Software Security: Online Course by University of Maryland

Software Security is a free online course conducted by the University of Maryland. It is a part of the Cybersecurity Specialization.

Software Security: Online Course

 

About the course

Software security course shall explore the foundation of the software security. This course shall consider important software vulnerabilities and attacks that exploit them, such as buffer overflows, SQL injection, and session hijacking. They shall also consider dethat prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, they take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems.

Course Syllabus

The course is broken into the following 6 units:

  • Low-level, memory-based attacks, including stack smashing, format string attacks, stale memory access attacks, and return-oriented Programming (ROP)
  • Defenses against memory-based attacks, including stack canaries, non-executable data (aka W+X or DEP), address space layout randomization (ASLR), memory-safety enforcement (e.g., SoftBound), control-flow Integrity (CFI)
  • Web security, covering attacks like SQL injection, Cross-site scripting (XSS), Cross-site request forgery (CSRF), and Session hijacking, and defenses that have in common the idea of input validation
  • Secure design, covering ideas like threat modeling and security design principles, including organizing ideas like favor simplicity, trust with reluctance, and defend in depth; we present real-world examples of good and bad designs
  • Automated code review with static analysis and symbolic execution, presenting foundations and tradeoffs and using static taint analysis and whitebox fuzz testing as detailed examples
  • Penetration testing, presenting an overview of goals, techniques, and tools of the trade

Prerequisites

  • A third-year undergraduate in computer science is recommended.

Course Format

The class shall consist of lecture videos, which are between 8 and 12 minutes in length. These typically contain 1-2 integrated quiz questions per video, to check understanding. There will also be standalone quizzes (one per week) that are not part of the video lectures, and three hands-on projects.

Course Sessions

February 23, 2015 - April 4, 2015

click here

For Quick Alerts
ALLOW NOTIFICATIONS  
For Daily Alerts

--Or--
Select a Field of Study
Select a Course
Select UPSC Exam
Select IBPS Exam
Select Entrance Exam
JOIN US ON SOCIAL NETWORKS

Thousands of Careerindia readers receive our evening newsletter.
Have you subscribed?

For great career opportunity, get instant updates on Education, Career & Job
Careerindia

Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Careerindia sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Careerindia website. However, you can change your cookie settings at any time. Learn more