ITEC 465
Computer System Security Analysis and Investigation Techniques
Credit hours (3)
Prerequisite: ITEC 352, ITEC 445, and as a prerequisite or co-requisite ITEC 371,
Students will learn ethical hacking, conduct formal security analysis of computing
infrastructure; apply investigation techniques to detect vulnerabilities and threats
in software and hardware including reverse engineering program binaries for malware
analysis, memory and disk analysis; systems analysis of embedded devices.
Detailed Description of Course
1) Software security (e.g., java applications and web browsers), operating systems
(linux and windows privilege escalations); networking
applications (e.g.., active directory, DNS, SSH, SMB)
2) Attack detection (investigation techniques)
a. Reverse engineering
i. Instructions sets of x86 and ARM architectures
ii. Debugging tools and basic commands (e.g., gdb and cdb)
iii. Obfuscation techniques
b. Memory and disk forensics
3) Secure coding in Java/C/Ada
4) Comparison of programming languages (e.g., Java and C).
Detailed Description of Conduct of Course
The course is a series of lectures that present the theory and demonstrate the techniques
of ethical hacking and investigation techniques. Students will learn by working on
projects that will provide them with real-world hands on experience in performing
security analysis and identifying vulnerabilities and threats.
Goals and Objectives of the Course
Students who complete the course will be able to:
1) Explain the wide array of offensive techniques to attack a computing infrastructure.
2) Explain the underlying kernel data structures of at least one standard operating
system such as: Windows or Linux
3) Demonstrate an ability to analyze the current state of a kernel through memory
and file dumps on at least one standard operating system such as
Windows or Linux.
4) Demonstrate an ability to reverse engineer compiler generated code using tools
such as debuggers.
5) Explain obfuscation techniques used by malicious software to infect software applications.
6) Develop networked applications using secure coding techniques.
Assessment Measures
Assessment of student achievement is measured by written tests and through projects
completed outside of class.
Other Course Information
None.
Review and Approval
April 12, 2018