First year of the SECCLO programme concludes with a summer school.
Sightseeing tour during NTNU Summer School 2019, Photo: Thor Nielsen
In the SECCLO Summer School (5 ECTS) students work as groups on a timely topic in information security. The school is organized in May-June at the end of the first study year by one of the partner universities. The first SECCLO Summer School in May 2019 was organized by NTNU on the topic of Blockchain Technologies.
Students will prepare for the summer school by forming groups and reading provided material that consists of research literature. During the summer school, the students will start a group project which they will complete after the summer school. All SECCLO students are required to participate in the summer school.
The learning goals of the summer school depend on the annual topic. Every year, there are also the following goals:
Due to COVID-19 situation, the second summer school is organized online. The topic of the summer school is cyber security.
Time: 14 April – 3 May 2020, intensive period 25 April – 3 May 2020
Responsible teachers: Professor Tuomas Aura, Doctoral candidate Jacopo Bufalino
Credits: 5 ECTS
Location: online
Background
The curriculum of the SECCLO Erasmus Mundus program includes an annual summer school, where the students are expected to work as groups on a timely topic in information security. Due to the COVID-19 epidemic, the summer school had to be cancelled on a short notice. The summer course on cyber security is primarily a replacement for the cancelled event, and its learning goals remain unchanged. Since the course was implemented online, we were able to invite other students majoring in security to join the course.
Learning goals
After this course, the students have experience of offensive security analysis. They understand the penetration testing process against Windows and Linux based computer systems and know the most common tools and techniques. They are familiar with several types of security vulnerabilities in server and desktop systems. They are also able to identify and critically analyze potential new vulnerabilities. They can communicate and discuss with security professionals and are aware of the latest trends in security analysis. In the project part, the students plan their own work and carry it out in a goal-oriented way as members of a group. They use online tools for remote collaboration and presentation of the results.
Course implementation
The course consists of penetration testing exercises, which are done in an online platform; guest talks and discussion meetings; and a group project with a demo on vulnerability analysis. The course starts with a two-week preparation period with preliminary exercises and project work. The highlight of the course is a nine-day intensive period with daily online meetings for discussion and guest talks and collaborative penetration testing exercises. The course ends with demos and presentations of the project work.
The exercises are based on a carefully selected set of penetration-testing labs from the commercial Hack The Box (HTB) platform. The regular university learning platforms are used for distributing the materials, Zoom is used for the meetings, and Microsoft Teams for continuous communication among the course staff and students. During the intensive period, the course staff engages in the collaborative hacking, monitors the students’ progress, and is continuously available for guidance. The students are encouraged to help each other in an atmosphere of cooperation rather than competition.
The first summer school was organized in Trondheim, Norway, in the premises of Norwegian University of Science and Technology. The summer school focused in Blockchain Technologies.
Organizing university: NTNU – Norwegian University of Science and Technology, Department of Information Security and Communication Technology, Trondheim
Responsible professor: Professor Danilo Gligoroski
This course will provide conceptual understanding of Blockchain as a public distributed database (distributed ledger) that records its immutable transactions through transparent consensus using secure cryptographic techniques. Blockchain is considered as a disruptive technology due to its impact on our modern digital society, especially in the areas of currencies and financial services, banking, contracting, governmentally regulated legal relations, identity management and anonymity and many others. This course will cover in details the blockchain operations and functionality. It will also cover current innovative directions in Blockchain technologies, opportunities and challenges.
After completion of this course, students will have the following:
Knowledge:
Skills:
Lectures, invited lectures and laboratory exercises. An individual practical involvement of every course participant is mandatory. Approximately one month before the start of the summer course, every participant will become an early adopter of a new virtual crypto currency especially developed for the course. During the one week of the summer course there will be online quizzes to support the theoretical and practical aspects. Every participant will receive homework tasks, that will be delivered one week after the summer course. The amount of mined coins, transactions and the overall wealth at the end of the course will influence the final grade.
Basic Cryptography and Information Security. It would be very useful for participants if they have a basic knowledge of computer networks, use of Unix-like operating systems, programming languages such as C, Python, and familiarity with basic web technologies such as Javascript, PHP and SQL.
Recommended textbook: “Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction”, by Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder, July 2016.
Online material will be provided for all participants.