About the course
This course covers the fundamental concepts of Cyber Security and Cyber Defense. The course will cover the Software and System Security, in which, you will learn about control hijacking attacks, which includes buffer overflow, integer overflow, bypassing browser and memory protection. Then you will get some knowledge of what is Sandboxing and Isolation, what are the tools and techniques for writing robust application software. Then you will learn about what are the security vulnerability detection tools, and techniques which include program analysis (static, concolic and dynamic analysis). After that, you will know about privilege, access control, Operating System Security, Exploitation techniques, and Fuzzing.
Then the course will cover Network Security & Web Security, in which you will learn about Security Issues in TCP/IP, which includes TCP, DNS, Routing (Topics such as basic problems of security in TCP/IP, IPsec, BGP Security, DNS Cache poisoning etc), Network Defense tools such as Firewalls, Intrusion Detection, Filtering. Then, you will learn about DNSSec, NSec3, Distributed Firewalls, Intrusion Detection tools, Threat Models, Denial of Service Attacks, DOS-proof network architecture, Security architecture of World Wide Web, Security Architecture of Web Servers, and Web Clients. Then, you will learn about the Web Application Security which includes Cross Site Scripting Attacks, Cross Site Request Forgery, SQL Injection Attacks. After that, the course will cover Content Security Policies (CSP) in web, Session Management and User Authentication, Session Integrity, Https, SSL/TLS, Threat Modeling, Attack Surfaces, and other comprehensive approaches to network design for security.
Next, you come to Security in Mobile Platforms, where you will learn about Android vs. ioS security model, threat models, information tracking, rootkits, Threats in mobile applications, analyzer for mobile apps to discover security vulnerabilities, Viruses, spywares, and keyloggers and malware detection. Then, it will cover Introduction to Hardware Security, Supply Chain Security, in which you will learn about Threats of Hardware Trojans and Supply Chain Security, Side Channel Analysis based Threats, and attacks. At last, the course will cover, Issues in Critical Infrastructure and SCADA Security in which, you will learn about Security issues in SCADA, IP Convergence Cyber Physical System Security threats, Threat models in SCADA and various protection approaches, Machine learning and SCADA Security.
After completing this course, you will be able to:
- Discover software bugs that pose cyber security threats, explain and recreate exploits of such bugs in realizing a cyber attack on such software, and explain how to fix the bugs to mitigate such threats
- Discover cyber attack scenarios to web browsers, and web servers, explain various possible exploits, recreate cyber attacks on browsers, and servers with existing bugs, and explain how to mitigate such threats.
- Discover and explain cyber security holes in standard networking protocols, both in network architecture, standard protocols (such as TCP/IP, ARP, DNS, Ethernet, BGP etc), explain mitigation methods and revisions of standards based on cyber threats.
- Discover and explain mobile software bugs posing cyber security threats, explain and recreate exploits, and explain mitigation techniques.
- Articulate the urgent need for cyber security in critical computer systems, networks, and world wide web, and explain various threat scenarios
- Articulate the well known cyber attack incidents, explain the attack scenarios, and explain mitigation techniques
- Explain the difference between Systems Cyber Security, Network Cyber Security, and cryptography, crypto-protocols etc.
- Articulate the cyber threats to critical infrastructures
- Boost your hireability through innovative and independent learning.
The course can be taken by:
Students:All students who are pursuing any technical / professional courses related to computer science / Information Technology.
Teachers/Faculties: All computer science teachers/faculties who wish to acquire new skills.
Professionals: All technical professionals, who wish to upgrade their skills.
Why learn Computer Systems Security?
- 24X7 Access: You can view lecture as per your own convenience.
- Online lectures: ~16 hours of online lecture with high-quality video.
- Updated Quality content: Content is latest and gets updated regularly to meet the current industry demands.
Test & Evaluation
There will be a final test containing a set of multiple choice questions. Your evaluation will include the scores achieved in the final test.
Certification requires you to complete the final test. Your certificate will be generated online after successful completion of course.
Topics to be covered
- Computer System Security Introduction
- Interview with Prof.Sandeep Shukla CSE IIT kanpur
- What is computer security and what to learn?
- Learning objectives
- Sample Attacks
- The Marketplace for vulnerabilities
- Error 404 Hacking digital India part 1 chase
- Computer System Security Module 01
- Control Hijacking
- More Control Hijacking attacks integer overflow
- More Control Hijacking attacks format string vulnerabilities
- Defense against Control Hijacking - Platform Defenses
- Defense against Control Hijacking - Run-time Defenses
- Advanced Control Hijacking attacks
- Computer System Security Module 02
- Confidentiality Policies
- Confinement Principle
- Detour Unix user IDs process IDs and privileges
- More on confinement techniques
- System call interposition
- Error 404 digital Hacking in India part 2 chase
- Computer System Security Module 03
- VM based isolation
- Confinement principle
- Software fault isolation
- Intrusion Detection Systems
- Computer System Security Module 04
- Secure architecture principles isolation and leas
- Access Control Concepts
- Are you sure you have never been hacked Sandeep Shukla
- Unix and windows access control summary
- Other issues in access control
- Introduction to browser isolation
- Computer System Security Module 05
- Web security landscape
- Web security definitions goals and threat models
- HTTP content rendering
- Browser isolation
- Security interface
- Cookies frames and frame busting
- Computer System Security Module 06
- Major web server threats
- Cross site request forgery
- Cross site scripting
- Defenses and protections against XSS
- Finding vulnerabilities
- Secure development
- Computer System Security Module 07
- Basic cryptography
- Public key cryptography
- RSA public key crypto
- Digital signature Hash functions
- Public key distribution
- Real world protocols
- Basic terminologies
- Email security certificates
- Transport Layer security TLS
- IP security
- DNS security
- Computer System Security Module 08
- Internet infrastructure
- Basic security problems
- Routing security
- DNS revisited
- Summary of weaknesses of internet security
- Link layer connectivity and TCP IP connectivity
- Packet filtering firewall
- Intrusion detection
- Concluding remarks
- Computer System Security - Final-Quiz