This course deals with security related to system software, networks, mobile platform, supply chains etc. It will talk about the urgent need for cybersecurity in critical computer systems, networks, and the worldwide web, and also explain various threat scenarios along with mitigation techniques in case of cyber attacks. Overall it prepares the student in all the major aspects of system security related to computers. Syllabus
Prerequisites for this course is a very strong programming background with knowledge of run-time or execution environment, usage of debuggers, and knowledge of shared libraries or dynamically linked libraries. Some knowledge of x86 assembly language or similar assembly languages will be assumed. Some knowledge of Operating Systems especially memory management, virtual memory etc. will be assumed. Familiarity with UNIX or Linux file system and access control would be beneficial in understanding some parts of the course. We will also assume that the student knows basic network protocols such as TCP/IP, DNS, routing etc. We will further assume that the student is familiar with a client/server architecture of the world-wide web -- where the browser is a client to a web server. Further, prior knowledge of a scripting language such as shell scripting, Perl, python and/or Ruby will be beneficial. Knowledge of Javascript, PHP or other web programming might be very useful. Prior familiarity with preliminaries of cyber security would be helpful but not required.
Suggested Readings as pre- requisites : https://www.securitymooc.in/prerequisite
Major, Measurable Learning Objectives Having successfully completed this course, the student will be able to:
Discover software bugs that pose cyber security threats, explain and recreate exploits of such bugs in realizing a cyber-attack on such software, and explain how to fix the bugs to mitigate such threats
Discover the various access control mechanisms, privileges and dangers of privilege escalation vulnerabilities
Discover cyber-attack scenarios to web browsers, and web servers, explain various possible exploits, recreate cyber-attacks on browsers, and servers with existing bugs, and explain how to mitigate such threats
Discover and explain cyber security holes in standard networking protocols, both in network architecture, standard protocols (such as TCP/IP, ARP, DNS, Ethernet, BGP etc.,), explain mitigation methods and revisions of standards based on cyber threats.
Discover and explain mobile software bugs posing cyber security threats, explain and recreate exploits, and explain mitigation techniques.
Articulate the urgent need for cyber security in critical computer systems, networks, and worldwide web, and explain various threat scenarios
Articulate the well-known cyber-attack incidents, explain the attack scenarios, and explain mitigation techniques
Explain the difference between Systems Cyber Security, Network Cyber Security, and cryptography, crypto-protocols etc.
Articulate the cyber threats to critical infrastructures
Outline
Here is a tentative outline for the course -- but this is not set in stone. Some topics may be excluded, and some other topics may be included depending on the progress of the course.
Section 1: Software and System Security [45%]
Control hijacking attacks – buffer overflow, integer overflow, bypassing browser memory protection
Sandboxing and Isolation
Tools and techniques for writing robust application software
Security vulnerability detection tools, and techniques – program analysis
Privilege, access control, and Operating System Security
Exploitation techniques, and Fuzzing
Section 2: Network Security & Web Security [40%]
Security Issues in TCP/IP – TCP, DNS, Routing (Topics such as basic problems of security in TCP/IP, IPsec, BGP Security, DNS Cache poisoning etc)
Network Defense tools – Firewalls, Intrusion Detection, Filtering
DNSSec, NSec3, Distributed Firewalls, Intrusion Detection tools
Threat Models, Denial of Service Attacks, DOS-proof network architecture
Security architecture of World Wide Web, Security Architecture of Web Servers, and Web Clients
Web Application Security – Cross Site Scripting Attacks, Cross Site Request Forgery, SQL Injection Attacks
Content Security Policies (CSP) in web
Session Management and User Authentication, Session Integrity
Https, SSL/TLS
Threat Modeling, Attack Surfaces, and other comprehensive approaches to network design for security
Section 3: Security in Mobile Platforms [5%]
Android security model, threat models, information tracking, rootkits
Threats in mobile applications, analyzer for mobile apps to discover security vulnerabilities
Viruses, spywares, and keyloggers and malware detection
Section 4: Introduction to Hardware Security, Supply Chain Security [5%]
Threats of Hardware Trojans and Supply Chain Security
Side Channel Analysis based Threats, and attacks
Section 5: Issues in Critical Infrastructure and SCADA Security [5%]
Security issues in SCADA
IP Convergence Cyber Physical System Security threats
Threat models in SCADA and various protection approaches
Role of Machine learning in SCADA Security