Carnegie Mellon University

Cybersecurity and Information Warfare


Benoit Morel

Number of Lectures


Course Description 

This course is intended as an introduction to the vast and complicated world of cybersecurity. Cybersecurity has become the most complex threat to modern societies. This course tries to reflect some of that complexity. The complexity has a technical dimension: computers are complicated objects. Few if any understand fully what is happening inside them. At any given time, there is a lot of activity taking place in the background that the user cannot monitor closely. Most of it is legitimate and necessary. But if some malicious activity is involved, tools are needed to detect it. Tools like AntiVirus software are important to have. But closer inspection shows how limited the protection is against modern malware.

The internet was an experiment: trying to make networks of computers interact using a then new technology: packet switching. It was so difficult to make it work that the priority was to not build a robust infra-structure.  That experiment grew completely out of the control of its creators, with difficulty to become the foundation of the largest infra-structure shared by the whole wide world... A lot of the complexity of cybersecurity today stems from that. Some critical components of that infra-structure like the Domain Name System or the Border Gateway Protocol have to be reconsidered and made secure. Considering the size of the internet today and the number of its users (about 2 billion), whatever modification is introduced must satisfy a stringent requirement of backward compatibility to be minimally acceptable.

Another origin of the complexity of cybersecurity is the security of web applications. Most of the time when people go on the internet, they actually go on the web. Thanks to mark up languages like HTML, the HTTP protocol and the power of Javascript, the web is full of exciting functionalities. It is easy to understand its appeal. But it is significantly more difficult to ensure that cybercriminals are not able to exploit the myriad of new opportunities that these new functionalities introduce. Unfortunately, requiring that new functionalities are introduced with security in mind is unrealistic and potentially stifling innovation. Hence, web application security is going through a phase of increasing complexity with no relief in sight. Still the web is where some of the most critical activities take place, like bank transactions.

The web is not the only arena of revolutionary changes relevant to cybersecurity. Also effected is the wireless revolution, the increasing use of new platforms like smartphones and tablets, the increasing importance of cloud computing, the proliferation of embedded systems, even more pervasive use of RFIDs, the cyberization of infra-structures, appliances. This course is also about conveying the sense that:  however vast and complex the field may be today... tomorrow could be worse.



Recommended Textbook



  • Lecture 1:   Introduction to Cybersecurity
  • Lecture 2:   Computer Infections
  • Lecture 3:   Examples of Computer Infections and Their Detection
  • Lecture 4:   Malware Analysis:  The Example of the Agent.btz Attack
  • Lecture 5:   Reverse Engineering of Malware
  • Lecture 6:   Buffer Overflows and Dangling Pointers
  • Lecture 7:   Evolution of Malware
  • Lecture 8:   Web Application Security
  • Lecture 9:   Phishing and Cross Site Request Forgery
  • Lecture 10: Modern Attacks and the Challenge They Represent to Defense
  • Lecture 11: Intrusion Detection and Defenses
  • Lecture 12: The Domain Name System
  • Lecture 13: DNS Rebinding and BGP Vulnerabilities
  • Lecture 14: Authentication and Attribution
  • Lecture 15: Keeping Secrets in Cyperspace
  • Lecture 16: New Technologies and the Future of Cybersecurity