ENG EC521 – Cybersecurity

Boston University
ECE Department
EC 521 Cybersecurity

Syllabus
Description: The objective of this course is to provide a wholistic, and yet technically deep, examination of security related to computers and computer networks. The course exposes students to adversarial thinking and puts special emphasis on offensive techniques used for penetration testing, based on the Kali Linux distribution. The course describes the underlying foundations of popular penetration tools, practical use of these tools, and mitigating solutions against attacks launched with these tools. The course starts with an introduction to the legal and ethical aspects of penetration testing. Then it thoroughly covers information gathering and mapping techniques used for discovering internal structures and potential vulnerabilities of computer networks. Versatile tools for service enumeration, traffic sniffing, and port scanning are studied in detail. Next, the course teaches techniques used for network penetration, including shell coding and buffer overflow, privilege escalation through password cracking and man-in-the-middle attacks, Web attack vectors, such as SQL injection, and exploits. Throughout the course, the critical role played by social engineering, both through the information gathering and exploitation processes, is stressed. The courses culminates with a project in which students, divided into different groups, design a tutorial and present the use of a popular penetration tool, together with an explanation of its operating principles

Expected outcomes: As an outcome of completing this course, it is expected that students will

  1. Understand the various elements that comprise a cyber attack.
  2. Learn the fundamental principles of cybersecurity and penetration testing and their legal and ethical implications.
  3. Learn fundamental elements of operating systems and networking protocols relevant to security.
  4. Be familiar with the implementation of various cyber attacks.
  5. Be able to defend against cyber attacks.

Tentative schedule:

Lecture 1: Course logistics and objectives. Diagnostic exam.
Lecture 2: Law and ethics. Fundamental principles of cybersecurity.
Lecture 3: Introduction to laboratory set-up.
Lecture 4: Social engineering & psychology-based attacks.
Lecture 5: Social engineering software tools. Google hacking.
Lecture 6: Application layer networking: HTTP, SMTP, FTP, DNS.
Lecture 7: Transport, network, and link layers networking: TCP/IP, NAT, ARP.
Lecture 8: Introduction to bash programming and networking tools (netcat, socket programming)
Lecture 9: Information gathering networking tools: wireshark, nslookup, and nmap.
Lecture 10: Network attack lab.
Lecture 11: Linux file system and access control.
Lecture 12: Linux access control lab.
Lecture 13: Password cracking lab.
Lecture 14: Mid-term exam.
Lecture 15: Introduction to SQL.
Lecture 16: SQL injection lab.
Lecture 17: Introduction to exploits.
Lecture 18: Metasploit lab.
Lecture 19: Shellcoding.
Lecture 20: Shellcoding lab.
Lecture 21: Defenses: intrusion detection, firewalls, logs.
Lecture 22: Intrusion detection lab (snort).
Lecture 23: Introduction to Wi-Fi security.
Lecture 24: WEP and WPA cracking.
Lecture 25: WPA cracking lab.
Lecture 26-28: Project presentations.