Hide menu

TDDC90 Software Security

Labs


General information

Sign up for the labs! Sign-up deadline is November 8.

All three labs must be completed (and given a pass by the lab assistant) before the deadline. You will work at your own pace, but we recommend that you participate in the lab sessions and try to complete the labs according to the schedule. The labs will become easier if you spend some time reading before doing them. You will find reading material on the page with additional reading material.

Deadline: December 15:th at 23:59PM. Lab reports handed in after the deadline will be corrected in March. Reports handed in after the first of March will be corrected in June. After the first of June you will have to complete the labs that are part of the coming edition of the course.

PONG

This is the largest lab in the course. You will be working with several aspects of software security using the same codebase throughout.

Alireza Mohammadinodooshan will supervise this lab.

Lab description: LAB-PONG.pdf

Hand-in instructions: Lab reports should be submitted in pdf format to Alireza Mohammadinodooshan (alireza.mohammadinodooshan@liu.se).

Web Security (WEBSEC)

In this lab you will try out some of the vulnerabilities that have been discussed in the course. You will also be given the opportunity to look at how to mitigate the risks that these vulnerabilities pose.

Alireza Mohammadinodooshan will supervise this lab.

Lab description: LAB-WEBSEC.pdf

Hand-in instructions: Lab reports should be submitted in pdf format to Alireza Mohammadinodooshan (alireza.mohammadinodooshan@liu.se).

Note: We have observed a technical problem where the web server in the websec virtual machine appears to fail, leading to an "Unable to connect" error. We are looking into the problem, but in the meantime, simply restarting the VM usually helps. If you experience multiple consecutive failures, you can also try to log out and back in again.

Static Analysis (STATIC)

Ahmed Rezine (ahmed.rezine@liu.se) will supervise the lab. (Note that Alireza will NOT be a supervisor for this lab.)

Lab description: LAB-STATIC.pdf (Note that, even though the lab description instructs to connect to ThinLinc, it works equally well to use the computers in the SU-rooms.)

Lab files: sana.zip

Hand-in instructions: As part of the lab you will need to demo your solution to Ahmed. After being passed on the demo, hand in your lab solution (as a pdf) via email to Ahmed. .


Page responsible: Ulf Kargén
Last updated: 2023-11-10