Cybersecurity Lab

Course description:

In this course, we will study contemporary issues in computer security, with a focus on key security challenges and software tools to help discover and remediate potential security vulnerabilities. The course will be held in a computer lab, and 30-50% of class time will be spent doing hands-on lab exercises. Four main topics will be covered during the semester: software security, cryptography and network security, intrusion-detection systems, and hardware security.

The following is a tentative list of topics that may be explored in this class
Cryptography and network security
Padding oracle attacks on CBC-mode encryption
Rainbow tables for password cracking
Cryptanalysis of encryption based on stream ciphers with IV re-use
Wireless security; WEP cracking
Wireshark
The SSL protocol
Host exploitation using nmap and Metasploit
Software security
Finding security vulnerabilities in C and Java using static analysis
Buffer-overflow attacks
Symbolic execution
Dataflow anaysis
Web security
Hardware security
Hardware trojans
Security and trust in sequential circuit design
Hardware implementation of security primitives
Side-channel attacks
Intrusion detection systems (IDS)
Signature and anomaly-based IDS
Network and host-based IDS
Honeypots
IDS validation

[none]