2019 - 2020

0368-3065   Introduction to Information Security                                                                 
FACULTY OF EXACT SCIENCES
View groups
 
Course description

Course description

The Introduction to Information Security course surveys central concepts in applied information security and cyber security, and offers a hands-on introduction to vulnerability analysis and exploitation techniques, secure programming and secure system architecture.

High-level goals:
- Make students aware of major security risks and attack vectors
- Gain concrete hands-on experience with vulnerability analysis and exploitation
- Teach about good tools and practices for building secure systems
- Instill the state of mind and conceptual vocabulary for reasoning about systems security

High-level list of topics that will be covered:

- Cryptography (symmetric and asymmetric, hashing, signatures, etc.)
- Reverse engineering and binary patching
- Low level vulnerabilities and their exploitations (BoF, ROP, Polymorphic shellcodes, etc.)
- Networking vulnerabilities and defense mechanisms
- Logical vulnerabilities and permission models
- Secure web applications and authentication methods

The course includes weekly hands-on exercises of analysis and exploitation, which require significant time and effort.

The course grade consists of 35% homework and 65% final exam (see past exams here).

Requisite courses:

  • Operating Systems (0368-2162) or Introduction to Systems Programming (0512-4402) or equivalent

Recommended (not requisite) courses and knowledge:

  • It is recommended (but not mandatory) to have completed courses on computer networking and/or cryptography.
  • Exercises will vary across programming languages, depending on the system being discussed: Python, SQL, JavasScript, x86 Assembly). Good understanding of the C programming language is needed for the low-level part of the course.

accessibility declaration


tel aviv university