Course Description
This course introduces the core concepts of secure system design, integrating key cybersecurity principles with trusted computing technologies such as Intel SGX and AMD SEV. Students will explore topics such as network and system protection, attack surfaces, cryptography, authentication, network hardening, and access control, helping them analyze threats and develop secure solutions. The course further examines trusted computing approaches, demonstrating how these technologies can protect data, enable dependable computation, and foster user trust and confidence. By studying threats such as malware, phishing, and network-based attacks alongside corresponding defense strategies, students will build both conceptual understanding and practical skills for securing modern computing environments.
Course Objectives: The objectives of this course are
- Understand the principles of secure computing and explain the importance of securing modern computing systems and digital infrastructure
- Analyze system vulnerabilities and attack surfaces to understand how security weaknesses arise in real-world systems
- Apply core security mechanisms to secure a digital system, considering security risks during system development and deployment
- Understand Trusted Computing Technologies, such as Intel SGX, to develop secure environments against cyber threats and build user trust
- Learn the hands-on usage of various security tools like Nessus Scanner, Shell Scripting, NMAP, tcpdump, to analyze and detect system anomalies and vulnerabilities
Course Outcomes: Upon Successful completion of this course, students will be able to:
- CO1 : Use different cybersecurity tools to analyse system data and detect vulnerabilities and anomalies inside a computing environment.
- CO2 : Apply concepts and principles of Secure and Trusted Computing to design systems that are secure against modern-day cyberattacks and that gain user trust in new systems.
- CO3 : Design a simple, secure infrastructure based on a popular operating system, such as Linux, to demonstrate how secure systems work by incorporating concepts and tools learned from this course.
Informations
- Credit Hours : 03
- Type: Core
- Prerequisites: None
- Faculty Name: Muhammad Shafayat Oshman (Initial: MUO)
- Office Room: SAC1181
- Consultation Hours: By Email Appointment
- Email: muhammad.oshman@northsouth.edu
- Lectures - 3 Hours/week
- Class timing:
- Section 1 - MW 4:20 PM - 5:50 PM - SAC204
Topics to be covered
- Introduction to Secure System Design
- Core Security Principles for Computing Systems
- Cyber Threat Actors and Threat Modeling
- Networking Fundamentals for Security
- Internet Protocols
- Network Hardening
- Network Randomization
- Network Protocol for IoT and Edge Devices
- Cryptography Principles for Secure Encryption
- Cyber Attack Methodologies
- Attack Surface
- Attack Variations
- Cloud Security vs On-Premise Security
- Access Control and Application Security
- Digital Defense Strategies
- Firewalls
- Authentication, Authorization and Access Control
- API and Endpoint Security
- Security Policy Management & Governance
- Trusted Computing and Emerging Attacks
- Zero-Day Threats
- Threat Modelling for Emerging Attacks
- Hardware-assisted Security
- Usability in Security Applications
- Security Metrics and Evaluation
Info: This list is not exhaustive. Inclusion and Omission of topic(s) will be made where deemed fit
Resources
Text Books :
- Computer Security and the Internet: Tools and Jewels from Malware to Bitcoin by Dr. Paul Van Oorschot (2nd Edition)
- Network Security Essentials: Applications and Standards by William Stallings (6th Edition)
- Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software by Michael Sikorski and Andrew Honi (1st Edition)
Course Slides :
Any and all course materials and announcements will be posted in Canvas.
Marking Scheme
| Assessment Tools | Weightage (%) |
|---|---|
| Assignments (Written + Viva) | 20 |
| Paper Reading and Presentation | 10 |
| Quiz | 10 |
| Mid-term | 20 |
| Final | 25 |
| Project | 15 |
| 100 |
Info: The Course Instructor/Faculty reserves full right to modify the marking scheme at any point in the semester as deemed necessary.
Grading policy
As per NSU grading policy available in http://www.northsouth.edu/academic/grading-policy.html
Course Policies
- Be good and follow university policies. Any breach of university policies will be reported to the Department, Proctor Office and University Syndicate for further actions. Any additional directions will be updated as we proceed through the course.
- Plagiarism is strictly prohibited. Plagiarism can be defined as "presenting someone else's work or ideas as your own, with or without their consent, by incorporating it into your work without full acknowledgement." First offense of plagiarism will result in losing the entire marks of the assignment/exam where plagiarism is detected. Second offense will result in awarding the student an F grade for the entire course.
- Attendance is not mandatory, hence you may choose to skip classes if you wish to. However, if you do decide to come to the class, please make sure you are adhering to class etiquettes: do not talk to anyone except the instructor, eat or drink or use any device such as mobile or laptops. In case of emergency, please ask permission from the instructor before leaving the classroom.
- Assignments won't be accepted after deadline.
- No make-up quiz, mid or final will be held except for valid medical reasons, in which case the student must present medical documents as proof.
- Sharing assignment or quiz specifications or posting them online (to sites like Chegg, CourseHero etc.) is considered academic misconduct. You are never permitted to post, share, or upload course materials without explicit permission from your instructor.
- If you are ever in doubt about anything, consult with instructor.