Instructor: Dr. Natarajan Meghanathan
————————————————————
Syllabus
Lecture Slides
Regular Project Descriptions
Term Project Descriptions
Question Bank (Sample Questions)
————————————————————
Syllabus
Lecture Slides
Module 4: Secure Coding Standards in Java
Code Snippets
Module 5: Testing for Software Security: Case Studies on Source Code Analysis in Java
Code Snippets
Video Demo on using the Source Code Analyzer
Module 6: Software Security Attacks
Module 7: Risk Analysis for Secure Software Design
Module 8: Secure Software Development Lifecycle
Module 9: SQL Injection Attacks and Multi-level Database Security
Regular Project Descriptions
Project 1 Due: February 26, 2014, 7.30 PM
Exploring UNIX Access Control in a Virtual Machine Environment
Project 2 Due: March 26, 2014, 7.30 PM
Simulating the TOCTTOU Vulnerability in a Linux Environment: Java Version C++ Version
Project 3 Due: April 2, 2014, 7.30 PM
Java Secure Coding Standards
Selecting Test Cases using Equivalence Partitions: Example
Project 4 Due: April 16, 2014, 7.30 PM
Testing for Software Security: Source Code Analysis (Java)
Demo on using the HP Fortify Source Code Analyzer: Video
Term Project Descriptions
Pick one of these two projects (reports/videos should be submitted for only one project)
Choice # 1: Stack Smashing Attack on a C Program
Choice # 2: Use of CAPTCHA (Image Display and Selection Strategy) to Prevent XSRF Attacks
Online Banking Application Archive
Question Bank (Sample Questions)
Sample Questions for Module 1: Cryptography
Solution for Q14
Sample Questions for Module 2: Systems Security
Sample Questions for Module 3: Web Security
Sample Questions for Module 4: Secure Coding Standards (Java)
Sample Questions for Module 5: Source Code Analysis
Sample Questions for Module 6: Software Security Attacks
Sample Questions for Module 7: Risk Analysis for Secure Software Design
Sample Questions for Module 8: Secure Software Development Lifecycle
Sample Questions for Module 9: SQL Injection Attacks and Multi-level Database Security