Program analysis for cybersecurity
- UE code INFOM227
-
Schedule
30 15Quarter 1
- ECTS Credits 5
-
Language
English
- Teacher
At the end of this course, the student will be able to:
The objective of this course is to introduce the student to the main static and dynamic analysis methods in order to identify potential problems related to cybersecurity.
The course aims to introduce the different aspects of static and dynamic analysis for cybersecurity and secure software development. The content includes on the one hand the different types of static analysis: data-flow analysis and abstract interpretation (framework, termination, correction, widening, ...), inter-procedural analysis and control-flow analysis and analysis in the presence of pointers. These types of analysis will be illustrated through two practical applications: API misuse detection and project dependency analysis. On the other hand, the course includes an introduction to dynamic analysis using fuzzing: lexical fuzzing, syntactic fuzzing and semantic fuzzing. Finally, we will see how to implement these different types of analysis within an application development cycle.
The course consists of lectures and practical sessions.
The evaluation is based on the completion of a project.
Training | Study programme | Block | Credits | Mandatory |
---|---|---|---|---|
Master in Computer Science, Professional focus in Data Science | Standard | 0 | 5 | |
Master in Computer Science | Standard | 0 | 5 | |
Master in Computer Science, Professional focus in Software Engineering | Standard | 0 | 5 | |
Master in CyberSecurity, Professional focus | Standard | 0 | 5 | |
Master in Computer Science | Standard | 1 | 5 | |
Master in Computer Science, Professional focus in Software Engineering | Standard | 2 | 5 | |
Master in CyberSecurity, Professional focus | Standard | 2 | 5 | |
Master in Computer Science, Professional focus in Data Science | Standard | 2 | 5 |