Security & Ethical Hacking: Attacking Web and AI Systems

Security & Ethical Hacking: Attacking Web and AI Systems

本课程是 Security and Ethical Hacking 专项课程的一部分

位教师：Ahmed M. Hamza

包含在 Coursera Plus 中

了解更多

4个模块

深入了解一个主题并学习基础知识。

高级设置等级

推荐体验

2 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

攻读学位

了解更多

4个模块

深入了解一个主题并学习基础知识。

高级设置等级

推荐体验

2 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

攻读学位

了解更多

您将学到什么

Perform and prevent web application attacks and knowledge of defensive techniques.
Understand AI/ML platform and model attacks as an extension of web attacks.
Describe the range of attacks on artificial intelligence algorithms and systems (adversarial machine learning).

您将获得的技能

要了解的详细信息

可分享的证书

添加到您的领英档案

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

积累特定领域的专业知识

本课程是 Security and Ethical Hacking 专项课程专项课程的一部分

在注册此课程时，您还会同时注册此专项课程。

向行业专家学习新概念
获得对主题或工具的基础理解
通过实践项目培养工作相关技能
获得可共享的职业证书

该课程共有4个模块

In this course you will learn how the security of web-based software, including deployed AI agents, can be compromised. Real-world attacks we study are conducted against a variety of web technologies and frameworks. In addition, we will introduce the topic of Adversarial Machine Learning (exploiting algorithms and learning techniques) in the Artificial Intelligence domain, including Language Models. We will review and study modern, cutting-edge research in this area.

Course assessments are through quizzes, hands-on exercises and an exam. This course can be taken for academic credit as part of CU Boulder’s MS in Data Science or MS in Computer Science degrees offered on the Coursera platform. These fully accredited graduate degrees offer targeted courses, short 8-week sessions, and pay-as-you-go tuition. Admission is based on performance in three preliminary courses, not academic history. CU degrees on Coursera are ideal for recent graduates or working professionals. Learn more: MS in Data Science: https://hua.dididi.sbs/degrees/master-of-science-data-science-boulder MS in Computer Science: https://coursera.org/degrees/ms-computer-science-boulder

In this module, we introduce the protocols of the World Wide Web communication, history, and examine several important attack types targeting the server directly through vulnerabilities of web applications – including logic flaws not tied to a particular software weakness.

涵盖的内容

2个视频10篇阅读材料7个作业

2个视频总计57分钟

Welcome - Course Overview10分钟
Protocols of the World Wide Web46分钟

10篇阅读材料总计295分钟

Earn Academic Credit for Your Work! 10分钟
Course Support10分钟
Assessment Expectations5分钟
AI Citation and Acknowledgement10分钟
BurpSuite Proxy and Browser30分钟
Evolution of HTTP40分钟
Path Traversal60分钟
File upload exploits60分钟
OS Command Injection Overview10分钟
Business Logic Assumptions and Bypasses60分钟

7个作业总计230分钟

Practice Lab: Path Traversal with URL-encoded Null Terminator Bypass30分钟
Practice Lab: File Upload with Content-type Restriction Bypass30分钟
Practice Lab: Command Injection with Output Redirection30分钟
Practice Lab: User Validation and Trust30分钟
Practice Lab: Weak Isolation, Authentication Bypass30分钟
Practice Lab: Information Disclosure60分钟
Module 1: Server Side Attacks Quiz20分钟

In this module, we study exploit categories incorporating the client/browser (and assumed privileges of the client) in web attacks, including defenses and potential bypasses.

涵盖的内容

1个视频8篇阅读材料4个作业

1个视频总计9分钟

Overview of Client-Side Web Exploits9分钟

8篇阅读材料总计360分钟

Javascript Introduction60分钟
Evasion: Understanding String Encoding on the Web20分钟
Cross Site Scripting 60分钟
Mitigating Cross Site Scripting30分钟
XSS History - The Myspace Worm60分钟
CSRF and Defenses60分钟
What is Clickjacking?30分钟
Misconfigurations in Cross Origin Resource Sharing40分钟

4个作业总计100分钟

Practice Lab: Basic XSS Attack30分钟
Practice Lab: Stored XSS with Defense Bypass by Quote Encoding30分钟
Practice Lab: Bypassing CSRF Token by Request Type30分钟
Module 2: Client-Side Web Exploitation Quiz10分钟

Function-calling language models (AI agents) present unique risks. We practice attacks on live, deployed models that have excessive agency in their server environments, presenting modern, high-level exploitation primitive in web-deployed language agents.

涵盖的内容

1个视频2篇阅读材料3个作业

This module is an introduction and deep dive into more fundamental, algorithmic types of exploitation against AI systems, namely through study (and careful manipulation) of the machine learning models that power them.

涵盖的内容

1个视频4篇阅读材料1个作业

1个视频总计12分钟

Overview of Attacks on ML Systems12分钟

4篇阅读材料总计140分钟

OWASP Top Ten ML20分钟
Paper: Security and Privacy in Machine Learning10分钟
Paper: Poisoning, Backdooring Contrastive Learning50分钟
Paper: Extracting Training Data From Diffusion Models60分钟

1个作业总计10分钟

Module 4: Advanced Topics - Adversarial AI Quiz10分钟

获得职业证书

将此证书添加到您的 LinkedIn 个人资料、简历或履历中。在社交媒体和绩效考核中分享。

攻读学位

课程是 University of Colorado Boulder提供的以下学位课程的一部分。如果您被录取并注册，您已完成的课程可计入您的学位学习，您的学习进度也可随之转移。

位教师

Ahmed M. Hamza

University of Colorado Boulder

3 门课程1,863 名学生

提供方

University of Colorado Boulder

从 Computer Security and Networks 浏览更多内容

状态：免费试用
University of Colorado Boulder
Security & Ethical Hacking: Attacking the Network
课程
状态：免费试用
University of Colorado Boulder
Ethical Issues in AI and Professional Ethics
课程
状态：免费试用
LearnKartS
Ethical Hacking Fundamentals
课程
University of Colorado Boulder
Deep Learning for Natural Language Processing
课程

人们为什么选择 Coursera 来帮助自己实现职业发展

Felipe M.

自 2018开始学习的学生

''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情，我就可以学习。'

Jennifer J.

自 2020开始学习的学生

''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'

Larry W.

自 2021开始学习的学生

''如果我的大学不提供我需要的主题课程，Coursera 便是最好的去处之一。'

Chaitanya A.

''学习不仅仅是在工作中做的更好：它远不止于此。Coursera 让我无限制地学习。'

通过 Coursera Plus 开启新生涯

无限制访问 10,000+ 世界一流的课程、实践项目和就业就绪证书课程 - 所有这些都包含在您的订阅中

了解更多

通过在线学位推动您的职业生涯

获取世界一流大学的学位 - 100% 在线

探索学位

加入超过 3400 家选择 Coursera for Business 的全球公司

提升员工的技能，使其在数字经济中脱颖而出

了解更多

常见问题

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.