Module Descriptors
MALICIOUS SOFTWARE AND SECURITY PROGRAMMING
COCS60500
Key Facts
Digital, Technology, Innovation and Business
Level 6
15 credits
Contact
Leader: Anisa Mkuwu
Email: Anisa.Mkuwu@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 26
Independent Study Hours: 124
Total Learning Hours: 150
Sites
- Asia Pacific Institute of Information Technology
Assessment
- Assignment weighted at 50%
- Examination weighted at 50%
Module Details
Module Texts
Zeltser, L, Skoudis,E, Stratton, W.O, Teall,H, Malware: Fighting Malicious Code, Prentice Hall, 2003, ISBN: 0131014056
Skoudis, E, Counter Hack: A Step by Step Guide to Computer Attacks and Effective Defences, Prentice Hall, 2001, ISBN: 0130332739
Whittaker, J, Thompson,H, How to Break Software Security, Addison Wesley, 2003, ISBN: 0321194330
Szor, P, The Art of Computer Virus Research and Defense, Addison Wesley, 2005, ISBN: 0321304543
Skoudis, E, Counter Hack: A Step by Step Guide to Computer Attacks and Effective Defences, Prentice Hall, 2001, ISBN: 0130332739
Whittaker, J, Thompson,H, How to Break Software Security, Addison Wesley, 2003, ISBN: 0321194330
Szor, P, The Art of Computer Virus Research and Defense, Addison Wesley, 2005, ISBN: 0321304543
Module Indicative Content
Common security structures/procedures e.g. from Unix, Windows, Internet.
Self-replicating and infecting software - structure/operation and techniques for attack, detection prevention and damage limitation.
Attack patterns and strategies for breaking code. Reconnaisance, scanning, unathorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
Software security testing. Secure initialisation, validation, limit and error handling. Defences and tools - e.g. security scanners, file integrity checkers, applications of cryptography, antivirus tools and techniques.
Social engineering factors. Ethical and legal considerations.
Self-replicating and infecting software - structure/operation and techniques for attack, detection prevention and damage limitation.
Attack patterns and strategies for breaking code. Reconnaisance, scanning, unathorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
Software security testing. Secure initialisation, validation, limit and error handling. Defences and tools - e.g. security scanners, file integrity checkers, applications of cryptography, antivirus tools and techniques.
Social engineering factors. Ethical and legal considerations.
Module Additional Assessment Details
Assignment 50% (Learning Outcomes 2 and 3)
Assignment will typically require a critical review of some techniques/problems within this area followed by the implementation of some software component that may use some of the reviewed techniques as appropriate.
Exam 2 hours 50% (Learning Outcomes 1and 3)
Assignment will typically require a critical review of some techniques/problems within this area followed by the implementation of some software component that may use some of the reviewed techniques as appropriate.
Exam 2 hours 50% (Learning Outcomes 1and 3)
Module Learning Strategies
1 hour of lecture and 1 hour of tutorial/practical directed reading and research. The tutorial/practical session will have to be scheduled in an appropriate laboratory.
Module Resources
PC laboratories with Linux & Windows O/S
Java & C language platforms
Java & C language platforms
Module Special Admissions Requirements
Prior study of:
Introduction to C Programming or equivalent; AND
Hardware and Software Systems 1 or equivalent
Introduction to C Programming or equivalent; AND
Hardware and Software Systems 1 or equivalent