Basic Cybersecurity Programming

This course introduces the cybersecurity-centric programming and networking concepts. Students will develop problem solving skills by using low-level programming languages (including C and assembly) and learn fundamentals of network protocols. This course is the technical base for students to take cybersecurity major courses.

  • Programming Fundamentals
  • Understanding basic programming concepts (variables, data types, operators, control flow)
  • Familiarity with basic syntax and structure of programming languages (e.g., Python, C, Java)
  • Knowledge of functions, loops, and conditionals to control program flow
  • Understanding data structures (e.g., arrays, lists, dictionaries, sets) and their use in security programs
  • Secure Coding Practices
  • Writing secure code by identifying and avoiding common vulnerabilities (e.g., buffer overflows, input validation issues)
  • Ensuring proper input validation to prevent SQL injection, cross-site scripting (XSS), and command injection
  • Using parameterized queries and prepared statements to prevent SQL injection
  • Implementing output encoding to avoid XSS and other injection attacks
  • Proper error handling to avoid information leakage through error messages
  • Cryptography and Encryption
  • Understanding basic encryption algorithms (e.g., AES, RSA, DES)
  • Implementing symmetric and asymmetric encryption in code
  • Understanding the difference between hashing (e.g., SHA-256) and encryption
  • Using cryptographic libraries to implement encryption in applications (e.g., OpenSSL, PyCryptodome)
  • Implementing password hashing using strong hashing algorithms (e.g., bcrypt, Argon2)
  • Network Security Programming
  • Writing programs for network communication using protocols like TCP/IP and UDP
  • Using sockets in programming to establish secure communication (e.g., in Python or C)
  • Implementing SSL/TLS encryption for securing data in transit
  • Writing code to detect and prevent MITM (Man-in-the-Middle) attacks
  • Creating network monitoring tools to detect vulnerabilities or threats in network traffic