Computer Security: A Hands-On Approach

This book is for students, computer scientists, computer engineers, programmers, software developers, network and system administrators, and others who want to learn the principles of computer security and understand how various security attacks and countermeasures work. Equipped with the knowledge from this book, readers will be able to design and implement software systems and applications that are secure against attacks. They will also be able to evaluate the risks faced by computer and network systems, detect common vulnerabilities in software, use proper methods to protect their systems and networks, and more importantly, apply the learned security principles to solve real-world problems.

The author strongly believes in "learning by doing", so the book takes a hands-on approach. For each security principle, the book uses a series of hands-on activities to help explain the principle; readers can "touch", play with, and experiment with the principle, instead of just reading about it. For instance, if a security principle involves an attack, the book guides readers to actually launch the attack (in a contained environment). If a principle involves a security mechanism, such as firewall or Virtual Private Network (VPN), the book guides readers to implement a mini-firewall or mini-VPN. Readers can learn better from such hands-on activities.

All the hands-on activities are conducted in a virtual machine image provided by the author. They can be downloaded from this URL: http://www.cis.syr.edu/~wedu/seed/. Everything needed for the activities have already been set up; readers just need to download the VM (free), launch it using VirtualBox, and they can immediately work on the activities covered in the book. This book is based on the Ubuntu12.04 VM image. The author will regularly upgrade the VM image in every few years.

Most of the activities in the book are based on the author's SEED labs, which are widely used by instructors all over the world. These labs are the results of 15 years' research, development, and testing efforts conducted by the author and his students in a project called SEED, which has been funded by the National Science Foundation since 2002.