Security is at the forefront of the currents of computing news. Fraud has taken a front seat in the Internet, and is already causing significant financial losses that are climbing. The innovations in computer crime has blown the lid on many inherent flaws in our computing infrastructure (i.e. use of passwords) and financial infrastructure (i.e. use of credit card and account numbers). We are coasting in denial and spreading the losses and hoping things will get better.
From Evil Twins to Pharming, from SQL to Rootkits the march of attack discovery is outpacing the fixes. The sinister truth is well stated by a trade magazine that said Computing at home has never been so powerful - and treacherous. Just as millions of Americans are buying new PCs and signing up for blur-fast Internet connections, cybercrooks are hatching schemes to take control of their machines.
This short course covers software techniques, hardware techniques, protocols and cryptography, which form the arsenal of our current crop of countermeasures. Participants learn about the wide variety of techniques used by attackers to gain personal information and financial gains and cover the countermeasures that are being deployed with limited success. We cover the variety of new tricks that play cat and mouse between fraudsters and security experts. The program also discusses the inherent design defects that lead to unintended consequences. In addition, the latest research techniques and academic protocols that can stem the tide of attacks (virtualization, integrity checking, link farm detection, and so on) will be discussed.
This program is designed for computer professionals familiar with software design, web transactions and basics of networking. Topics covered in the program include types of attacks, defenses using virus detection and cryptography; Cryptographic techniques such as encryption, public keys, digital certificates and secure communications used to provide data security; PKI systems, digital certificates, digital signatures and challenge response systems provide the more advanced levels of data and identity security, using cryptography and non-tamperable hardware. The course is aimed at computer professionals with an interest in computer security, network security and cryptography. The audience will benefit from increased awareness of attack techniques and cryptographic countermeasures especially the emerging deployment of digital certificates and digital signatures.