Understanding the fundamentals helps you apply new techniques in novel ways.

The labs in this category acquaint you with technologies that form the basis of cybersecurity, including encryption, exploit techniques, anomaly detection, and networking. You will use these enabling technologies throughout other CYRIN labs, exercises, and attack scenarios, as well as in your career at large.

The labs in this category assume basic knowledge of Windows and Linux systems, sufficient to use a command line / terminal and text editor. The Getting Started with CYRIN lab can help you with these prerequisites.

The Fundamentals of Cryptography

Students will learn the basics of cryptography, the science of encryption or the "hiding of information".  Cryptography is the underpinnings of data security and privacy in the modern world.   The lab begins with historical cryptographic techniques and progresses to modern digital cryptography.  Topics covered include substitution codes, symmetric and asymmetric key cryptographic systems, and steganography (the hiding of messages in seemingly innocuous images, video, audio or text files). Applications of cryptographic techniques in blockchains, password security, and data integrity are also explored.

Prerequisites

The Getting Started with CYRIN lab for a basic understanding of Linux and the Linux command line.  

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Educational Lab

Buffer Overflow Attacks and Defenses

Buffer overflow is a software bug (vulnerability) that can be exploited by attackers to gain unauthorized access to systems.  It is one of the best known software security vulnerabilities and still remains fairly common.

A buffer overflow happens when a program writes more data to a data structure, such as a string or array, than the memory allocated to that structure can hold.  The data that does not fit into the structure "overflows" into surrounding memory and corrupts adjacent memory structures.  An attacker can take advantage of this to insert and run malicious code.

Students will learn how memory is organized in a running program and then learn to craft an exploit that takes advantage of a buffer overflow bug in a vulnerable program.  Successful exploitation of the vulnerability will give them root (super user) access to the system.  

Students will also learn about programming practices that can reduce the likelihood of buffer overflow bugs,  operating system protections the can make it harder for attackers to exploit such bugs, and ways in which these attacks can be detected.

Prerequisites

Some familiarity with the Linux command line and file permissions.

Basic programming language concepts.

Expected Duration

2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.

Educational Lab