This course provides a thorough understanding of the technical aspects of computer security. It covers network, operating system, and application software security. Computer laboratory projects provide exposure to various tools in a hands-on setting.

Access Control - Identification, authentication, and authorisation; trust management.

Network Security - attacks, intrusion detection, auditing and forensics, firewalls, malicious software, packet monitoring and other tools/techniques for finding network security related problems.

Operating System Security - threats, vulnerability, and control, password management, accounts and privileges

Application Software Security - design of secure systems, evaluation, Java security, buffer overflows, database security, client-side and server-side securities, tamper resistant software and hardware, finding vulnerabilities, developing patches, patch distribution.

Thinking Evil (understand the enemy so that you can design better software and systems) - how to build a virus, trojan, worm, (how to detect them and break them); real-world vulnerability detection.

• Tuesdays and Thursdays, 17:30 - 19:00, CSEB 2007

• Fridays, 13:30 - 15:30, CSEB 2007