CPSC 4363 - Cybersecurity: Systems

CPSC 4363 Cybersecurity: Systems is the one of the twin courses that students typically take in the fall (this one) and spring (COSC 4345) semesters of their senior year.  It is a required course for students majoring in Cybersecurity

This course covers the principles of computer systems security. The topics we shall cover include: malware, privacy, network attacks and defenses, operating system security, application security (web, email, databases, etc.), cryptography, and the security issues on some hot topics, such as quantum encryption, Blockchain, and Internet of Things. Two course-projects focus on understanding the nature of new threats and building reliable code, respectively.

The course adopts the "learning by doing" principle. Students are supposed to learn the attacks by performing them in a restricted environment or a simulated environment. They will also play with a number of security tools to understand how they work and what security guarantee they provide. The experiments will be conducted in the virtual machine environments and/or in Minix environments.

cysec-xss

Student Learning Outcomes

Upon completion of this course students should be able to:

  • Identify the nature of threats and vulnerabilities in most softwares, networks, systems, webs, and applications.
  • Analyze a malware attack, such as the ransomware WannaCry, and then investigate methods to compromise it.
  • Secure systems that are not vulnerable to application program attack, such as a buffer overflow attacks.
  • Construct websites that are not vulnerable to clients attack, such as XSS attacks or SQL injection attacks.
  • Know cryptography techniques such as RSA and MAC.
  • Infer the vulnerabilities in emerging technologies.

Course Prerequisites: We assume that the student in CPSC 4363 is familiar with an object-oriented programming language such as C++, Java, or Python. The course does not assume but suggest that the students have had individual courses in databases, operating systems, networking, web programming, or data mining. COSC 2336 with a grade of C is the prerequisite.