Computer Science 590A - System Defense and Test

This class trains students to detect and analyze weaknesses and vulnerabilities in target systems as a method of assessing the security of a system. We focus on tools and techniques that an attacker would employ but from the perspective of an ethical system administrator. Topics include tools and techniques for penetration testing and attacks, information gathering, social engineering, and defenses. Specific topics include malware, denial of service attacks, SQL injection, buffer overflow, session hijacking, and system hacking, network sniffing and scans, wireless encryption weaknesses and other WiFi issues, IDS/firewall evasion, metasploit tools, physical security, and setting up honeypots. This course counts as a CS Elective toward the CS major (BA or BS).

Open to junior and senior Computer Science students who have completed COMPSCI 460 (or COMPSCI 597N or 660) with a grade of C or better. WAS INFOSEC 690S. LECT 01 FOR UNDERGRADS; LECT 02 FOR GRADS. PROPOSAL TO ADD PREREQUISITE IN PROGRESS. SENIOR AND JUNIOR CS MAJORS WITH COMPSCI 460 (OR COMPSCI 597N OR COMPSCI 660) WITH A GRADE OF C OR BETTER ARE ELIGIBLE. CSENG MAJORS WITH APPROPRIATE BACKGROUND WITH INSTRUCTOR PERMISSION, IF AVAILABLE SEATS. STUDENTS NEEDING SPECIAL PERMISSION MUST REQUEST OVERRIDES VIA THE ON-LINE FORM: https://www.cics.umass.edu/overrides.