Web Security: A Hands-on Approach
What you'll learn
- Understand the common security problems in web applications
- Understand the security aspects of the web technologies
- Gain hands-on experiences from the labs (SEED Labs) developed by the instructor
- Learn web applications can be attached and how to defend against those attacks
- Have some basic programming background
As the web has become more and more ubiquitous, the number of attacks on web applications have increased substantially. In this course, we systematically study the security problems in the web, including the security mechanisms implemented in the browse and server sides. We study several well-known attacks against web applications, such as cross-site request forgery, cross-site scripting, SQL injection, and clickjacking attacks. We also study how we can defend against these attacks when developing web applications.
The attacks are covered in this course with great technical details. The course won't just teach students the high-level concepts and theories. It would dive into the low-level technical details and fundamentals, so students can fully understand how exactly things work, and gain the knowledge in depth.
The course emphasizes hands-on learning. For each attack covered, students not only learn how the attack works in theory, they also learn how to actually conduct the attack, in a contained virtual machine and container environment. The hands-on exercises developed by the instructor are called SEED labs, and they are being used by over 1000 institutes worldwide. The course is based on the textbook written by the instructor. The book, titled "Computer & Internet Security: A Hands-on Approach, 2nd Edition", has been adopted by over 210 universities and colleges worldwide.
Who this course is for:
- Anybody who is interested in ethical hacking
- Anybody who is interested in learning how web applications can be attached and how to protect them
- Anybody who is interested in web technologies
Dr. Wenliang (Kevin) Du is the Laura J. and L. Douglas Meredith Professor of Teaching Excellence at Syracuse University. He got his PhD degree from Purdue University. He is currently a full professor (tenure track), teaching computer security for over 20 years. He promotes experiential learning in cybersecurity education. To provide students with hands-on experiences, funded by multiple grants from the National Science Foundation and over a period of 20 years, he has developed over 40 labs (called SEED labs). These labs are now being used by over 1000 universities, colleges, and high schools in 65 countries. He wrote a popular textbook on cybersecurity, which has been adopted by over 237 schools worldwide.
In 2010, his SEED project was highlighted by the National Science Foundation in a report sent to the Congress. The report highlights "17 projects that represent cutting-edge creativity in undergraduate STEM classes nationwide". Due to the impact of the SEED labs, he received the "2017 Academic Leadership" award from the 21st Colloquium for Information System Security Education. In 2019, Syracuse University bestowed upon him the Meredith Professorship, the university's most prestigious honor for teaching excellence.