Information Security - 5 - Secure Systems Engineering
Offered By: Indian Institute of Technology Madras via Swayam
Course Description
Overview
With the increase in the threat of cyber-security attacks, it is important to develop computer systems that are not only efficient but also secure. This course will discuss various vulnerabilities in systems and mechanisms by which these vulnerabilities can be mitigated. The first part of the course will discuss various security vulnerabilities in software code that, if left unfixed, can potentially lead to major cyber-attacks. We will see how these vulnerabilities can arise from simple programming flaws like a buffer that overflows, to complex application runtime characteristics that get manifested through side-channels such as the execution time and power consumption of the device. We will look at some recent cyber-attacks such as Meltdown and Spectre, Heartbleed, and Stagefright. The pre-requisites are a good understanding of C and a basic understanding of computer organization and operating systems. INTENDED AUDIENCE :BTech/BE/ME/MTech/MS/MCA/BCA studentsIn computer science/information technology/electrical engineering / electronics engineering /instrumentation engineeringPREREQUISITES :C programming must be strongMinimum understanding of digital logic /operating systems/computer organizationINDUSTRY SUPPORT :All companies developing embedded products /IoT etc.
Syllabus
Week 1: Introduction / gdb / buffer overflow
Week 2: Preventing buffer overflow based malware
Week 3: Integer overflow and buffer overread and heap overflow
Week 4: More on heap overflow; Access Control
Week 5: Confinement
Week 6: SGX and Trustzone
Week 7:Micro-architectural Attacks
Week 8: Hardware Security.
Week 2: Preventing buffer overflow based malware
Week 3: Integer overflow and buffer overread and heap overflow
Week 4: More on heap overflow; Access Control
Week 5: Confinement
Week 6: SGX and Trustzone
Week 7:Micro-architectural Attacks
Week 8: Hardware Security.
Taught by
Prof. Chester Robeiro
Tags
Related Courses
Next Generation Mobile RootkitsBlack Hat via YouTube Mobile Malware - Why the Traditional AV Paradigm Is Doomed
Black Hat via YouTube CaSE- Cache-Assisted Secure Execution on ARM Processors
IEEE via YouTube Develop TrustZone Enabled Applications on STM32L5 ARM MCUs with STM32CubeIDE - Webinar Replay
STMicroelectronics via YouTube Elevating the TrustZone to Achieve a Powerful Android Kernel Exploit
nullcon via YouTube