Course Information
SemesterCourse Unit CodeCourse Unit TitleT+P+LCreditNumber of ECTS CreditsLast Updated Date
1BBM459Secure Programming Laboratory0+2+01406.09.2024

 
Course Details
Language of Instruction English
Level of Course Unit Bachelor's Degree
Department / Program COMPUTER ENGINEERING
Type of Program Formal Education
Type of Course Unit Elective
Course Delivery Method Face To Face
Objectives of the Course To teach students practical experience on secure programming concepts and increase their experience on program security.
Course Content Basic program security principles
Shell and operating system based threats
Overflow attacks
Input validation attacks
Web security
Code analysis and code security tests
Course Methods and Techniques Lecture, Discussion, Question and Answer, Experiment
Prerequisites and co-requisities ( BBM102 ) and ( BBM461 ) and ( BBM104 )
Course Coordinator None
Name of Lecturers Prof. Dr. Suat Ă–zdemir
Assistants None
Work Placement(s) No

Recommended or Required Reading
Resources Counter Hack Reloaded:A Step-by-Step Guide to Computer Attacks and Effective Defenses, Edward Skoudis, Tom Liston, Prentice Hall Hacking Exposed 7: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray, George Kurtz, McGraw-Hill Osborne Media Secure Coding: Principles and Practices, Mark G. Graff, Kenneth R. Van Wyk, O'Reilly Media Software Security: Building Security, Gary McGraw, Addison-Wesley Writing Secure Code: Practical Strategies and Proven Techniques for Building Secure Applications in a Networked World, Michael Howard, David LeBlanc, 2nd ed. Edition, Microsoft Press Foundations of Security: What Every Programmer Needs To Know, Neil Daswani, Christoph Kern, and Anita Kesavan Security in Computing. C. P. Pfleeger and S. L. Pfleeger, Prentice Hall
Course Notes Counter Hack Reloaded:A Step-by-Step Guide to Computer Attacks and Effective Defenses, Edward Skoudis, Tom Liston, Prentice Hall
Hacking Exposed 7: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray, George Kurtz, McGraw-Hill Osborne Media
Secure Coding: Principles and Practices, Mark G. Graff, Kenneth R. Van Wyk, O'Reilly Media
Software Security: Building Security, Gary McGraw, Addison-Wesley
Writing Secure Code: Practical Strategies and Proven Techniques for Building Secure Applications in a Networked World, Michael Howard, David LeBlanc, 2nd ed. Edition, Microsoft Press
Foundations of Security: What Every Programmer Needs To Know, Neil Daswani, Christoph Kern, and Anita Kesavan
Security in Computing. C. P. Pfleeger and S. L. Pfleeger, Prentice Hall


Planned Learning Activities and Teaching Methods
Activities are given in detail in the section of "Assessment Methods and Criteria" and "Workload Calculation"

Assessment Methods and Criteria
In-Term Studies Quantity Percentage
Project 5 % 60
Final examination 1 % 40
Total
6
% 100

 
ECTS Allocated Based on Student Workload
Activities Quantity Duration Total Work Load
Hours for off-the-c.r.stud 14 1 14
Assignments 5 12 60
Laboratory 14 2 28
General Exam Preparation 1 15 15
Total Work Load   Number of ECTS Credits 3,9 117

 
Course Learning Outcomes: Upon the successful completion of this course, students will be able to:
NoLearning Outcomes
1 Student will gain experimental experince on security problems and flaws happens during program development.
2 Student will gain basic secure programming experience.
3  
4  
5  
6  
7  
8  

 
Weekly Detailed Course Contents
WeekTopicsStudy MaterialsMaterials
1 Introduction to program security, Fundementals of secure programming
2 Attacks based on shell environment flaws
3 Integer overflow attacks
4 Buffer overflow attacks
5 Buffer overflow attacks
6 Format string attacks, Input validation attacks
7 Input validation attacks
8 Canonicalization and Directory traversal problems
9 Web environment and applications, Web application and session security
10 XSS attacks
11 XSS attacks
12 CSRF attacks
13 AJAX security, PHP security
14 Security tests and static code analysis tools
15 Preparation to Final Exam
16 Final Exam

 
Contribution of Learning Outcomes to Programme Outcomes
P1 P2 P3 P4 P5 P6 P7 P8 P9 P10 P11 P12
All 5 5 4 5 4 4 5 4 3 2 2
C1
C2
C3
C4
C5
C6
C7
C8

  Contribution: 1: Very Slight 2:Slight 3:Moderate 4:Significant 5:Very Significant

  
  https://bilsis.hacettepe.edu.tr/oibs/bologna/progCourseDetails.aspx?curCourse=2687571&lang=en