What you will learn
This course aims to cover the fundamental concepts and practices of computer security.
To familiarize students with various computer security issues and mitigation strategies.
This course covers various topics like Computer Security Overview, Cryptographic Tools, Symmetric Encryption & Message Confidentiality, Public-Key Cryptography
Message Authentication, Malicious Software, Denial-of-Service Attacks, Database Security, Intrusion Detection, Trusted Computing and Multilevel Security.
Human Resources Security, Hardware Security, IoT Security, Legal and Ethical Aspects.
Description
LECTURE 1 : COMPUTER SECURITY OVERVIEW
1.1 Computer Security Concepts
1.2 Assets, Vulnerabilities, Threats and Attacks
1.3 Security Functional Requirements
1.4 Fundamental Security Design Principles
1.5 Attack Surfaces
1.6 Computer Security Strategy
1.7 Thwarting Cyber Criminals/ Attackers
LECTURE 2 : CRYPTOGRAPHIC TOOLS
2.1 Symmetric Encryption
2.2 Message Authentication and Hash Functions
2.3 Public-Key Encryption
2.4 Digital Signatures & Envelops
2.5 Random and Pseudorandom Numbers
2.6 Symmetric vs Asymmetric
LECTURE 3: SYMMETRIC ENCRYPTION AND MESSAGE CONFIDENTIALITY
3.1 Symmetric Encryption Principles
3.2 Data Encryption Standard
3.3 Advanced Encryption Standard
3.4 Cipher Block Modes of Operation
3.5 Key Distribution
LECTURE 4: PUBLIC-KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION
4.1 Secure Hash Functions
4.2 HMAC
4.3 The RSA Public-Key Encryption Algorithm
4.4 Diffie-Hellman Key Exchange Protocol
LECTURE 5 – MALICIOUS SOFTWARE
5.1 Malware
5.2 Viruses
5.3 Worms
5.4 Bots
5.5 Rootkits
5.6 Mobile Code
5.7 Mobile Phone Worms
5.8 Malware terminologies
LECTURE 6 – DENIAL-OF-SERVICE ATTACKS
6.1 Denial of Service Attacks
6.2 Source Address Spoofing
6.3 SYN Spoofing
6.4 Flooding Attacks
6.5 DDOS
6.6 Amplification Attacks
6.7 DNS Amplification Attacks
6.8 DOS Attack defenses
6.9 Attack Prevention
LECTURE 7 – DATABASE SECURITY
7.1 Relational Database Example
7.2 Database Access Control
7.3 SQL Access Controls
7.4 Role-Based Access Control
7.5 Inference
7.6 Statistical Databases (SDB)
7.7 Protecting Against Inference
7.8 Database Encryption
7.9 SQL Injection Attacks
LECTURE 8 – INTRUSION DETECTION
8.1 Intruders
8.2 Classes of intruders
8.3 Examples of Intrusion
8.4 Security Intrusion & Detection
8.5 Intrusion Techniques
8.6 Intrusion Detection Systems
8.7 IDS Principles
8.8 IDS Requirements
8.9 Host-Based IDS
8.10 Network-Based IDS
8.11 Intrusion Detection Exchange Format
8.12 Honeypot
LECTURE 9 – TRUSTED COMPUTING AND MULTILEVEL SECURITY
9.1 Computer Security Models
9.2 Bell-LaPadula (BLP) Model
9.3 Multilevel Security (MLS)
9.4 Common Criteria (CC)
LECTURE 10 – HUMAN RESOURCES SECURITY
10.1 Security Awareness, Training, and Education
10.2 Polices and Employment Practices
10.3 E-Mail and Internet Use Policies
10.4 Computer Security Incident Response Teams
LECTURE 11 – HARDWARE SECURITY
11.1 Introduction
11.2 Hardware attacks
11.3 Goals of Hardware Attack
11.4 Common hardware Attacks
11.5 Types of Hardware Attacks
11.6 Types of Hardware Attackers
11.7 Hardware Trojan
11.8 Types of Hardware Backdoors
11.9 Hardware backdoors prevention
11.10 Hardware backdoor detection
11.11 Methods for disabling backdoor triggers
11.12 Security during product development
11.13 Anti-Tamper Mechanisms
11.14 Cryptographic Processors and Algorithms
LECTURE 12 – IOT SECURITY
12.1 The IoT Era Begins
12.2 Components of IoT-Enabled Things
12.3 IoT Reference model
12.4 IoT Security
12.5 IoT Security & Privacy Req. defined by ITU-T
12.6 An IoT Security Framework
12.7 IoT Security Challenges
12.8 Internet of Things – Liability
12.9 IoT security tools
LECTURE 13 LEGAL AND ETHICAL ASPECTS
13.1 Cybercrime and Computer Crime
13.2 Intellectual Property
13.3 Privacy and Ethical Issues
Content
Computer Security: Fundamental Concepts and Practices