Syllabus

Course overview, outcomes, grading, and logistics

Course

SCIA 360 — Operating System Security

Instructor: Dr. Zhijiang Chen

Course description

Fundamental principles of operating systems and operational security. Topics include process and resource management, security capabilities and limitations, authentication, security policies, sandboxing, software vulnerabilities, and virtualization. Case studies focus primarily on Linux-based systems.

Learning outcomes

See Course objectives for the objective statement and a concise outcomes list.

Upon successful completion of this course, students will be able to:

Understand fundamental operating system concepts, including kernel architecture, process management, memory management, and file systems.
Analyze common OS vulnerabilities, such as buffer overflows, privilege escalation, and race conditions, and understand their mitigations.
Apply secure configuration and hardening practices following industry standards (CIS Benchmarks).
Implement and configure Linux security mechanisms, including SELinux, AppArmor, and access control lists (ACLs).
Evaluate authentication mechanisms and implement multi-factor authentication solutions.
Deploy and secure containerized applications using Docker with appropriate isolation techniques.
Configure virtualization environments and understand VM security considerations.
Perform security audits and implement host-based intrusion detection systems.

Weekly schedule

Topic

Key concepts

Introduction to Operating Systems

OS role, architecture, kernel vs user space, Unix/Linux history

Linux Kernel and Boot Process

Kernel architecture, boot sequence (BIOS/UEFI → GRUB → Kernel → systemd)

Shell and Command Line Fundamentals

Bash shell, essential commands, scripting basics, environment variables

Process Management

Process states, threads, scheduling (CFS), IPC mechanisms

Memory Management

Virtual memory, paging, swap space, memory protection and isolation

File Systems and Storage

File system types (ext4, XFS, Btrfs), inodes, disk management, RAID

Users, Groups, and Permissions

User management, rwx permissions, ACLs, permission vulnerabilities

Midterm Exam

In-class exam (covers Weeks 1–7)

Authentication Mechanisms

PAM, password security, SSH keys, multi-factor authentication

Access Control and Security Policies

DAC vs MAC, SELinux, AppArmor, principle of least privilege

Software Vulnerabilities and Exploitation

Buffer overflows, privilege escalation, mitigations (ASLR, DEP)

Sandboxing and Containerization

Namespaces, cgroups, chroot, Docker security, container escapes

System Hardening and Security Auditing

CIS Benchmarks, logging, intrusion detection (AIDE), firewalls

Virtualization Technologies

Type 1/2 hypervisors, KVM/QEMU, VM isolation, security best practices

Case Studies and Emerging Trends

OS security comparison (Linux/Windows/macOS), real-world breaches, eBPF

Assessment

Weekly Assignments: 30% (hands-on practical exercises)
Midterm Exam: 20% (covers Weeks 1–7)
Final Exam: 20% (covers Weeks 9-15)
Final Project: 25% (security analysis and hardening)
Attendance: 5% (class engagement and discussions)

Required tools

Virtualization: VirtualBox, VMware Workstation, or Proxmox VE
Linux distributions: Ubuntu
Security tools: Nmap, Wireshark
Development: Python 3, Bash
Text editor: Nano

Course policies

Attendance

Regular attendance is expected. Students are responsible for all material covered in class and any announcements made during class sessions.

Academic integrity

All work submitted must be your own. Collaboration is encouraged for learning, but submitted work must represent individual effort unless explicitly stated otherwise. Violations will be handled according to university policy.

Late submissions

Late lab submissions will be penalized 20% per day. Extensions may be granted for documented emergencies.

Recommended resources

Operating System Concepts by Silberschatz, Galvin, and Gagne
How Linux Works by Brian Ward
The Linux Command Line by William Shotts
Hacking: The Art of Exploitation by Jon Erickson
Container Security by Liz Rice

PreviousSCIA 360 — Operating System Security NextCourse objectives

Last updated 1 hour ago

Good evening