▶Japanese
Post to SNS
- Home
- > School of Computing
- > School of Computing
- > Attack and Defense on Cybersecurity II
- School of Science
-
School of Engineering
- Undergraduate major in Mechanical Engineering
- Undergraduate major in Systems and Control Engineering
- Undergraduate major in Electrical and Electronic Engineering
- Undergraduate major in Information and Communications Engineering
- Undergraduate major in Industrial Engineering and Economics
- Common courses
- School of Materials and Chemical Technology
- School of Computing
- School of Life Science and Technology
- School of Environment and Society
- 工学院,物質理工学院,環境・社会理工学院共通科目
- Liberal arts and basic science courses
- First-Year Courses
- School of Science
- School of Engineering
- School of Materials and Chemical Technology
- School of Computing
- School of Life Science and Technology
-
School of Environment and Society
- Department of Architecture and Building Engineering
- Department of Civil and Environmental Engineering
- Department of Transdisciplinary Science and Engineering
- Department of Social and Human Sciences
- Department of Innovation Science
- Graduate major in Technology and Innovation Management
- Common courses
- Liberal arts and basic science courses
- Academic unit or major
- School of Computing
- Instructor(s)
- Tanaka Keisuke Fukumoto Yoshinari Ishii Masahiro
- Class Format
- Lecture / Exercise (Face-to-face)
- Media-enhanced courses
- Day/Period(Room No.)
- Intensive ()
- Group
- -
- Course number
- XCO.T476
- Credits
- 2
- Academic year
- 2024
- Offered quarter
- 2-3Q
- Syllabus updated
- 2024/3/28
- Lecture notes updated
- -
- Language used
- Japanese
- Access Index
-
Course description and aims
Cybersecurity is important for our daily lives including various types of activities. There is a growing demand for students who can be researchers and engineers capable of understanding cybersecurity. In order to satisfy this demand, Tokyo Tech has launched Progressive Graduate Minor in Cybersecurity in April 2016. We design the curriculum of Progressive Graduate Minor in Cybersecurity in collaboration with NRI as the core, also with Rakuten, NTT, AIST, and NISC. The following six courses are organized in School of Computing: Foundation of Cybersecurity (1Q, 2-0-0), Theory of Cryptography for Cybersecurity (3Q, 2-0-0), Cybersecurity Governance (4Q, 1-1-0), Attack and Defense on Cybersecurity I (2Q, 1-1-0), Attack and Defense on Cybersecurity II (2-3Q, 1-1-0), and Attack and Defense on Cybersecurity III (4Q, 1-1-0).
This course is one of the core courses in this minor and focuses on web security and digital forensics, the most important elements of cybersecurity. For web security, the class covers vulnerabilities (e.g. SQL injection) and demonstration of offensive techniques in web application. For digital forensics, it covers the importance of artifact analysis and how to apply the techniques to security incident investigation. The students will acquire practical knowledge and skills from an attack and defense perspective in cybersecurity.
Student learning outcomes
By the end of this course, students will be able to understand:
1) Vulnerabilities, offensive techniques, and countermeasures for web security
2) Fundamentals of digital forensics and artifact analysis approaches
3) The tools used in web security and digital forensics
Keywords
cybersecurity, network, software, programming, web application, digital forensics, artifact
Competencies that will be developed
| ✔ Specialist skills | Intercultural skills | ✔ Communication skills | ✔ Critical thinking skills | ✔ Practical and/or problem-solving skills |
Class flow
The class offers a standard type and a hands-on exercise style of lecture.
Course schedule/Required learning
| Course schedule | Required learning | |
|---|---|---|
| Class 1 | The overview of cybersecurity, and the review of pre-work. | Understand the core concepts of cybersecurity, web security, and digital forensics. |
| Class 2 | Overview of web security | Understand the core concepts of of web security and OWASP Top 10. |
| Class 3 | Hands-on web application vulnerability fundamentals (1) | Understand the core concepts of cross-site scripting vulnerabilities, attack techniques, and countermeasures. |
| Class 4 | Hands-on web application vulnerability fundamentals (2) | Understand the core concepts of SQL injection, attack techniques, and countermeasures. |
| Class 5 | Hands-on web application vulnerability fundamentals (3) | Understand the core concepts of vulnerabilities rel ated to authentication and authorization, attack techniques, and countermeasures. |
| Class 6 | Practical exercise of web security | Understand the vulnerability assessment approach by testing web applications. |
| Class 7 | Introduction of enterprise security | Understand security measures, implementation, and operation in a real world environment. |
| Class 8 | Overview of digital forensics and artifacts | Understand the core concepts of digital forensics and artifacts. |
| Class 9 | Insight and analysis into artifacts (1) | Understand the USN journal, which is an important artifact. |
| Class 10 | Insight and analysis into artifacts (2) | Understand the RDP bitmap cache, which is an important artifact. |
| Class 11 | Insight and analysis into artifacts (3) | Understand the SRUM, which is an important artifact. |
| Class 12 | Practical exercise of digital forensics | Understand the incident i nvestigation approach by analyzing artifacts. |
| Class 13 | Follow-up session (1) | Understand web security or digital forensics by working on tasks. |
| Class 14 | Follow-up session (2) | Understand web security or digital forensics by working on tasks. |
Textbook(s)
Textbooks will be used in this course.
Reference books, course materials, etc.
References will be announced in classes.
Assessment criteria and methods
The evaluation consists of the exercises solved in the classes.
Related courses
- XCO.T473 : Foundation of Cybersecurity
- XCO.T474 : Theory of Cryptography for Cybersecurity
- XCO.T478 : Cybersecurity Governance
- XCO.T475 : Attack and Defense on Cybersecurity I
- XCO.T477 : Attack and Defense on Cybersecurity III
Prerequisites (i.e., required knowledge, skills, courses, etc.)
Students must have successfully completed Attack and Defense on Cybersecurity I (XCO.T475), or have equivalent knowledge.
Contact information (e-mail and phone) Notice : Please replace from "[at]" to "@"(half-width character).
keisuke[at]is.titech.ac.jp
Office hours
Appointment by e-mail is required.
