Secure Computing - Table of Contents

• In this series of notes, it will cover contents about software security, such as:
• Cryptography: the role of cryptography in security, modern cryptographic algorithms and their use in software development and encryption in computer networks.
• Risk management: threat modelling and risk assessment.
• Modes of attack: network protocols, malware and software vulnerabilities.
• Mitigation techniques: counter measures, authentication techniques (biometrics and two-factor authentication), penetration testing, secure systems design and intrusion detection.
• Ethical issues: ethics of security research, responsible disclosure and privacy.

Table of Contents

1. Introduction
2. Threat modelling
3. Symmetric Ciphers
4. Message authentication
5. Public key cryptography
6. Randomness
7. User authentication
8. TCP/IP networking threats
9. Network defences
10. Abuse of DNS, ARP & application protocols
11. Command injection & input validation
12. Buffer Overruns
13. Low-level vulnerabilities
14. Finding, reporting and avoiding vulnerabilities
15. Intrusion Detection & incident response