CS6570 - Secure Systems Engineering

Course Data :

Description:

The course provides an introduction to designing secure systems. It covers popular hardware, operating system, and application layer vulnerabilities.

Course Content:

  • Unit 1 Hardware Security Hardware Trojans and Detection PUFs - Power Analysis Attacks and Countermeasures -Fault Attacks - Implementation Aspects of Crypto Algorithms (A case study of AES and ECC)
  • Unit 2 Micro Architectural Security Timing attacks and Covert Channels - RAM based attacks - Cold boot - Rowhammer
  • Unit 3 Operating System Security Stack Smashing Attacks - Dynamic Memory Allocation Attacks - Format String Vulnerabilities - return-to-libc attacks - ROP attacks - Side Channel Attacks in Operating Systems Countermeasures - Non-executable stacks - Capability based Systems - Canaries - Malware Analysis Techniques
  • Unit 4 Application Security SQL Insertion - Shell Shock - Heart bleed bug
  • Unit 5 Formal Verification of Security Protocols Practicals Power Analysis Attacks. Given power traces of an encryption system such as AES, the participants would need to build algorithms to determine the secret key. Fault Attacks. Given a faulty and a fault free ciphertext, the participants would need to write code to determine the secret key. Timing Attacks. In this assignment, participants would develop a timing attack on encryption systems like the RSA or/and AES. Stack Smashing Attacks. The intent of this assignment is to understand stack smashing and how they can be used to develop malicious software. Operating System Side Channels. Demonstrate an OS side channel attack. For instance, using memory footprints to determine the web page browsed.

Text Books:

Published work in IEEE and ACM will be used for this course

Reference Books:


Pre-Requisites

    None

Parameters

Credits Type Date of Introduction
4-0-0-0-8-12 Elective Jan 2017

Previous Instances of the Course


© 2016 - All Rights Reserved - Dept of CSE, IIT Madras
Website Credits