Back close

Course Detail

Course Name System Security
Course Code 21SN605
Program M. Tech. in Cyber Security Systems & Networks
Semester 1
Credits 4


Basic operating system concepts – Processes, Threads, Virtual memory, File system

Security Goals, Secure Design Principles, Authentication, Linux Password scheme, Password Security, Authorization – Access control, MAC, DAC, ACL, Capabilities, Information flow control, Privilege Escalation Attacks, constraining and sandboxing users and applications. Assembly Primer, Shell coding, ELF File Format. Memory Exploits – Buffer Overflow, Off by one overflow, Format String Attacks, Integer Overflow, Return to Libc, Heap Overflow, Exploit prevention mechanisms : stack canaries, Data Execution Prevention, Address Space Layout Randomization, bypassing DEP & ASLR. Trusted Execution Environment – Case Study on Intel SGX. Fuzzing – Types of fuzzers, Bug detection, Case study – AFL fuzzer. Vulnerability and exploit analysis: spectre, meltdown, foreshadow, dirty COW.


  1. Andrew S. Tanenbaum, “Modern Operating Systems”, Fourth Edition, Pearson Education India, 2016
  2. Neil Daswani, Christopher Kern, Anita Kesavan, “Foundations of Security, What Every Programmer Needs to Know”,Apress, 2007
  3. James C. Foster and Vincent T. Liu, “Writing Security Tools and Exploits”, Syngress Publishing
  4. Gary McGraw, John Viega, “Building Secure Software”, Addison-Wesley Professional, 2001.
  5. Jon Ericson, “Hacking: The Art of Exploitation”, Second Edition, No Starch Press, 2008, ISBN 978-1593271442
  6. Chris Anley, John Heasman, Felix Linder, Gerardo Richarte, The Shellcoder’s Handbook : Discovering and Exploiting Security Holes, Second Edition, Addison-Wiley, ISBN 978- 0470080238

Course Objectives

  • CO1.  A quick refresher to the fundamentals of Operating Systems
  • CO2.  Describe security goals and principles which is used in designing a secure system(PO2, PSO2, PSO3)
  • CO3. Explain the basics of system organization, assembly language and linux systemcalls. (PO3, PSO2, PSO4)
  • CO4. Demonstrate the exploitation of Access control vulnerabilities and develop its mitigation (PO1, PO3, PSO1, PSO2, PSO3)
  • CO5. Demonstrate buffer overflow attack,Format string attack and Return to libc attack with examples (PO1,PO2, PO3, PSO1, PSO2, PSO4)
  • CO6. Explain the preventive mechanisms for different exploits (PO1,PSO1, PSO2)

DISCLAIMER: The appearance of external links on this web site does not constitute endorsement by the School of Biotechnology/Amrita Vishwa Vidyapeetham or the information, products or services contained therein. For other than authorized activities, the Amrita Vishwa Vidyapeetham does not exercise any editorial control over the information you may find at these locations. These links are provided consistent with the stated purpose of this web site.

Admissions Apply Now