▶Japanese
Post to SNS
- Home
- > School of Computing
- > School of Computing
- > Attack and Defense on Cybersecurity III
- School of Science
-
School of Engineering
- Undergraduate major in Mechanical Engineering
- Undergraduate major in Systems and Control Engineering
- Undergraduate major in Electrical and Electronic Engineering
- Undergraduate major in Information and Communications Engineering
- Undergraduate major in Industrial Engineering and Economics
- Common courses
- School of Materials and Chemical Technology
- School of Computing
- School of Life Science and Technology
- School of Environment and Society
- 工学院,物質理工学院,環境・社会理工学院共通科目
- Liberal arts and basic science courses
- First-Year Courses
- School of Science
- School of Engineering
- School of Materials and Chemical Technology
- School of Computing
- School of Life Science and Technology
-
School of Environment and Society
- Department of Architecture and Building Engineering
- Department of Civil and Environmental Engineering
- Department of Transdisciplinary Science and Engineering
- Department of Social and Human Sciences
- Department of Innovation Science
- Graduate major in Technology and Innovation Management
- Common courses
- Liberal arts and basic science courses
- Academic unit or major
- School of Computing
- Instructor(s)
- Ueda Kengo Sugaya Mitsuyoshi Tanaka Keisuke
- Class Format
- Lecture / Exercise
- Media-enhanced courses
- Day/Period(Room No.)
- Wed5-8(W834)
- Group
- -
- Course number
- XCO.T477
- Credits
- 2
- Academic year
- 2019
- Offered quarter
- 4Q
- Syllabus updated
- 2019/4/2
- Lecture notes updated
- -
- Language used
- Japanese
- Access Index
-
Course description and aims
Cybersecurity is important for our daily lives including various types of activities. There is a growing demand for students who can be researchers and engineers capable of understanding cybersecurity.
In order to satisfy this demand, Tokyo Tech has launched Progressive Graduate Minor in Cybersecurity in April, 2016. We design the curriculum of Progressive Graduate Minor in Cybersecurity in collaboration with NRI as the core, also with Rakuten, NTT, AIST, and NISC. The following six courses are organized in School of Computing: Foundation of Cybersecurity (1Q, 2-0-0), Theory of Cryptography for Cybersecurity (3Q, 2-0-0), Cybersecurity Governance (3Q, 1-1-0), Attack and Defense on Cybersecurity I (2Q, 1-1-0), Attack and Defense on Cybersecurity II (3Q, 1-1-0), and Attack and Defense on Cybersecurity III (4Q, 1-1-0).
This course is one of the core courses in this minor. Students will understand various attacks to Web application and their countermeasures. Also they study the fundamentals of secure system development and operation. In addition, the students study the basic forensic methodology and techniques.
Student learning outcomes
By the end of this course, students will be able to understand:
1) the topics to build secure Web application, and
2) the right forensic and investigation.
Keywords
Web application security, computer forensic
Competencies that will be developed
| ✔ Specialist skills | Intercultural skills | Communication skills | ✔ Critical thinking skills | ✔ Practical and/or problem-solving skills |
Class flow
The class offers a standard-type of lecture and also hands-on exercise related to the topic.
Course schedule/Required learning
| Course schedule | Required learning | |
|---|---|---|
| Class 1 | Orientation, Web Application Security Fundamentals | Understand the notion of web application security. |
| Class 2 | Input/Output Validation (XSS, SQL injection, Directly Traversal, OS Command Injection) | Understand the notion of input/output validation. |
| Class 3 | User Authentication (Account Hacking, Brute Force, Password Reminder) | Understand user authentication. |
| Class 4 | Session Management (Session Hijacking, Session Fixation) | Understand the notion of session management. |
| Class 5 | Access Control (Privileges Escalation, Spoofing) | Understand the notion of access control. |
| Class 6 | Web Application Development and Security | Understand the development of web application. |
| Class 7 | Computer Forensic Overview | Understand the notion of computer forensic. |
| Class 8 | File System Fundamentals (File Structure, Binary Data, File System, FAT, NTFS, Disc Images, Encryption) | Understand the notion of file system. |
| Class 9 | Memory Forensic Fundamentals (Memory, Process, Library, Process Management Objects, Memory Images) | Understand the notion of Memory Forensic |
| Class 10 | Windows Artifact Analysis Fundamentals | Understand Windows artifact. |
| Class 11 | File Carving Fundamentals (Restoring Deleted File, Restore Functions) | Understand the notion of file carving. |
| Class 12 | Anti-Forensic (Anti-Forensic Concept, rootkit, Timestamps) | Understand the notion of anti-forensic. |
| Class 13 | Forensic Tools Fundamentals (Forensic Tools, IOC) | Understand forensic tools. |
| Class 14 | Malware Analysis Fundamentals (Malware overview, Malware Analysis Techniques) | Understand malware analysis. |
| Class 15 | Workshop | Summarizing what you have learned on cybersecurity. |
Textbook(s)
None.
Reference books, course materials, etc.
Secure Eggs Series “Forensic” and “Web Application Security” (NRI SecureTechnologies)
Assessment criteria and methods
The evaluation consists of two exams as homework assignments during the course. Instructors also give exercises in the classes.
Related courses
- XCO.T473 : Foundation of Cybersecurity
- XCO.T474 : Theory of Cryptography for Cybersecurity
- XCO.T478 : Cybersecurity Governance
- XCO.T475 : Attack and Defense on Cybersecurity I
- XCO.T476 : Attack and Defense on Cybersecurity II
Prerequisites (i.e., required knowledge, skills, courses, etc.)
Students must have successfully completed Attack and Defense on Cybersecurity I (XCO.T475), or have equivalent knowledge.
Contact information (e-mail and phone) Notice : Please replace from "[at]" to "@"(half-width character).
keisuke[at]is.titech.ac.jp
Office hours
Appointment by e-mail is required.
