Systems and Software Security
Instructor | CEU Units | # of Lectures | Hours per Week | Tuition |
Benoit Morel | 4.8 | 12 | 10-15 | $2,700 |
Course Objectives
The objective of this course is to familiarize the students with the issues of cybersecurity relevant to their professional life. There is hardly any line of work in engineering and in the corporate world immune from cybersecurity concerns. This course will address the following issues:
- Analysis of a few attacks to expose the kind of methodology, tactics and strategy that tend to be used by cybercriminals
- The kind of vulnerability attackers target when they try to penetrate networks, access and/or compromise proprietary information
- Techniques used to make attacks difficult to detect. There are far more attacks taking place than known as many of them stay undetected.
- What kind of tools are used for cyber defense and their limitations. Hence the importance that the personnel working in the firm be able to understand the dangers and help in the detection of attacks.
- Computers and processors are involved in basically every component of modern products. With them come a variety of security concerns which will be discussed in this course.
- Cybersecurity is changing fast. The general press and medias are in general a mediocre source of information. The students will be informed of ways to keep informed more accurately of what is happening in the world of cybersecurity.
Prerequisites
None other than familiarity with computers.
Textbook
Because the subject of this course changes very fast, there is no text book assigned to this course. Each lecture will be accompanied by some up to date reading materials.
Topics
Lecture 1: Introduction to the subject and course
Lecture 2: Detailed analysis of the Aurora attack and its lessons
Lecture 3: Penetration attack (1): HTML code injection
Lecture 4: Penetration attack (2): Javascript code injection
Lecture 5: Penetration attack (3): SQL code injection (intro)
Lecture 6: Penetration attack (4) and the protection of database: advanced SQL attacks
Lecture 7: The technology of modern malware
Lecture 8: Tools for defense: Intrusion detection, Penetration testers
Lecture 9: Wireless and smartphone security
Lecture 10: The cybersecurity of embedded systems
Lecture 11: The cybersecurity of RFIDs, sensors and SCADA systems
Lecture 12: Cybersecurity of the future: Cloud Computing, VANET (Vehicle Ad Hoc Networks), Convergence
TBD: Project Presentations