This course aims at introducing basic concepts and techniques for the development of secure systems and networks. The course is formally split in two modules [CM0475] Security 1  (classes) and [CM0494] Security 2 (lab). This course used to cover cryptography which is now a separate course.

Security is one of the courses of the Laurea Magistrale (Master degree) in Computer Science at Ca’ Foscari, Venice. It is a blended course of the Ca’ Foscari e-learning program and combines traditional classroom teaching with on-line classes, tutoring, challenges and a live Capture The Flag (CTF).


  • [10 Oct. 2017] Seminar by Giancarlo Pellegrino (CISPA, Germany)
  • [20 Sep. 2017] The virtual meeting point is Slack. Read below for more information.
  • [18 Sep. 2017] This year the course will be reorganised and spread on the two semesters. The first part will cover the concepts and will be in class, with six on-line challenges, the second part will mostly be on-line with a live CTF concentrated in three days. Stay tuned for more information!


First part:

  • Written exam giving a base score;
  • Challenges giving bonus on the base score: first submitted: +1, second and third: +0.5. Students completing all the six challenges will get +1 bonus;
  • To access the bonus, solutions to challenges must include a short but clear explanation and the code of adopted scripts, exhaustively commented.

Second part:

    • The base score is the one of the first part;
    • The CTF lab is passed by each team that will implement at least a successful attack and will score better than the “idlers” team in two of the three services of the CTF (more detail will be given in class)l
    • The first three teams in the CTF will get a +2, +1, +0.5 bonus on the base score, respectively;
    • In the unlikely and unfortunate case that members of a team do not pass the CTF lab, they will need to pass an individual lab exam.

Course material and books

All of the course material will be made available on-line here. The following books might anyway provide a useful reference:

On-line resources

      • The virtual meeting point for the on-line classes is on Slack! You can automatically signup with either your or e-mail account.
      • We set up a 32bit Linux virtual machine called testbed to let you experiment with the proposed exercises. Learn more!

Table of contents (updated during the semester!)

Part 1

Part 2

    • Server-side web security lab
      • [8/3/2018] Selected topics on server-side web security (Lab 3)
      • [12/3/2018] Challenge – LITEUP (on-line class)
      • [19/3/2018] Second CTF Service – MILKYWAY (on-line class)
      • [26/3/2018] Second CTF! (on-line hacking competition)
    • Client-side web security lab
      • [9/4/2018] Advanced client-side web security threats (Lab 3)
      • [16/4/2018] Challenge – SOPOPERA (on-line class)
      • [23/4/2018] Last CTF! (on-line hacking competition)


Leave a Reply

Your email address will not be published. Required fields are marked *