Starting from 2021-2022 TU Eindhoven offers a fully local Information Security Technology master track where all lectures are offered on the TU/e campus. The IST track used to be part of the “TRU/e Master in Cyber Security” which was offered in collaboration with Radboud University (RU). The last intake of the TRU/e master was in 2020-2021. For more info, visit the website.
In this course, students train the skills required for doing independent research in security. The student has to be able to explore a new security topic on his/her own and present the results in oral and written form. The Seminar is a preparation for the master's thesis project. The students get a project assignment, consisting of a literature study and a practical assignment. They have to hand in a report and present their results orally to their fellow students. The reports are subjected to peer review.
The course covers a number of subjects where digital security is heavily influenced by interaction with the physical world: Fuzzy extractors, true random number generation, distance bounding, physical unclonable functions, quantum computers, quantum key exchange. The emphasis lies on the adaptation of algorithms and protocols to cope with and maximally exploit, the properties of the physical world.
The student will learn what are security protocols, which kind of flaws they can contain and how to detect and fix such flaws. The following topics are treated:
We will start discussing the technical attack vectors (XSS, SQL Injections, XSRF, drive-by download) and how these vectors are embodied in complex attacks (malware, spyware, ransomware, botnets) Then, we will see how these attacks are used in the cybercrime economy (spam, phishing, infections and money laundering). We will discuss the principles of defense technology. We will touch on the economic aspects of cyber criminality, and on the markets of cybercrime as a service. Finally, we will discuss attacks sophistication, state-sponsored attacks, and the emergence of a grey market. We will make use of case studies (e.g., Hacking Team, Stuxnet, Flame, etc).
This course focuses on data protection technologies designed to prevent the dissemination of sensitive information of individuals. The course will provide a solid introduction to the most important access control models (e.g., DAC, MAC, RBAC) and their extensions for distributed systems (e.g., RT) and usage control (e.g., UCON). The course also covers industry standards in the area of access control and privacy (e.g., XACML and EPAL). See the course website for more information.
The course is divided in THREE (3) parts.