Instructor: Dongdong She (dongdong@cse.ust.hk)
Office hours: Monday (1:30-2:00 pm) CYT 3006
TA: Qiao Zhang (qzhangdi@connect.ust.hk)
Classroom: Rm 4213, Lift 19
Class hours: Wednesday (9:00 am - 12:00 pm)
This course equips students with cybersecurity knowledge and current IT practices on security risk management. The course covers current security trends, industrial practices on IT security, design requirements for secure web and mobile applications, security assessment, risk analysis and risk management.
Through hands-on laboratory sessions, students will understand existing IT security issues, learn how to assess IT security risks, and conduct experiments on ethical hacking. They will practice system attack and defense strategies using security tools, so as to gain practical experience to become a cybersecurity professional.
Knowledge in web programming and database administration is not essential
but a plus. Prerequisite(s): COMP 2012 OR COMP 2012H; Corequisite(s): COMP 3511
Date Topics Lecture slides & Lab 05/02 Introduction 12/02 Basic Concept on IT Security and setup of Virtualization Environment 19/02 IAM, Authentication and Authorization 26/02 OS Security and Virtualization 05/03 Network Basics 12/03 Network Security 19/03 Web Application Programming 26/03 Web Application Hacking 09/04 Operating System Security 16/04 Application Security 23/04 Secure Infrastructure Design 30/04 Incident Response and Computer Forensics 07/05 Advanced Topics on Security
Course Goal
Prerequisite
Grading
Schedule
slides,
Lock picking competition
Lecture slides: Briefing on CyberSecurity practices, Threats and Vulnerabilities
Lab: Setup of ESXi server and walkthrough of vSphere client and VM environment. Setup of Kali Linux and Windows 10 Victim Guest OS.
Lecture slides: Authentication, Authorization, Password Scheme, Federated Authentication
Lab: Perform password cracking, password dumping,write your own password cracker.
Lecture slides: Network basis, Network architecture and security architecture, Virtualization, Virtualization security
Lab: Setup Linux and Wireshark lab environment, virtual network. Perform WiFi analysis, WiFi exploits, and WiFi cracking
Lecture slides: DNS, LAN and WAN, Directory services and Database security, PKI, SSL/TLS, Secure Protocol, Heartbleed and POODLE
Lab: Setup Web and FTP services, DNS services, database services.
Lecture slides: Network attack, scanning, sniffing, vulnerability scanning, Denial of Service attacks, email security, phishing
Lab: Perform network scanning (nmap), vulnerability scanning (nessus), email spoofing attack.
Lecture slides: Web Protocol, PHP, JavaScript, SQL query, and web authentication
Lab: Develop and deploy a website through the use of CSS, PHP, and JavaScript. Connect PHP website to the database and then set up an authentication component to the website
Lecture slides: OWASP Top 3/10 attack methods including SQL injection, XSS, CSRF
Lab: Perform web attacks using different kinds of web attack methods: web session management attack, injection attack, Cross-site scripting, and CSRF attack
Lecture slides: System and Kernel Attack, Patch Management, Trusted System Security
Lab: Perform system exploitation using Metasploit, existing exploit scripts, and payloads
Lecture slides: Application security threats, Secure programming life cycle, Buffer Overflow, Application firewall, secure code review and security assessment concept, malware and virus
Lab: Perform software exploitation, understand and use various debug tools such as gdb and compose buffer overflow code
Lecture slides: Network defense mechanism, Firewall, IDS, Anti-DDoS, Honeypot
Lab: Set up Firewall, VPN, and Snort IDS
Lecture: Incident Response, Computer Crime, Forensics Investigation, and Compliance
Lab: Set up big data platform environment (ElasticSearch) for performing log analysis and attack tracing
Lecture: No specific description provided
Lab: Project presentation