You are in the Security Teaching Lab preparing your CS4238 Computer Security Practice assignment with your teammate. Your team is carrying out vulnerability scanning on another team’s server, and to your surprise, you discover a number of vulnerabilities with just the basic tools. You immediately realise that your team’s system must be fortified because it has the same underlying configuration. While fixing the problem, your teammates suggest that you all join NUS Greyhats to participate in an upcoming Capture-the-Flag competition. You will have to decide later because you need to get to your next class, CS4236 Cryptography Theory and Practice, to give a presentation about an attack on Bitcoin mining-pools. The concepts behind the attack are tough, and you spent a lot of time working slides, so you’re satisfied when your classmates seem impressed. Later, as you are reading materials on legal analysis and the case of Charles vs Public Prosecutor for IFS4101 Legal Aspects of Information Security, you realise that, although the language used in legal writing is different than computer source code, logic is universal. The common foyer that you are studying in is becoming quite noisy due to preparations for this evening’s STePS. This reminds you not to miss your friend’s cool CS3235 Computer Security project demonstration on how keyboard keystrokes can be sniffed through their electromagnetic emanations. Your train of thought is interrupted by your ringing phone. It’s Ah Kong. He accidentally clicked on a link in a spam email and is worried that it has downloaded something into his computer. “Well, this is the duty of being the security expert in the family”, you muse.
Sampler of Modules
CS2107 Introduction to Information Security
Should you proceed when you receive an “untrusted certificate” alert? Are there unbreakable codes? How are human vulnerabilities exploited in social engineering attacks? Learn the basics of IT security.
CS3235 Computer Security
Gain a broad understanding of security elements such as intrusion detection, e-mail security, and application, system and network security. Develop invaluable security technical skills and knowledge.
IS4231 Information Security Management
Effective cyber security is about risk management. You have to identify and prioritize the information assets that are valuable to your organization, then identify and rank the threats to those assets. Only then are you able to select the appropriate ways to defend those assets from being compromised.
CS4236 Cryptography Theory and Practice
Is it true that mobile call signals recorded from thin air can be decrypted? Discover the principles and concepts behind cryptology (think The Imitation Game!) and the design of secure communication systems.
IFS4101 Legal Aspects of Information Security
What can an “electronic” signature certify? Are SPAM emails legal? Can a tuition centre share your email address with another centre? Learn how information security shapes laws from an NUS Law professor.
What You Could Be
Forensic Investigator at Visa
Computer Security Researcher at Defence Science Organisation (DSO)
Cyber Analyst at OCBC
Malware Analyst at Symantec
Security Consultant at IBM
Security Software Engineer at Centre for Strategic Infocomm Technologies (CSIT)