University of Cincinnati Logo

20-CS-6056 - Security Vulnerability Assessment
Electrical Engineering & Computer Science

Learning Objectives
Knowledge and Comprehension
  1. How to disclose a security vulnerability in an ethical fashion
  2. Vulnerability reporting policy considerations
  3. Legal doctrines affecting vulnerability reporting
  4. A variety of software, and OS vulnerabilities
  5. Network and protocol vulnerabilities
  6. Various side-channel attacks and their effectiveness, plus countermeasures
  7. Human factors that affect vulnerability
  8. Password and key management
  9. Examples of fraud in E-commerce
  10. Vulnerabilities in Digital Rights Management technologies
  1. Remove race conditions from code that has at least one
  2. Analyze a KDC protocol for attacks
  3. Determine whether a piece of code has a buffer overflow vulnerability
  4. Determine an exponent from a given exponentiation algorithm implementation, given timing data
  5. Recover at least one key bit from a smart card by inducing faults
  6. Design a Return Oriented Programming attack on code that is vulnerable to buffer overflow
Paul Erdos
Ladies on Campus
Oscar Robinson