2022 Faculty Courses School of Computing Major courses
Attack and Defense on Cybersecurity II
- Academic unit or major
- Major courses
- Instructor(s)
- Keisuke Tanaka / Yoshinari Fukumoto / / Yuta Yamate
- Class Format
- Lecture/Exercise (Face-to-face)
- Media-enhanced courses
- -
- Day of week/Period
(Classrooms) - Intensive
- Class
- -
- Course Code
- XCO.T476
- Number of credits
- 110
- Course offered
- 2022
- Offered quarter
- 2-3Q
- Syllabus updated
- Jul 10, 2025
- Language
- English
Syllabus
Course overview and goals
Cybersecurity is important for our daily lives including various types of activities. There is a growing demand for students who can be researchers and engineers capable of understanding cybersecurity.
In order to satisfy this demand, Tokyo Tech has launched Progressive Graduate Minor in Cybersecurity in April 2016. We design the curriculum of Progressive Graduate Minor in Cybersecurity in collaboration with NRI as the core, also with Rakuten, NTT, AIST, and NISC. The following six courses are organized in School of Computing: Foundation of Cybersecurity (1Q, 2-0-0), Theory of Cryptography for Cybersecurity (3Q, 2-0-0), Cybersecurity Governance (3Q, 1-1-0), Attack and Defense on Cybersecurity I (2Q, 1-1-0), Attack and Defense on Cybersecurity II (3Q, 1-1-0), and Attack and Defense on Cybersecurity III (4Q, 1-1-0).
This course is one of the core courses in this minor and focuses on web security, one of the most important elements of cybersecurity. In particular, we first focus on OWASP Top 10, which represents a broad consensus about the most critical security risks to web applications. Then, based on it, the students will acquire practical knowledge on the attack and the defence on web security.
Course description and aims
By the end of this course, students will be able to understand:
1) the overview of web security
2) the primitives of web security
3) the tools used in web security.
Keywords
security, information security, cybersecurity, cryptography, network, software, programming, web application
Competencies
- Specialist skills
- Intercultural skills
- Communication skills
- Critical thinking skills
- Practical and/or problem-solving skills
Class flow
The class offers a standard type and a hands-on exercise style of lecture.
Course schedule/Objectives
| Course schedule | Objectives | |
|---|---|---|
| Class 1 | The overview of this course, the overview of web security, and the introduction to OWASP Top Ten Project. | Understand the notions on web security. |
| Class 2 | Top 1 to 3 of OWASP TOP 10 2013 | Understand the schemes of attack on web applications. |
| Class 3 | Top 4 to 6 of OWASP TOP 10 2013 | Understand the schemes of attack on web applications. |
| Class 4 | Top 7 to 10 of OWASP TOP 10 2013 | Understand the schemes of attack on web applications. |
| Class 5 | Introduction to OWASP Broken Web Applications Project. | Understand the schemes of attack and defense on web applications. |
| Class 6 | Hands-on training for OWASP Broken Web Applications 1 | Understand the schemes of attack and defense on web applications. |
| Class 7 | Hands-on training for OWASP Broken Web Applications 2 | Understand the schemes of attack and defense on web applications. |
| Class 8 | Hands-on training for OWASP Broken Web Applications 3 | Understand the schemes of attack and defense on web applications. |
| Class 9 | Hands-on training for local proxy | Understand the local proxy. |
| Class 10 | Hands-on training for the HTTP protocol | Understand the HTTP protocol. |
| Class 11 | Practical problems in cybersecurity | Understand the practical problems in cybersecurity. |
| Class 12 | Hands-on hacking training 1 | Understand the schemes of attack and defense. |
| Class 13 | Hands-on hacking training 2 | Understand the schemes of attack and defense. |
| Class 14 | Hands-on hacking training 3 | Understand the schemes of attack and defense. |
Study advice (preparation and review)
To enhance effective learning, students are encouraged to spend approximately 100 minutes preparing for class and another 100 minutes reviewing class content afterwards (including assignments) for each class.
They should do so by referring to textbooks and other course material.
Textbook(s)
Textbooks will be used in this course.
Reference books, course materials, etc.
References will be announced in classes.
Evaluation methods and criteria
The evaluation consists of the exercises solved in the classes.
Related courses
- XCO.T473 : Foundation of Cybersecurity
- XCO.T474 : Theory of Cryptography for Cybersecurity
- XCO.T478 : Cybersecurity Governance
- XCO.T475 : Attack and Defense on Cybersecurity I
- XCO.T477 : Attack and Defense on Cybersecurity III
Prerequisites
Students must have successfully completed Attack and Defense on Cybersecurity I (XCO.T475), or have equivalent knowledge.
Contact information (e-mail and phone) Notice : Please replace from ”[at]” to ”@”(half-width character).
keisuke[at]is.titech.ac.jp
Office hours
Appointment by e-mail is required.