Summer school

First year of the SECCLO programme concludes with a summer school.

Sightseeing tour during NTNU Summer School 2019, Photo: Thor Nielsen

Summer School (2-5 ECTS)

In the SECCLO Summer School students work as groups on a timely topic in information security. The school is organized during the summer at the end of the first study year by one of the partner universities or other organization. The first SECCLO Summer School in May 2019 was organized by NTNU on the topic of Blockchain Technologies.

Students will prepare for the summer school by forming groups and reading provided material that consists of research literature. During the summer school, the students will start a group project which they will complete after the summer school. All SECCLO students are required to participate in the summer school.

The learning goals of the summer school depend on the annual topic. Every year, there are also the following goals:

  • Students are able to work in a goal-oriented way as members of a group both locally and remotely (online).
  • Students can plan and manage their own work and take responsibility for delivering the results.

6th SECCLO Summer School on Cybersecurity and Privacy (CySeP), KTH, Stockholm, Sweden (2024)

5th SECCLO Summer School on Malware Analysis, Vierumäki, Finland (2023)

The fifth SECCLO Summer School will be organized in Vierumäki, Finland, during 29.5.-2.6.2023. Responsible professors: Davide Balzarotti EURECOM and Simone Aonzo EURECOM
Visiting scholars: Giovanni Lagorio (University of Genoa) and Lorenzo Maffia (United Nations International Computing Centre)

Course description

This introductory course aims to provide both the basic concepts and good practices to analyze malicious executable files for the Windows operating system. The course begins with a brief presentation and how the labs and exercises will be conducted, followed by a summary of the history of malware and its evolution. Then, we proceed to present both the capabilities of attackers and their objectives to help students identify particular Indicator Of Compromise (IoC) in the samples that will be analyzed during the course. The course will then describe the steps required to analyze a suspicious sample, followed by a sandbox setup, namely a safe environment for dynamically executing samples (e.g. drakvuf). Using the tools and methodologies provided in the first part of the school, the rest of the course will focus on the two main types of analysis: static and dynamic. Each phase will include both a theoretical and a technical part. The theoretical lectures, however, will also include practical exercises to understand the class’s content better and gain manual dexterity with the tools presented and installed in the virtual laboratory. Finally, each day will end with a recap session in which the instructors present the solution to assigned exercises.

Learning methods and activities
A practical involvement of every course participant is mandatory. Approximately one month before the start of the school, every participant will receive introductory material on the above topic and a set of simple, preliminary exercises. During the course, participants will receive hands-on assignments that aid the teaching of practical aspects.

Grading
80% Exercises assigned during the hands-on parts of the course 20% Participation in class discussion and activity

Recommended previous knowledge
Linux Command line familiarity. Basic knowledge of C language (e.g., syntax, compilation, memory model). Basic knowledge of Python

Course materials
Online material will be provided for all participants

4th SECCLO Summer School in Cyber Security in e-Governance, TalTech, Tallinn, Estonia (2022)

The fourth SECCLO Summer School was organized in TalTech, Estonia during 31.7.-5.8.2022. Students worked on their preparatory online Starter-Kit before the summer school.

>>Read more about 4th SECCLO Summer School (2 ECTS)

Course description

The program has a focus on e-Governance and Cyber Security lectures from practitioners working in public and private sector. During the program participants will learn how the ecosystem of e- services was built in Estonia so that there are only two things left that a local citizen cannot do online: getting married and getting divorced. The lecturers will explain how e-Estonia was the target of first nation-wide cyber-attack in 2007, how surviving this has transformed e-Estonia into strong cyber-security nation and what is being done daily to mitigate the attacks before and after they might happen. From the start-up and e-service creation side, the program will cover the topics of design process, business model validation and will approach lecturers from successful CyberTech companies. The program has a focus on business innovation and entrepreneurship, there is no need to have specific technical background to join our Summer School.

During the first part of the week, participants will learn about legal aspects of egovernance and the requirements for electronic identity, authentication, document exchange and interoperability. In the middle of the week, one day (8 hour long) hands-on cyber exercises will be organized with mentors and experts for improving practical skills and  understanding about the cybersecurity domain. In the second part of the week, experts will explain how the e-Estonian ecosystem works and how critical information infrastructure is protected in the public sector. Finally, participants will be gathered with first hand experience with cyber incidents and offensive security.

