Web and Internet Security (Securitate Web și în Internet)

Important:

  • Please join the Team using the code thbhbvi.
  • In the course Team, in the General channel, Shared tab, Class Materials folder, you will find the proposed schedule and the available slots for presentations (available starting with week 2 of the semester). In order to avoid wasting slots, please sign up in advance for presentations (also read carefully the requirements related to presentations and this activity on the course page). The deadline for choosing the topic and reserving a presentation slot is April 5, 2026 (the end of week 6 of the semester). To “gently” motivate you 😊, every week of delay in choosing the topic or presentation slot will result in a deduction of one point from this activity.
  • In the middle of the semester a midterm exam will take place. The exact week (date) will be announced in advance.
  • On Teams, in the General channel, Shared tab, Class Materials folder, I will periodically post the materials presented during the lectures.

Course instructor

Assoc. Prof. Dr. Darius Bufnea, darius.bufnea at ubbcluj dot ro.
Important: Students who contact me by email for various reasons are kindly asked to write from the official email address provided by the faculty or university.

Course content and topics of the teaching activities

  • Presentation of the bibliography and the structure of the course. Requirements and evaluation.
  • Computer vulnerabilities. Security policies and security aspects at different levels of the TCP/IP stack.
  • History of cyber attacks. Malware (classification). Virusology. Anatomy of a computer virus. Antivirus systems. Spyware and adware. Applications of these in e-commerce. Botnet networks.
  • Computer vulnerabilities. Security of operating systems.
  • Security of Internet server systems. Security architectures in enterprise networks.
  • Security of local networks. Firewall mechanisms (host-based, router-based). Network and host scanning. Types of scans.
  • Local attacks and remote attacks. Privilege escalation.
  • DDoS attacks, flood.
  • Buffer overflow. Anatomy of an exploit. Shellcode.
  • Web application security. SQL Injection. SMTP Injection. Cross Site Scripting. CSRF. Unrestricted file upload. OWASP.
  • Encryption algorithms based on public keys and private keys. Digital signatures. Digital certificates.
  • Public key infrastructures and services associated with them.
  • Email security. DKIM. Antispam mechanisms: Bayesian spam filters, DNS-based blacklists. PGP.
  • Security protocols at the network and transport level. IPSec. SSL and TLS. VPN.
  • Security at the physical and data link level.
  • Social engineering vulnerabilities. Cybercrime. Ensuring user privacy.

Requirements and evaluation method

  • 40%: Presentation given on a cybersecurity topic, accompanied obligatorily by a PowerPoint presentation. The presentation may also be accompanied by a written report, a practical demonstration, an application/system developed by the student, etc. In grading this activity, the following aspects will be taken into account:
    • the quality of the presentation in terms of form and content;
    • the degree of complexity of the chosen topic and the student’s technical understanding of it (for example, in the case of presenting a vulnerability and how it can be exploited, using an exploit “found” on the Internet without understanding how it works will not be graded);
    • the choice of the practical work topic and the originality of the topic selected for the presentation will also be taken into account (please do not choose topics already proposed by other colleagues).

    Remarks:

    • The student must schedule the presentation in advance; scheduling can be done during seminar hours or by email. At the moment of scheduling the presentation and reserving a slot, the topic must also be fixed; it is not possible to schedule a presentation without establishing the topic. The chosen topic must be respected. The number of presentations is limited to four per hour. If a student does not schedule in advance and there are no available slots left, this activity is considered not completed and will be graded with 1. During the exam session and the retake session this activity cannot be recovered (presentations cannot be given).
    • In addition to the presentation, the student can obtain points (counted within the 40% allocated to the presentation) also by:
      • proposing multiple-choice questions on cybersecurity topics. 0.25 points will be awarded for each proposed question if the question is considered a “good” one. A maximum of 2 points can be obtained this way. The deadline for proposing multiple-choice questions is week 14 of the semester;
      • Students may also obtain points by solving some of the problems proposed on this page on cybersecurity topics.
  • 60%: the average between the grade obtained at the midterm exam held in the middle of the semester and the grade obtained at the final exam during the exam session. If the student attends the midterm exam, at the final exam they will be evaluated only on the material presented in the second half of the semester. Otherwise (attendance only at the final exam during the session), the student will be evaluated on the entire material, and the maximum grade that can be awarded for the first half of the material is 8. Remark: in the retake session it is possible to take either the midterm exam, the final exam, or both. If the student did not take the midterm exam during the semester, even in the retake session the maximum grade that can be awarded for the material from the first half of the semester is 8.

