Back close

Course Detail

Course Name Secure coding and programming
Course Code 21SN602
Program M. Tech. in Cyber Security Systems & Networks
Semester 1
Credits 4

Introduction

Fundamentals- Variables (are labels in python), Data-types: integers, strings, booleans, Control flow:Loops: while/for, if/else/elif, Containers: Lists (mutable), Dictionaries — hashmap (mutable, but key must be hashable), Tuples (mutable), Set/frozenset, Debugging with IDE debugger, Functions, Recursive functions. Algorithms – Search-Linear search, Binary search, Sorting-Merge sort, Quick sort, Binary Search Trees, OOP-object oriented programming- Classes: attributes, methods, Inheritance. Libraries and Packages-OS: path, subprocess, files, folders I/O, Cryptography : Hashlib, fernet, secrets, CSPRNG, Netwo rking: Sockets, SSL, Web HTTP API : requests, beautiful soup, selenium, Data visualization: matplotlib, pandas, seaborn. Secure design principles. Principle of least privilege, Weakest link principle, Security through obscurity, Common Weakness Enumeration (CWE), CWE category: Memory Buffer Errors, CWE category: Bad Coding Practices, CWE category: Authentication Errors, CWE category: Authorization Errors, Secure web programming (Concurrent with Modern Web Application Development & Security), OWASP Top 10 web application security risks and their mitigations, Injection, Broken authentication, Sensitive data exposure, XML External Entities (XXE), Security misconfiguration, Cross Site Scripting (XSS), Insecure Deserialisation, Using components with known vulnerabilities, Insufficient logging and monitoring, Mapping Owasp Top 10 to application security, Mitigating application vulnerabilities (Concurrent with OS & System Security), Buffer overflow, Format string, Integer overflow

TEXTBOOKS / REFERENCES:

  1. https://automatetheboringstuff.com/ (free online version)
  2. realpython.com (free articles only)
  3. https://jakevdp.github.io/PythonDataScienceHandbook/ (free online version)
  4. CWE – CWE-1218: Memory Buffer Errors (4.4)
  5. CWE – CWE-1006: Bad Coding Practices (4.4)
  6. CWE – CWE-1211: Authentication Errors (4.4)
  7. CWE – CWE-1212: Authorization Errors (4.4)
  8. Table of Contents | OWASP

Course Objectives

  • CO1. Students will learn the fundamentals of computing, data structures, and algorithms
  • CO2. Students will be comfortable using python to automate simple tasks with OOP python scripts.
  • CO3.  Students will know to debug their programs
  • CO4.  Students will be familiarized with the simplicity of the python ecosystem(packages and libraries) to assist and solve many cybersecurity tasks.
  • CO5. Students will be able to write secure code to defend against common vulnerabilities and known exploits.

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now