v2.11.0 (5648)

Modal - INF473X : Modal d'informatique - Cybersecurity - The Hacking Xperience

Domaine > Chimie, Informatique.

Descriptif

As anybody, familiar with 1970s sitcoms can confirm, Mel, the cook on Alice used to say:

    “the best defence is a good offence”.

In cybersecurity, a similar saying would be that in order to know how to secure something, one needs first to know how to compromise & break it.

This MODAL will exercise exactly that. Through a set of lessons, tutorials, and challenges, we will understand — and try out — how to “break things”. This may include topics such as:

 

  • TCP Connection Hi-jacking & SYN flooding
  • SQL Injection attacks on WWW servers
  • Heartbleed - that SSL-bug that caused the whole Internet to flip out
  • DNS Cache Poisoning
  • ...

We will also call on outside experts, to present their experiences, favourite attacks, and possible countermeasures.

The practical part of this course consists of a set of tutorials and a set of challenges.

  • Tutorials: are optional, and serve to help students who need them acquire a certain set of skills. Each tutorial requires a submission of some code, which will be evaluated, and a grade (0-5) will be awarded.
  • Challenges: each represent "a thing to hack", such as DNS, or TCP, or DHCP, or invoking a buffer overflow, or performing a man-in-the-middle attack, or ... Challenges will each have an explanation, and supporting material, for what is expected - but will require independent thinking. Each challenge requires a submission of some code, which will be evaluated, and a grade (0-10) will be awarded. Note that a code submission which "does the job, nothing more, nothing less" will be graded 5. Grades in the interval (5-10) reflect an additional effort, such as highly modular code, flexible, robust, or supporting different attack approaches.  

You're encouraged to work in a small group of 1-2 students for each challenge.

You will chose to work on challenges in whichever order you like, and you will do however many you want - or, need, in order to get enough points to pass the course. 

Prerequisites:

INF321 or INF311+INF411

(Having followed INF421 and/or INF431 probably won't harm you irrevocably)

 

10 blocs ou créneaux

effectifs minimal / maximal:

/48

Diplôme(s) concerné(s)

Parcours de rattachement

Pour les étudiants du diplôme Echanges PEI

INF321 or INF311+INF411 (Having followed INF421 and/or INF431 probably won't harm you irrevocably)  

Format des notes

Numérique sur 20

Littérale/grade réduit

Pour les étudiants du diplôme Echanges PEI

Le rattrapage est autorisé (Note de rattrapage conservée)
    L'UE est acquise si note finale transposée >= C
    • Crédits ECTS acquis : 6 ECTS

    Le coefficient de l'UE est : 13

    La note obtenue rentre dans le calcul de votre GPA.

    La note obtenue est classante.

    Pour les étudiants du diplôme Titre d’Ingénieur diplômé de l’École polytechnique

    Le rattrapage est autorisé (Note de rattrapage conservée)
      L'UE est acquise si note finale transposée >= C
      • Crédits ECTS acquis : 6 ECTS

      Le coefficient de l'UE est : 13

      La note obtenue rentre dans le calcul de votre GPA.

      La note obtenue est classante.

      Veuillez patienter