GAZI UNIVERSITY INFORMATION PACKAGE - 2019 ACADEMIC YEAR

COURSE DESCRIPTION
SECURE WEB PROGRAMMING/5241310
Course Title: SECURE WEB PROGRAMMING
Credits 3 ECTS 8
Semester 2 Compulsory/Elective Elective
COURSE INFO
 -- LANGUAGE OF INSTRUCTION
  Turkish
 -- NAME OF LECTURER(S)
  Assoc.Prof.Dr. Hasan Şakir BİLGE
 -- WEB SITE(S) OF LECTURER(S)
  w3.gazi.edu.tr/~bilge
 -- EMAIL(S) OF LECTURER(S)
  bilge@gazi.edu.tr
 -- LEARNING OUTCOMES OF THE COURSE UNIT
Learning of core defense mechanisms, defense against injecting code, finding vulnerabilities in source code, developing secure web applications.
Choosing appropiate methods when solving newly encountered problems
Obtaining necessary background for further studies
 -- MODE OF DELIVERY
  The mode of delivery of this course is distance learning.
 -- PREREQUISITES AND CO-REQUISITES
  There is no prerequisite or co-requisite for this course.
 -- RECOMMENDED OPTIONAL PROGRAMME COMPONENTS
  There is no recommended optional programme component for this course.
 --COURSE CONTENT
1. Week  Introduction
2. Week  Web Application Security
3. Week  Core Defense Mechanisms
4. Week  Web Application Technologies
5. Week  Mapping the Application
6. Week  Bypassing Client-Side Controls
7. Week  Injecting Code (SQL)
8. Week  Injecting Code (Web scripting)
9. Week  Injecting Code (SOAP, XPath)
10. Week  Attacking Other Users
11. Week  Finding Vulnerabilities in Source Code (Java)
12. Week  Finding Vulnerabilities in Source Code (PHP)
13. Week  Sample Applications
14. Week  Project Presentation
15. Week  
16. Week  
 -- RECOMMENDED OR REQUIRED READING
  1. The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard, Marcus Pinto ISBN-13: 978-0470170779 2. The Open Web Application Security Project (OWASP)
 -- PLANNED LEARNING ACTIVITIES AND TEACHING METHODS
  Lecture, Question & Answer, Practice.
 -- WORK PLACEMENT(S)
  No
 -- ASSESSMENT METHODS AND CRITERIA
 
Quantity
Percentage
 Mid-terms
0
0
 Assignment
9
30
 Exercises
1
30
 Projects
1
30
 Practice
1
10
 Quiz
0
0
 Contribution of In-term Studies to Overall Grade  
30
 Contribution of Final Examination to Overall Grade  
70
 -- WORKLOAD
 Efficiency  Total Week Count  Weekly Duration (in hour)  Total Workload in Semester
 Theoretical Study Hours of Course Per Week
14
3
42
 Practising Hours of Course Per Week
0
 Reading
14
1
14
 Searching in Internet and Library
14
1
14
 Designing and Applying Materials
14
1
14
 Preparing Reports
1
30
30
 Preparing Presentation
14
1
14
 Presentation
2
14
28
 Mid-Term and Studying for Mid-Term
0
 Final and Studying for Final
1
32
32
 Other
0
 TOTAL WORKLOAD: 
188
 TOTAL WORKLOAD / 25: 
7.52
 ECTS: 
8
 -- COURSE'S CONTRIBUTION TO PROGRAM
NO
 PROGRAM LEARNING OUTCOMES
1
2
3
4
5
1Improves and deepens the field knowledge at an expert level based on undergraduate proficiency.X
2Comprehends the interactions between the computer science and other related disciplines.X
3Uses expert level theoretical and practical knowledge acquired in the computer science field.X
4Creates new knowledge by integrating the computer science knowledge and the knowledge from related disciplines.X
5Defines a problem in the computer science field.X
6Analyses the problems in the computer science field by using scientific research methods.X
7Proposes solutions to the problems in the computer science field.X
8Solves problems in the computer science field.X
9Evaluates the results within perspectives of quality processes.X
10Develops new approaches and methods by taking responsibility in complex situations in the application stages.X