Swedish web site
Ethical Hacking2025HT
|
|
Course plan
No of lectures
5
Recommended for
PhD students interested in learning about software and systems security, including practical vulnerability assessment and mitigation as well as ethical concerns.
The course was last given
New course
Goals
- Explain laws, regulations and policies related to ethical hacking.
- Reflect orally and in writing on the ethics of work and studies related to
cyber security.
- Perform reconnaissance and identification of systems, protocols, software,
vulnerabilities and possible attack vectors.
- Adapt and analyze existing exploits, and use these to attack isolated test
systems in multiple stages.
- Identify and evaluate possible vulnerabilities in small-scale networks.
- Propose, implement and evaluate mitigations to protect systems attacked by
others.
Prerequisites
- Basic knowledge of system administration (e.g. Linux)
- Basic networking
- Basic security
- Basic programming
Organization
Theory on methods of penetration testing and other relevant techniques are presented in lectures. Ethical hacking capabilities are developed through self studies in pairs. The practical parts of the course are evaluated by capturing flags and implementing new functionality in an isolated network environment, in addition to written reflections and assessments. Ethical positions are discussed in seminars.
Content
Basic rules and ethics
Reconnaissance, information sources and tools
Penetration testing (according to Mitre)
Red/blue team practice
Vulnerability identification and assessment
Mitigation design and implementation
Literature
Online resources
Lectures
1. Course introduction
2. Laws and regulation
3. Ethics
4. Penetration testing theory, frameworks and techniques
5. Mitigation techniques
Examination
- Ethics essay and seminar 1hp
- Capture-the-flag exercises and writeups 3hp
- Assignment based on threat assessment and mitigation 2hp
Examiner
Mikael Asplund, course leader: Charilaos Skandylas
Credits
6
Comments
The course is based on a master-level course (TDDE61), but is expanded with an a more in-depth ethical essay and the assignment on threat assessment and mitigation.
Page responsible: Anne Moe
