Computer Security: Fundamental Concepts and Practices

LECTURE 1 : COMPUTER SECURITY OVERVIEW

1.1 Computer Security Concepts

1.2 Assets, Vulnerabilities, Threats and Attacks

1.3 Security Functional Requirements

1.4 Fundamental Security Design Principles

1.5 Attack Surfaces

1.6 Computer Security Strategy

1.7 Thwarting Cyber Criminals/ Attackers

LECTURE 2 : CRYPTOGRAPHIC TOOLS

2.1 Symmetric Encryption

2.2 Message Authentication and Hash Functions

2.3 Public-Key Encryption

2.4 Digital Signatures & Envelops

2.5 Random and Pseudorandom Numbers

2.6 Symmetric vs Asymmetric

LECTURE 3: SYMMETRIC ENCRYPTION AND MESSAGE CONFIDENTIALITY

3.1 Symmetric Encryption Principles

3.2 Data Encryption Standard

3.3 Advanced Encryption Standard

3.4 Cipher Block Modes of Operation

3.5 Key Distribution

LECTURE 4: PUBLIC-KEY CRYPTOGRAPHY AND MESSAGE AUTHENTICATION

4.1 Secure Hash Functions

4.2 HMAC

4.3 The RSA Public-Key Encryption Algorithm

4.4 Diffie-Hellman Key Exchange Protocol

LECTURE 5 - MALICIOUS SOFTWARE

5.1 Malware

5.2 Viruses

5.3 Worms

5.4 Bots

5.5 Rootkits

5.6 Mobile Code

5.7 Mobile Phone Worms

5.8 Malware terminologies

LECTURE 6 - DENIAL-OF-SERVICE ATTACKS

6.1 Denial of Service Attacks

6.2 Source Address Spoofing

6.3 SYN Spoofing

6.4 Flooding Attacks

6.5 DDOS

6.6 Amplification Attacks

6.7 DNS Amplification Attacks

6.8 DOS Attack defenses

6.9 Attack Prevention

LECTURE 7 – DATABASE SECURITY

7.1 Relational Database Example

7.2 Database Access Control

7.3 SQL Access Controls

7.4 Role-Based Access Control

7.5 Inference

7.6 Statistical Databases (SDB)

7.7 Protecting Against Inference

7.8 Database Encryption

7.9 SQL Injection Attacks

LECTURE 8 - INTRUSION DETECTION

8.1 Intruders

8.2 Classes of intruders

8.3 Examples of Intrusion

8.4 Security Intrusion & Detection

8.5 Intrusion Techniques

8.6 Intrusion Detection Systems

8.7 IDS Principles

8.8 IDS Requirements

8.9 Host-Based IDS

8.10 Network-Based IDS

8.11 Intrusion Detection Exchange Format

8.12 Honeypot

LECTURE 9 - TRUSTED COMPUTING AND MULTILEVEL SECURITY

9.1 Computer Security Models

9.2 Bell-LaPadula (BLP) Model

9.3 Multilevel Security (MLS)

9.4 Common Criteria (CC)

LECTURE 10 - HUMAN RESOURCES SECURITY

10.1 Security Awareness, Training, and Education

10.2 Polices and Employment Practices

10.3 E-Mail and Internet Use Policies

10.4 Computer Security Incident Response Teams

LECTURE 11 – HARDWARE SECURITY

11.1 Introduction

11.2 Hardware attacks

11.3 Goals of Hardware Attack

11.4 Common hardware Attacks

11.5 Types of Hardware Attacks

11.6 Types of Hardware Attackers

11.7 Hardware Trojan

11.8 Types of Hardware Backdoors

11.9 Hardware backdoors prevention

11.10 Hardware backdoor detection

11.11 Methods for disabling backdoor triggers

11.12 Security during product development

11.13 Anti-Tamper Mechanisms

11.14 Cryptographic Processors and Algorithms

LECTURE 12 – IOT SECURITY

12.1 The IoT Era Begins

12.2 Components of IoT-Enabled Things

12.3 IoT Reference model

12.4 IoT Security

12.5 IoT Security & Privacy Req. defined by ITU-T

12.6 An IoT Security Framework

12.7 IoT Security Challenges

12.8 Internet of Things - Liability

12.9 IoT security tools

LECTURE 13 LEGAL AND ETHICAL ASPECTS

13.1 Cybercrime and Computer Crime

13.2 Intellectual Property

13.3 Privacy and Ethical Issues