Scribd
Upload
42 views2 pages

Courseoutline Fundamental Security (Mekelle)

Uploaded by

yaikobzeray
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
42 views2 pages

Courseoutline Fundamental Security (Mekelle)

Uploaded by

yaikobzeray
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Arbaminch University

Institute of Technology
Faculty of Computing and Software Engineering
Course Name: Fundamental of Software Security Prerequisite: None
Course Code: SEng7431 Academic Year 2021/22
Semester: I Target group: G3 SE(Mekelle)
CP: 5(2hr Lecture, 3hrs Laboratory) Module Title: Computer networking & security
Instructor: Haile T. office No:O-So-03

Course Description
This course we will explore the foundations of software security. We will consider important software
vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session
hijacking and we will consider defenses that prevent or mitigate these attacks, including advanced testing
and program analysis techniques. Importantly, we take a "build security in" mentality, considering
techniques at each phase of the development cycle that can be used to strengthen the security of software
systems.
Course objectives
 At the end of the course, the student should be able to:
 Understanding the role that software plays in providing security and as a source of insecurity
 Understand Principles, methods & technologies to make the software more secure Typical threats &
vulnerabilities that make software less secure, and how to avoid them
 Know how to prevent them entirely, or mitigate their effects, by improving the software's design and
implementation.
 Know state-of-the-art tools and techniques for testing and otherwise verifying that software is secure.
 Know how to "build security in" rather than consider it as an afterthought, and will have a plethora of
skills, applicable at each phase of the development cycle, that can be used to strengthen the security of
software systems.
Course Contents
Weeks Lecture topics
1 what is security? Key Objectives of Security, Computer Security Challenges
Security Services and Mechanisms, Security Attacks, Security Techniques
Model for Network Security
2 Secure Design Principles, Secure System Design
3 Cryptography
Overview of cryptanalysis
Encryption Techniques
✓ Symmetric cryptography (DES, AES) ✓ Public key cryptography (RSA)
✓ Key management and exchange ✓ Cryptographic hash functions and certificate
4 Application and OS Security
Application code attacks (buffer overflow)
✓ Prevention: System design, robust coding, isolation.
✓ Users management
✓ Enforcement of security

1
Arbaminch University
Institute of Technology
Faculty of Computing and Software Engineering
Course Name: Fundamental of Software Security Prerequisite: None
Course Code: SEng7431 Academic Year 2021/22
Semester: I Target group: G3 SE(Mekelle)
CP: 5(2hr Lecture, 3hrs Laboratory) Module Title: Computer networking & security
Instructor: Haile T. office No:O-So-03

✓ OS Access control, authentication


✓ Risk management
 Information Security: Policies and Procedures
✓ Legal Issues and Information Security:
 Computer Forensics
5 Web, Network, data, Mobile security
6 Risk management frameworks and processes
7 Worms and other Malwares
8 Buffer Overflows
9 Security System assessment and evaluation
10 Code review using static analysis tools
11 Security and Penetration testing
12 Abuse case development
Attendance must be at least 80%
Summary of Teaching Learning Methods
The learning–teaching methodology will be student-centered with appropriate guidance of instructor/s
during the student’s activities. There will be Lecture, Demonstrations, Laboratory sessions, Reading
assignments and Group Discussions
Assessment Methods: - test1 -20%, test2 -15%, project – 15%, final = 50%
References
1. Software Security: Building Security In (2006), by Gary McGraw, Addison-WesleyProfessional
2. Secure Software Development: A Security Programmer's Guide (2008), by JasonGrembi, Delmar
Cengage Learning
3. Exploiting Software: How to Break Code (2004), by Greg Hoglund& Gary McGraw, Addison-
Wesley Professional
4. Foundations of Security: What Every Programmer Needs to Know(2007), by Neil Daswani,
Christoph Kern and Anita Kesavan (Text book)

You might also like