Module Descriptors
MALICIOUS SOFTWARE AND SECURITY PROGRAMMING
COCS60396
Key Facts
Faculty of Computing, Engineering and Sciences
Level 6
15 credits
Contact
Leader: Hatem Tammam
Email: H.Tammam@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 24
Independent Study Hours: 126
Total Learning Hours: 150
Assessment
- ASSIGNMENT weighted at 50%
- EXAMINATION - UNSEEN IN EXAMINATION CONDITIONS weighted at 50%
Module Details
Module Additional Assessment Details
Assignment 50% (Learning Outcomes 2 and 3)
Assignment will typically require a critical review of some techniques/problems within this area followed by the implementation of some software component that may use some of the reviewed techniques as appropriate.
Exam 2 hours 50% (Learning Outcomes 1and 3)
Assignment will typically require a critical review of some techniques/problems within this area followed by the implementation of some software component that may use some of the reviewed techniques as appropriate.
Exam 2 hours 50% (Learning Outcomes 1and 3)
Module Indicative Content
Common security structures/procedures e.g. from Unix, Windows, Internet.
Self-replicating and infecting software - structure/operation and techniques for attack, detection prevention and damage limitation.
Attack patterns and strategies for breaking code. Reconnaisance, scanning, unathorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
Software security testing. Secure initialisation, validation, limit and error handling. Defences and tools - e.g. security scanners, file integrity checkers, applications of cryptography, antivirus tools and techniques.
Social engineering factors. Ethical and legal considerations.
Self-replicating and infecting software - structure/operation and techniques for attack, detection prevention and damage limitation.
Attack patterns and strategies for breaking code. Reconnaisance, scanning, unathorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
Software security testing. Secure initialisation, validation, limit and error handling. Defences and tools - e.g. security scanners, file integrity checkers, applications of cryptography, antivirus tools and techniques.
Social engineering factors. Ethical and legal considerations.
Module Learning Strategies
1 hour of lecture and 1 hour of tutorial/practical directed reading and research. The tutorial/practical session will have to be scheduled in an appropriate laboratory.
Module Special Admissions Requirements
Prior study of:
Introduction to C Programming or equivalent; AND
Hardware and Software Systems 1 or equivalent
Introduction to C Programming or equivalent; AND
Hardware and Software Systems 1 or equivalent
Module Resources
PC laboratories with Linux & Windows O/S
Java & C language platforms
Java & C language platforms
Module Texts
Zeltser, L, Skoudis,E, Stratton, W.O, Teall,H, Malware: Fighting Malicious Code, Prentice Hall, 2003, ISBN: 0131014056
Skoudis, E, Counter Hack: A Step by Step Guide to Computer Attacks and Effective Defences, Prentice Hall, 2001, ISBN: 0130332739
Whittaker, J, Thompson,H, How to Break Software Security, Addison Wesley, 2003, ISBN: 0321194330
Szor, P, The Art of Computer Virus Research and Defense, Addison Wesley, 2005, ISBN: 0321304543
Skoudis, E, Counter Hack: A Step by Step Guide to Computer Attacks and Effective Defences, Prentice Hall, 2001, ISBN: 0130332739
Whittaker, J, Thompson,H, How to Break Software Security, Addison Wesley, 2003, ISBN: 0321194330
Szor, P, The Art of Computer Virus Research and Defense, Addison Wesley, 2005, ISBN: 0321304543