Program analysis for cybersecurity
- UE code INFOM227
-
Schedule
30 15Quarter 1
- ECTS Credits 5
-
Language
Anglais
- Teacher
At the end of this course, the student will be able to:
The objective of this course is to introduce the student to the main static and dynamic analysis methods in order to identify potential problems related to cybersecurity.
The course aims to introduce the different aspects of static and dynamic analysis for cybersecurity and secure software development. The content includes on the one hand the different types of static analysis: data-flow analysis and abstract interpretation (framework, termination, correction, widening, ...), inter-procedural analysis and control-flow analysis and analysis in the presence of pointers. These types of analysis will be illustrated through two practical applications: API misuse detection and project dependency analysis. On the other hand, the course includes an introduction to dynamic analysis using fuzzing: lexical fuzzing, syntactic fuzzing and semantic fuzzing. Finally, we will see how to implement these different types of analysis within an application development cycle.
The evaluation is based on the completion of a project.
Training | Study programme | Block | Credits | Mandatory |
---|---|---|---|---|
Master 120 en sciences informatiques, à finalité spécialisée en data science | Standard | 0 | 5 | |
Master 120 en sciences informatiques, à finalité spécialisée en software engineering | Standard | 0 | 5 | |
Master 60 en sciences informatiques | Standard | 0 | 5 | |
Master 60 en sciences informatiques | Standard | 1 | 5 | |
Master 120 en sciences informatiques, à finalité spécialisée en data science | Standard | 2 | 5 | |
Master 120 en sciences informatiques, à finalité spécialisée en software engineering | Standard | 2 | 5 |