YoVDO

Information Security - 5 - Secure Systems Engineering

Offered By: Indian Institute of Technology Madras via Swayam

Tags

Information Security (InfoSec) Courses Cybersecurity Courses Buffer Overflow Courses Access Control Courses Heap Overflows Courses Software Vulnerabilities Courses Integer Overflow Courses Trustzone Courses

Course Description

Overview

With the increase in the threat of cyber-security attacks, it is important to develop computer systems that are not only efficient but also secure. This course will discuss various vulnerabilities in systems and mechanisms by which these vulnerabilities can be mitigated. The first part of the course will discuss various security vulnerabilities in software code that, if left unfixed, can potentially lead to major cyber-attacks. We will see how these vulnerabilities can arise from simple programming flaws like a buffer that overflows, to complex application runtime characteristics that get manifested through side-channels such as the execution time and power consumption of the device. We will look at some recent cyber-attacks such as Meltdown and Spectre, Heartbleed, and Stagefright. The pre-requisites are a good understanding of C and a basic understanding of computer organization and operating systems. INTENDED AUDIENCE :BTech/BE/ME/MTech/MS/MCA/BCA studentsIn computer science/information technology/electrical engineering / electronics engineering /instrumentation engineeringPREREQUISITES :C programming must be strongMinimum understanding of digital logic /operating systems/computer organizationINDUSTRY SUPPORT :All companies developing embedded products /IoT etc.

Syllabus

Week 1: Introduction / gdb / buffer overflow
Week 2: Preventing buffer overflow based malware
Week 3: Integer overflow and buffer overread and heap overflow
Week 4: More on heap overflow; Access Control
Week 5: Confinement
Week 6: SGX and Trustzone
Week 7:Micro-architectural Attacks
Week 8: Hardware Security.

Taught by

Prof. Chester Robeiro

Tags

Related Courses

Next Generation Mobile Rootkits
Black Hat via YouTube
Mobile Malware - Why the Traditional AV Paradigm Is Doomed
Black Hat via YouTube
CaSE- Cache-Assisted Secure Execution on ARM Processors
IEEE via YouTube
Develop TrustZone Enabled Applications on STM32L5 ARM MCUs with STM32CubeIDE - Webinar Replay
STMicroelectronics via YouTube
Elevating the TrustZone to Achieve a Powerful Android Kernel Exploit
nullcon via YouTube