SE 454: Ethical Hacking and Systems Defense

The course will start with an analysis of various vulnerabilities in an application, system/device or a network protocol (or network) which can be exploited to threaten the data and services of a software system. Using these vulnerabilities, students will learn how to collect information before the attack, gain access, retrieve useful information, keep the access for a period of time, and avoid leaving traces of the attack. Countermeasures for each of the vulnerabilities explored will also be discussed. Students will also learn how to assess the security state of an application/system/network based on the vulnerabilities present in it. The course will include both theoretical and practical aspects: concepts learned in the lectures will be practiced in a closed environment using virtual machines.