Computer Science 561 - System Defense and Test

This class trains students to detect and analyze weaknesses and vulnerabilities in target systems as a method of assessing the security of a system. Such techniques have various names, including penetration testing and ethical hacking. We focus on tools and techniques that an attacker would employ but from the perspective of an ethical system administrator. Broad topics include: tools and techniques for penetration testing and attacks, information gathering, social engineering, and defenses. Specific topics include malware, denial-of-service attacks, man-in-the-middle (MITM) attacks, SQL injection, buffer overflow, session hijacking, and system hacking, network sniffing and scans, wireless encryption weaknesses and other Wi-Fi issues, IDS/Firewall evasion, Metasploit tools, physical security, and setting up honeypots.

Open to junior and senior Computer Science students who have completed COMPSCI 460 (or COMPSCI 560 or 660) and COMPSCI 453 with a grade of C or better. WAS COMPSCI 590A. LECT 01 FOR UNDERGRADS; LECT 02 FOR GRADS. MS-ECE STUDENTS MAY ENROLL IN THE UNIVERSITY -02 SECTION BUT NOT THE UWW SECTION. THE FACULTY SENATE HAS APPROVED AN UNDERGRADUATE PREREQUISITE CHANGE FOR THE SPRING 2022 OFFERING, REQUIRING COMPSCI 453 WITH A GRADE OF C OR BETTER IN ADDITION TO THE CURRENT PREREQUISITE. CSENG MAJORS WITH APPROPRIATE BACKGROUND WITH INSTRUCTOR PERMISSION, IF AVAILABLE SEATS. STUDENTS NEEDING SPECIAL PERMISSION MUST REQUEST OVERRIDES VIA THE ON-LINE FORM: https://www.cics.umass.edu/overrides.