The program has practitioners from e-Governance Academy, Information Systems Authority, Cyber Defense Unit, CERT-EE and NATO Cooperative Cyber Defense Center of Excellence (CCDCOE). From the private sector, cyber security experts will be invited to share their practical knowledge in different fields, from information security management to RedTeaming operations. Global players grown from Estonia such as GuardTime, SpectX and BOLT will be approached.

Learning outcomes

  • Get the competence: Learn how disruptive technologies in cyber security have an impact on markets, businesses, and governance and how business models are changing.
  • Get the confidence: Learn the different stages of the technology development process and how to turn a business idea into a viable go-tomarket proposal.
  • Get the soft skills: Teamwork with peers and multidisciplinary professionals, tools and real business challenges will help students implement learning tools.

Learning methods and activities

As a participant in the Summer School, participants will work in teams and apply “learning by doing” to develop a mindset and skills for innovation and entrepreneurship. Participants will take this opportunity to learn and network with mentors, professors and professional intrapreneurs from the business and innovation community. A practical involvement of every course participant is mandatory. Approximately one month before the start of the school, every participant will receive introductory material on Innovation and Entrepreneurship. This is meant to level up the knowledge of all participants. During the course, participants will receive hands-on assignments that aid the teaching of practical aspects.

Grading

50% Challenges assigned during the hands-on parts of the course and participation in class discussion

50% Final report

Course materials

Online material will be provided for all participants.

3rd SECCLO Summer School in Binary Exploitation Techniques, EURECOM (2021)

The third SECCLO Summer School was organized online due to the ongoing pandemic.

>>Read more about 3rd SECCLO Summer School (5 ECTS)

Time: preparatory work 5 – 25 May 2021, intensive period 25 – 28 May 2021, French language and culture workshops by Insitut Français de Finlande 4 – 24 May 2021

Responsible Teacher: Professor Davide Balzarotti, EURECOM, France

Visiting scholars: Yanick Fratantonio (CISCO), Mariano Graziano (CISCO), Giovanni Lagorio (University of Genoa)

Course description:
The main goal of the summer school is to introduce the students to program binary exploitation techniques. The course in divided in four days. The first day will be dedicated to cover material on binary analysis, reverse engineering, debugging, and on the use of Python to script different analysis tasks. The second day will focus on the development of shellcodes and on understanding other techniques used during real attacks. Day three will then be dedicated to the detection and exploitation of security bugs affecting modern software (e.g., memory corruption and integer overflows), modern security mechanisms that have been introduced to prevent their abuse, and to the counter-techniques that are used to bypass such mechanisms. The topics of these first three days are presented for Intel 32 and 64bits CPU architectures, while the final day of the course will introduce the differences (in terms of reversing, shellcoding, and exploitation) on ARM. Special emphasis will be given to the practical aspects of these topics. Each day will start with a morning session in which an instructor will present background material in the form of slides and demos. The day will then continue with a number of practical exercises, in which students (in small groups or alone) will solve challenges of incremental complexity in a Capture-the-Flag-like setting. Finally, each day will end with a recap session in which the instructor will present the solution of the assigned exercises.

Learning outcomes:
After completion of this course, students will have acquired the following knowledge:
-How to use modern tools and extensions to analyze program binaries, reverse engineer their code, and debug their behavior;
-Understanding of a variety of software security bugs (e.g., memory corruption, integer overflows, and logic errors)
-Understanding of real-world security mechanisms and bypasses

Skills:
– Reverse engineer and debug Linux binaries
– Uncover vulnerabilities
– Gain code execution by exploiting these vulnerabilities and bypass security mechanisms

Learning methods and activities
A practical involvement of every course participant is mandatory. Approximately one month before the start of the school, every participant will receive introductory material on the above topic and a set of simple, preliminary exercises. During the course, participants will receive hands-on assignments that aid the teaching of practical aspects.

Grading:
80% Challenges assigned during the hands-on parts of the course
20% Participation in class discussion and activity

Recommended previous knowledge:
– Basic knowledge of Linux environment (e.g., command line programs)
– Basic knowledge of C (e.g., compilation, memory model)
– Basic knowledge of Python

Course materials:
Online material will be provided for all participants.

2nd SECCLO Summer School in Cyber Security (2020)

Due to COVID-19 situation, the second summer school was organized online. The topic of the summer school was cyber security.

