See English description
“the best defense is a good offense”.
In cybersecurity, a similar saying would be that in order to know how to secure something, one needs first to know how to compromise & break it.
This is exactly what the MODAL offers: to help you understand — and try — how to “break things”. This can include topics such as:
- TCP Connection hijacking & SYN flooding
- SQL Injection attacks on WWW servers
- Heartbleed - that SSL bug that caused the whole Internet to flip out
- DNS Cache Poisoning
- ...
This course consists of a set of instructional videos, some quizzes, tutorials, a set of challenges -- and regular exchanges with your professors and instructors over WebEx.
- Tutorials serve to help students to acquire a certain set of skills. Each tutorial requires a submission of some code, which will be evaluated, and a grade for each tutorial will be given.
- Quizzes serve to allow checking that certain theoretical concepts have been acquired. Each quiz can be attempted once. Completing a quiz will give a number of points and will unblock future course activities (tutorials, videos, challenges, and more quizzes...)
- Challenges each represent "a thing to hack", such as DNS, or TCP, or DHCP, or invoking a buffer overflow, or performing a man-in-the-middle attack. Challenges will each have an explanation, and supporting material, for what is expected - but will require independent thinking. Each challenge requires a demonstration to an instructor, then submission of some code, which will be scrutinised. Based on all this, a grade will be awarded.
- Each challenge can bring you a maximum number of points, which will be indicated for the challenge.
- A submission which "does the job, nothing more, nothing less" will be given 50% of the maximum number of points, indicated for the challenge
- To get maximum points, an additional effort, such as highly modular code, flexible, robust, or supporting different attack approaches, is required.
- Each challenge can bring you a maximum number of points, which will be indicated for the challenge.
You're encouraged to work in a small group of 1-2 students for each challenge.
You will choose to work on challenges in the order you like, and you will do however many you want - or, need, in order to get enough points to pass the course.
