ECE 750 Topic 27 - Computer Security
Instructor
Professor V. Ganesh
Course outline
This course is an introduction to computer security. I will teach this course in 4 modules. Each module consists of 4-6 lectures. The modules are:
-
MODULE
1
(Lectures
1-6):
Basic
security
concepts,
control-hijack
attacks,
malware,
software
engineering
techniques
to
prevent,
detect
and
recover
from
attacks
Introduction to computer security (confidentiality, integrity, availability). Control-hijack attacks. Ways of detecting (canaries), preventing (bug-finding using fuzzing and concolic testing), and recovering/dealing with control-hijack based exploits (ASLR or layout randomization). SYN Cookies. Malware (virus, worms,...). Techniques to detect malware using static and dynamic analysis
-
MODULE
2
(Lectures
7-10):
Basic
cryptography
Perfect security (Shannon), One-time pads, idea of computational indistinguishability, semantic security, public-key cryptography, RSA, digital signatures, side-channel attacks on cryptographic implementations
- MODULE 3 (Lectures 11-15): Security policies and principles of safe design
-
MODULE
4
(Lectures
16-22):
Browser
and
internet
security
SQL Injection, XSS scripting and CSRF attacks