Passing conditions:

  • The student may pass even without giving the presentation during the semester. However, in its absence this activity will be graded with 1 (see also the observations regarding the possibility of obtaining additional points for this activity).
  • Minimum average 5 between the two exam grades (the midterm exam and the final exam).
  • Minimum final average 5 between the presentation during the semester (40%) and the exam average (60%).

Course resources

The lecture notes and course resources are available on Teams (team code thbhbvi), in General → Shared tab → Class Materials → course materials folder.

Available presentation slots

In the course Team, in General → Shared tab → Class Materials, you will find the proposed schedule and the available slots for presentations. In order to avoid wasting slots, please sign up in advance for presentations (also read carefully the requirements related to presentations and this activity on the course page).

Problems to solve during the semester

Students who do not give a presentation during the semester (but not only them) may obtain points for this activity by solving these problems. Depending on the number of solutions received, it is possible that during the semester new problems will appear (and some old ones may no longer be available).

Problem #1

The system named teste.cs.ubbcluj.ro presents a number of vulnerabilities. Once one vulnerability is exploited (level 1), a second one can be exploited (level 2). Each time you pass a level, in a file with a suggestive name you will be congratulated and you will discover a secret phrase (there is a secret phrase for each level).

You are required to send by email a description of the steps performed together with the secret phrase obtained at each level. The first two students who pass level 1 receive 4 points, the next two receive 3 points, the next two receive 2 points, and the next two receive 1 point (points will be awarded to the first eight students who pass the first level). Passing level 2 is graded in a similar way.

Those who manage to pass a level are kindly asked not to alter the system, in order to allow other colleagues the possibility to obtain points as well.

Other problems

Other problems are available in the course notes that will be made available periodically.

Bibliography

  1. Justin Pot: A History of Computer Viruses & The Worst Ones of Today;
  2. Jeremy Paquette: A History of Viruses;
  3. Timeline of computer viruses and worms;
  4. Computer virus;
  5. Al. Vancea et al.: Programarea in limbaj de asamblare 80×86, Exemple si aplicatii, pag. 317-323, Ed. Risoprint, 2005;
  6. Moheeb Abu Rajab, Lucas Ballard, Panayiotis Mavrommatis, Niels Provos, Xin Zhao: The Nocebo* Effect on theWeb: An Analysis of Fake Anti-Virus Distribution;
  7. Martin Boldt: Privacy-Invasive Software, cap. 2, cap. 7;
  8. Privacy-Invasive software;
  9. Rootkit;
  10. Steve Hanna: Shellcoding for Linux and Windows Tutorial;
  11. Writing shellcode;
  12. Lisa Bogar: SUID, SGID;
  13. Oskar Andreasson: Iptables Tutorial;
  14. Explain Linux / UNIX TCP Wrappers;
  15. Port Scanning – How a Port Scan Works;
  16. James Messer: Secrets of Network Cartography: A Comprehensive Guide to nmap;
  17. TCP Idle Scan;
  18. V. V. Patriciu: Semnaturi electronice si infrastructuri de securitate, Master’s Programme in Distributed Systems on the Internet course slides, Babeș-Bolyai University, 2009 (the course slides are available on Teams).
  19. DomainKeys Identified Mail (DKIM);
  20. OpenSSL: The Open Source toolkit for SSL/TLS, www.openssl.org;
  21. Steve Friedl: An Illustrated Guide to IPsec.