>>Read more about 2nd SECCLO Summer School 14.4.-3.5.2020: Cyber Security (5 ECTS)

Time: 14 April – 3 May 2020, intensive period 25 April – 3 May 2020
Responsible teachers: Professor Tuomas Aura, Doctoral candidate Jacopo Bufalino
Credits: 5 ECTS
Location: online

Background

The curriculum of the SECCLO Erasmus Mundus program includes an annual summer school, where the students are expected to work as groups on a timely topic in information security. Due to the COVID-19 epidemic, the summer school had to be cancelled on a short notice. The summer course on cyber security is primarily a replacement for the cancelled event, and its learning goals remain unchanged. Since the course was implemented online, we were able to invite other students majoring in security to join the course.

Learning goals

After this course, the students have experience of offensive security analysis. They understand the penetration testing process against Windows and Linux based computer systems and know the most common tools and techniques. They are familiar with several types of security vulnerabilities in server and desktop systems. They are also able to identify and critically analyze potential new vulnerabilities. They can communicate and discuss with security professionals and are aware of the latest trends in security analysis. In the project part, the students plan their own work and carry it out in a goal-oriented way as members of a group. They use online tools for remote collaboration and presentation of the results.

Course implementation

The course consists of penetration testing exercises, which are done in an online platform; guest talks and discussion meetings; and a group project with a demo on vulnerability analysis. The course starts with a two-week preparation period with preliminary exercises and project work. The highlight of the course is a nine-day intensive period with daily online meetings for discussion and guest talks and collaborative penetration testing exercises. The course ends with demos and presentations of the project work.

The exercises are based on a carefully selected set of penetration-testing labs from the commercial Hack The Box (HTB) platform. The regular university learning platforms are used for distributing the materials, Zoom is used for the meetings, and Microsoft Teams for continuous communication among the course staff and students. During the intensive period, the course staff engages in the collaborative hacking, monitors the students’ progress, and is continuously available for guidance. The students are encouraged to help each other in an atmosphere of cooperation rather than competition.

1st SECCLO Summer School in Blockchain Technologies, NTNU, Norway (2019)

The first summer school was organized in Trondheim, Norway, in the premises of Norwegian University of Science and Technology. The summer school focused in Blockchain Technologies.

>>Read more about 1st SECCLO Summer School 20.5-24.5.2019: Blockchain Technologies (5 ECTS)

Organizing university: NTNU – Norwegian University of Science and Technology, Department of Information Security and Communication Technology, Trondheim

Responsible professor: Professor Danilo Gligoroski

Course description

This course will provide conceptual understanding of Blockchain as a public distributed database (distributed ledger) that records its immutable transactions through transparent consensus using secure cryptographic techniques. Blockchain is considered as a disruptive technology due to its impact on our modern digital society, especially in the areas of currencies and financial services, banking, contracting, governmentally regulated legal relations, identity management and anonymity and many others. This course will cover in details the blockchain operations and functionality. It will also cover current innovative directions in Blockchain technologies, opportunities and challenges.

Learning outcomes

After completion of this course, students will have the following:

Knowledge:

  • What is blockchain
  • The structure of a blockchain
  • How blockchain works, its underlying concept of transactions, blocks, proof-of-work, consensus building and its cryptographic building blocks
  • Advantages and limitations of blockchain vs traditional techniques
  • How decentralized and distributed blockchain ledger maintains its transparency, and guarantees privacy, anonymity, security and immutability
  • How cryptocurrencies work
  • What are “smart” contracts

Skills:

  • Practical understanding of how cryptocurrencies are implemented
  • How to launch a new blockchain introducing a new cryptocurrency
  • How to mine a cryptocurrency
  • How to form and join mining pools
  • How to use blockchain for applications other than cryptocurrency

Learning methods and activities

Lectures, invited lectures and laboratory exercises. An individual practical involvement of every course participant is mandatory. Approximately one month before the start of the summer course, every participant will become an early adopter of a new virtual crypto currency especially developed for the course. During the one week of the summer course there will be online quizzes to support the theoretical and practical aspects. Every participant will receive homework tasks, that will be delivered one week after the summer course. The amount of mined coins, transactions and the overall wealth at the end of the course will influence the final grade.

Grading

  • 50% The amount of mined coins in comparison with all other participants
  • 25% Online quizzes
  • 25% Final report and homeworks

Recommended previous knowledge

Basic Cryptography and Information Security. It would be very useful for participants if they have a basic knowledge of computer networks, use of Unix-like operating systems, programming languages such as C, Python, and familiarity with basic web technologies such as Javascript, PHP and SQL.

Course materials

Recommended textbook: “Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction”, by Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder, July 2016.

Online material will be provided for all participants.