"Systems Security" is a course offered in the second semester of M. Tech. in Cyber Security Systems & Networks program at School of Engineering, Amrita Vishwa Vidyapeetham, Amritapuri.
Security Goals, Secure Design Principles, Authentication, Linux Password scheme, Password Security, Privilege Escalation Attacks, Assembly Primer, Shellcoding, ELF File Format, Memory Exploits – Buffer Overflow, Off by one overflow, Format String Attacks, Integer Overflow, Return to Libc, Heap Overflow, Case Study of Local and Remote Attacks, Exploit Development with Metasploit, Web Security – HTML/DOM Refresher, JavaScript, Browser Security Model, Authentication and Session Management, Cookies, Same Origin Policy, Security Policy for Windows and Frames, Web Vulnerabilities - Cookie protocol problems, SQL Injection, XSS, CSRF, SSL/TLS Vulnerabilities, Session Hijacking, Guninski Attack, Defenses, Understanding Threats - Classification, Rootkits, Virus, Worm, Clickjacking, Phishing, Pharming, Exploit kits, Botnets, Defenses- ASLR, DEP, Stack Canaries, Secure Coding Techniques for C Programs, Trusted Execution Environment- Case Study on TrustZone, Security Vulnerability Tools , Static and Dynamic Analysis overview