SOFTWARE SECURITY
- Academic year
- 2026/2027 Syllabus of previous years
- Official course title
- SOFTWARE SECURITY
- Course code
- CM0626 (AF:733806 AR:436308)
- Teaching language
- English
- Modality
- On campus classes
- ECTS credits
- 6
- Degree level
- Master's Degree Programme (DM270)
- Academic Discipline
- IINF-05/A
- Period
- 2nd Semester
- Course year
- 1
- Where
- VENEZIA
Contribution of the course to the overall degree programme goals
This course aims at introducing advanced concepts and techniques of software security.
In the first part of the course, we will cover software protection against reverse engineering and Man-At-The-End (MATE) attacks, with laboratory and practical examples.
In the second part of the course, we will cover various topics related to software security on different types of systems.
In the first part of the course, we will cover software protection against reverse engineering and Man-At-The-End (MATE) attacks, with laboratory and practical examples.
In the second part of the course, we will cover various topics related to software security on different types of systems.
Expected learning outcomes
The goal of the course is to transfer knowledge of
- the importance of sofware protection from MATE attacks based on reverse engineering
- the use of software protection tools like obfuscation, tamper-proofing and watermarking.
- different topics in software security: malware and cybercrime, anonymity and privacy, threat and attack modelling, e-voting systems
The labs will help experimenting with tools and acquiring practical knowledge of the topics.
- the importance of sofware protection from MATE attacks based on reverse engineering
- the use of software protection tools like obfuscation, tamper-proofing and watermarking.
- different topics in software security: malware and cybercrime, anonymity and privacy, threat and attack modelling, e-voting systems
The labs will help experimenting with tools and acquiring practical knowledge of the topics.
Pre-requirements
It is necessary to have attended the course SYSTEM SECURITY.
It is advisable to attend all the lectures as the course has theoretical and practical components.
The learning of concepts is eased by the use of software tools in the labs and discussion of practical examples.
It is advisable to attend all the lectures as the course has theoretical and practical components.
The learning of concepts is eased by the use of software tools in the labs and discussion of practical examples.
Contents
The course will present different topics:
- Binary code analysis and reverse engineering
- Software protection from analysis: obfuscations and white-box cryptography
- Software integrity protection: tamperproofing and code-guards
- Software authorship protection: watermarking and Digital Rights Management
- Software Vulnerabilities and Cyber-Threat Intelligence
- Malware analysis and Cybercrime
- Threat and Attack modelling
- Advanced topics in Software Security: e-Voting, anonymity and privacy, human factors in security.
- Binary code analysis and reverse engineering
- Software protection from analysis: obfuscations and white-box cryptography
- Software integrity protection: tamperproofing and code-guards
- Software authorship protection: watermarking and Digital Rights Management
- Software Vulnerabilities and Cyber-Threat Intelligence
- Malware analysis and Cybercrime
- Threat and Attack modelling
- Advanced topics in Software Security: e-Voting, anonymity and privacy, human factors in security.
Referral texts
Lecture Notes from the Professor, mostly based on:
1. Christian Collberg, Jasvir Nagra; Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection, 2009, Addison-Wesley Professional, ISBN 978-0321549259, First Edition.
2. Adam Shostack; Threat Modeling: Designing for Security, 2014, Wiley, ISBN 978-1118809990
3. Chris Eagle, Kara Nance; The Ghidra book: the Definitive Guide, 2020, No Starch Press, ISBN-13: 978-1-71850-102-7
4. Vijay Kumar Velu, Robert Beggs; Kali Linux for Advanced Penetration Testing- Third Edition, 2019, Packt Publishing, ISBN 978-1-78934-056-3
5. Alexey Kleymenov, Amr Thabet, "Mastering Malware Analysis: A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks", 2nd Ed., Packt Publishing, 2022, ISBN 1803240245.
1. Christian Collberg, Jasvir Nagra; Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection, 2009, Addison-Wesley Professional, ISBN 978-0321549259, First Edition.
2. Adam Shostack; Threat Modeling: Designing for Security, 2014, Wiley, ISBN 978-1118809990
3. Chris Eagle, Kara Nance; The Ghidra book: the Definitive Guide, 2020, No Starch Press, ISBN-13: 978-1-71850-102-7
4. Vijay Kumar Velu, Robert Beggs; Kali Linux for Advanced Penetration Testing- Third Edition, 2019, Packt Publishing, ISBN 978-1-78934-056-3
5. Alexey Kleymenov, Amr Thabet, "Mastering Malware Analysis: A malware analyst's practical guide to combating malicious software, APT, cybercrime, and IoT attacks", 2nd Ed., Packt Publishing, 2022, ISBN 1803240245.
Assessment methods
The assessment is based on written exam, and an optional assignment.
The written exam aims at verifying the knowledge of the different topics of the course.
The assignment is mandatory and consist of a problem to solve, or in making a presentation to the class of a research paper, or a software tool tutorial.
Solving assignments give at most 3 extra marks with respect to the the mark of the written exam.
The written exam aims at verifying the knowledge of the different topics of the course.
The assignment is mandatory and consist of a problem to solve, or in making a presentation to the class of a research paper, or a software tool tutorial.
Solving assignments give at most 3 extra marks with respect to the the mark of the written exam.
Type of exam
written
The lecturer has a duty to ensure that the rules regarding the authenticity and originality of exam tests and papers are respected. Therefore, if there is suspicion of irregular conduct, an additional assessment may be conducted, which could differ from the original exam description.
Grading scale
The marks of the written exam will be assigned along with the follwoing criteria, independently from the frequency of the course:
A. marks in the range of 18-22 will be assigned in case of sufficient knowledge and understanding of the course programme.
B. marks in the range of 23-26 will be assigned in case of discrete knowledge and understanding of the course programme.
C. marks in the range of 27-30 will be assigned in case of good or optimal knowledge and understanding of the course programme.
D. The laude will be given in case of excellent knowledge and understanding of the course programme.
A. marks in the range of 18-22 will be assigned in case of sufficient knowledge and understanding of the course programme.
B. marks in the range of 23-26 will be assigned in case of discrete knowledge and understanding of the course programme.
C. marks in the range of 27-30 will be assigned in case of good or optimal knowledge and understanding of the course programme.
D. The laude will be given in case of excellent knowledge and understanding of the course programme.
Teaching methods
Lectures will focus on theoretical elements by means of slides (frontal lessons), with related practical applications.
Participants will have to develop a small project, discussing results with the professor and the other students (active learning).
If necessary, self-assessment quizzes will be available for some topics in ordet to check the students learning and engagement.
Participants will have to develop a small project, discussing results with the professor and the other students (active learning).
If necessary, self-assessment quizzes will be available for some topics in ordet to check the students learning and engagement.
Further information
The course will be delivered in classroom.
The teaching material and the lectures are in English.
The teaching material and the lectures are in English.
Definitive programme.
Last update of the programme: 16/03/2026