Description
As the web has become more and more ubiquitous, the number of attacks on web applications have increased substantially. In this course, we systematically study the security problems in the web, including the security mechanisms implemented in the browse and server sides. We study several well-known attacks against web applications, such as cross-site request forgery, cross-site scripting, SQL injection, and clickjacking attacks. We also study how we can defend against these attacks when developing web applications.
The attacks are covered in this course with great technical details. The course won’t just teach students the high-level concepts and theories. It would dive into the low-level technical details and fundamentals, so students can fully understand how exactly things work, and gain the knowledge in depth.
The course emphasizes hands-on learning. For each attack covered, students not only learn how the attack works in theory, they also learn how to actually conduct the attack, in a contained virtual machine and container environment. The hands-on exercises developed by the instructor are called SEED labs, and they are being used by over 1000 institutes worldwide. The course is based on the textbook written by the instructor. The book, titled “Computer & Internet Security: A Hands-on Approach, 2nd Edition”, has been adopted by over 210 universities and colleges worldwide.