible to a variety of attacks including eavesdropping, playback, denial of service, and unauthorised use. In this paper we will survey the field of software security, with a particular focus on technical and legal means for protection against unauthorised use.

Topics include
  • denial of service, privacy violations, primary and collateral damage;
  • eavesdropping, playback, binary tampering during delivery, introduction of hostile code, malicious hosts;
  • unauthorised use by copying, dongle mimicry, decompilation and recompilation, reverse engineering;
  • software patents, copyrights, trade secrets;
  • sandbox, blackbox, and cryptographic security;
  • steganography;
  • obfuscation, robust and fragile watermarks, fingerprints.
Policy on Cheating and Plagiarism The University of Auckland will not tolerate cheating, or assisting others to cheat, and views cheating in coursework as a serious academic offence. The work that a student submits for grading must be the student's own work, reflecting his or her learning. Where work from other sources is used, it must be properly acknowledged and referenced. This requirement also applies to sources on the world-wide web. A student's assessed work may be reviewed against electronic source material using computerised detection mechanisms. Upon reasonable request, students may be required to provide an electronic version of their work for computerised review.

See http://www.cs.auckland.ac.nz/CheatingPolicy.php for more information.


Apply now!


Handbook

Postgraduate study options

Computer Science Blog



Please give us your feedback or ask us a question

This message is...


My feedback or question is...


My email address is...

(Only if you need a reply)

A to Z Directory | Site map | Accessibility | Copyright | Privacy | Disclaimer | Feedback on this page