The « I502A Sécurité physique et logicielle » activity, taught to second year master students in computer science industrial engineer at the ECAM Brussels Engineering School (ECAM), is about the security of computer systems, both hardware and software. It includes an introduction to cryptography, elements of networks, databases and operating systems security and, finally, security auditing techniques of a computer system.
I started to give this course in 2017 and I am currently giving it for the fourth time. The course is taught in English, but all the material is available in English and in French.
- Session 1: Introduction to Computer Security
- Session 2: Introduction to Cryptography and Symmetric Encryption
- Session 3: Hash Function, Asymmetric Encryption and Signature
- Session 4: Malware and Protection
- Session 5: Software and Operating Systems Security
- Session 6: Network Protections: DoS, Firewall and IDS
- Session 7: Authentication and Access Control
- Session 8: Database, Cloud and IoT Security
- Session 9: Network Security
- Session 10: Security Audit
- Quizz 1: Computer security principle
- Quizz 2: Cryptography
- Quizz 3: Security concepts and cryptographic tools
- Quizz 4: Malware and protection
- Quizz 5: Network protection
- Quizz 6: User authentication
- Coding 1: HTTPS secure server
- Coding 2: Secure password storage
- Coding 3: Input validation
- Coding 4: SQL injection
- Coding 5: XSS attack
- Mission 1: Computer security principle
- Mission 2: Python cryptographic tools
- Mission 3: Bad website
- Mission 4: John the Ripper
- Mission 5: Article news about IT security issue
- William Stallings and Lawrie Brown. (2018). Computer Security: Principles and Practice (4th edition). Pearson. (ISBN: 978-1-292-22061-1)
- Douglas Robert Stinson and Maura Paterson. (2017). Cryptography: Theory and Practice (4th edition). CRC Press. (ISBN: 978-1-138-19701-5)
- Michael Goodrich and Robert Tamassia. (2013). Introduction to Computer Security. Pearson. (ISBN: 978-1-292-02540-7)
- Matt Bishop. (2018). Computer Security: Art and Science (2th edition). Addison-Wesley. (ISBN: 978-0-321-71233-2)
- Douglas Stinson, Serge Vaudenay, Gildas Avoine and Pascal Junod. (2003). Cryptographie : Théorie et pratique (2th edition). Vuibert. (ISBN: 978-2-711-74800-6)
- Jonathan Katz and Yehuda Lindell. (2014). Introduction to Modern Cryptography (2th edition). Chapman and Hall/CRC. (ISBN: 978-1-466-57026-9)
- Sattarova Feruza Y. and Tao-Hoon Kim. IT Security Review: Privacy, Protection, Access Control, Assurance and System Security. In International Journal of Multimedia and Ubiquitous Engineering, 2(2):17-32, 2017.
- Celia Paulsen and Robert Byers. Glossary of Key Information Security Terms. Technical report NISTIR 7298, revision 3. NIST, July 2019.
- Butler W. Lampson. Computer Security in the Real World. In Computer, 37(6):37-46, 2004.
- Have I Been Pwned: Check if your email has been compromised in a data breach, Troy Hunt.
- CWE/SANS TOP 25 Most Dangerous Software Errors, SANS Institute, June 2011.
- National Cyber Awareness System : Alerts, CISA.
- Common Weakness Enumeration: A Community-Developed List of Software Weakness Types, Mitre.
- Common Attack Pattern Enumeration and Classification: A Community Resource for Identifying and Understanding Attacks, Mitre.
Boston, MA, USA, July 2019.