The topics to be covered includes Access control and information flow (formal models and systems). System security analysis; Attack graph, Attach trees, Attack countermeasures trees, defense trees, attack-defense trees, and covert channels. Security metrics; risk metric, attack success probability metric. Economic metrics; return on investments, Return on attacks, security costs, etc. Secure software development; security assurance and evaluation. Vulnerabilities and attack patterns; analysis and detection. Operating systems security; hardware protection, privileges, I/O protection, virtualization. Applied cryptography. Host-based and network-based security. Privacy. Anonymity. Usability. Security economics. Policy formation. Controls and protection methods. Threat models (e.g., STRIDE) and attacks models (MITRE ATT&CK, Cyber Kill Chain) eg.Techniques for achieving security. Operating systems security. Capabilities. Information flow control. Language security. Network protocols. Hardware security. Security in web applications.
- Teacher: Hafsat Suleiman Jalo