In the course, we introduce the basic concepts and terminology of computer security. It covers basic security topics such as cryptography, operating systems security, network security, malware, and language-based security.
Conversant with the basic terminology and concepts of computer security.
Understand basic security threats to systems and networks.
Be familiar with basic strategies used to protect systems and networks.
Be able to analyze, design, and build secure systems of basic complexity.
Textbook
Stamp, Mark, Information Security: Principles and Practice (3rd Edition), Wiley, 2021, ISBN: 978-1-119-50588-4
Major Topics Covered in Course
Cryptography including symmetric cryptography, asymmetric cryptography, certificates and public key infrastructure, cryptographic hashes, and basic math background
Cryptographic protocols (ssl, tls, ssh, Kerberos, etc), attacks, and defenses
Operating System Security including memory protection, access control, authentication, authorization, and file system security
Network Security including firewalls, intrusion detection/prevention, security protocols, attacks on protocols, and defenses
Software security. Secure software engineering, defensive programming, buffer overruns and other implementation flaws.
Web security including injection attacks, cross site scripting attacks, sql and code injection attacks, as well as defending against attacks.
Malware including viruses, trojan horses, and botnets
If time permits:
Information hiding (Steganography)
Secret Splitting
Forensics