Information Security - 5 - Secure Systems Engineering
Offered By: Indian Institute of Technology Madras via Swayam
Course Description
Overview
With the increase in the threat of cyber-security attacks, it is important to develop computer systems that are not only efficient but also secure. This course will discuss various vulnerabilities in systems and mechanisms by which these vulnerabilities can be mitigated. The first part of the course will discuss various security vulnerabilities in software code that, if left unfixed, can potentially lead to major cyber-attacks. We will see how these vulnerabilities can arise from simple programming flaws like a buffer that overflows, to complex application runtime characteristics that get manifested through side-channels such as the execution time and power consumption of the device. We will look at some recent cyber-attacks such as Meltdown and Spectre, Heartbleed, and Stagefright. The pre-requisites are a good understanding of C and a basic understanding of computer organization and operating systems. INTENDED AUDIENCE :BTech/BE/ME/MTech/MS/MCA/BCA studentsIn computer science/information technology/electrical engineering / electronics engineering /instrumentation engineeringPREREQUISITES :C programming must be strongMinimum understanding of digital logic /operating systems/computer organizationINDUSTRY SUPPORT :All companies developing embedded products /IoT etc.
Syllabus
Week 1: Introduction / gdb / buffer overflow
Week 2: Preventing buffer overflow based malware
Week 3: Integer overflow and buffer overread and heap overflow
Week 4: More on heap overflow; Access Control
Week 5: Confinement
Week 6: SGX and Trustzone
Week 7:Micro-architectural Attacks
Week 8: Hardware Security.
Week 2: Preventing buffer overflow based malware
Week 3: Integer overflow and buffer overread and heap overflow
Week 4: More on heap overflow; Access Control
Week 5: Confinement
Week 6: SGX and Trustzone
Week 7:Micro-architectural Attacks
Week 8: Hardware Security.
Taught by
Prof. Chester Robeiro
Tags
Related Courses
A Crash Course in CNorthwestern University via YouTube Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
Black Hat via YouTube WebAssembly - A New World of Native Exploits on the Browser
Black Hat via YouTube Squashing Low-hanging Fruit in Embedded Software
Hack In The Box Security Conference via YouTube Software Security Era - Past, Present, and Future
Hack In The Box Security Conference via YouTube