Unit 8: Malicious Software and Software Security
In this unit, we will explore malicious software, also known as malware. We will also study common software security issues such as buffer overflow, used by several malware to exploit systems' vulnerability. At the end of the unit, we will learn how to use these malware and other security attacks to carry out information warfare.
Completing this unit should take you approximately 8 hours.
8.1: Malicious Web
Watch this video to learn about how malicious actors leverage legitimate websites for the delivery of attacks that target vulnerabilities in client-side software.
8.2: Internet Security Issues
Watch this video to learn about security issues on the Internet, and what could have been done differently had we realized this was going to be the global information exchange infrastructure of the 21st century.
8.3: Types of Internet Security Issues
Read this page. While you read, try to explain the modes of DoS attacks, such as consumption of scarce resources, configuration information alternation, and physical destruction. For DDoS attacks, describe the tools that are used for DDoS, why the DDoS attacks are possible, and the protocol vulnerabilities that are used in DDoS attacks.
8.4: Secure Coding
Read this page. After you read, describe the top 10 best practices for secure coding and describe the principles for secure coding (e.g., separation of duties, least privilege).
8.5: Electronic and Information Warfare
Read this chapter. After you read, describe the different attacks on communication systems and how one could use these attacks to carry out information warfare (in particular, based on the interaction between civil and military uses).