Module Descriptors
ADVANCED SOFTWARE SECURITY
COCS60609
Key Facts
Faculty of Computing, Engineering and Sciences
Level 6
30 credits
Contact
Leader: Martin Slade
Email: M.Slade@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 48
Independent Study Hours: 252
Total Learning Hours: 300
Assessment
- ASSIGNMENT weighted at 50%
- ASSIGNMENT - SECOND ASSIGNMENT weighted at 50%
Module Details
Module Indicative Content
- Principles of computer and information security. Cryptography mechanisms and encryption standards, Security Protocols, Access Control, Authentication and Authorisation, Operating System protection mechanisms. Database security. Network configuration and security. Securing e-business. Security models. Human factors in security. Security policies and planning. Legal and ethical issues. Globalisation of threats and security issues and responses.
- Self-replicating and infecting software - structure/operation and techniques for attack detection, prevention and damage limitation. Defences and tools - e.g. security scanners, file integrity checkers, application of cryptography, antivirus tools and techniques.
- Attack patterns and strategies for breaking code. Reconnaissance, scanning, unauthorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
- Software security testing Secure initialisation, validation, limit and error handling.
- Self-replicating and infecting software - structure/operation and techniques for attack detection, prevention and damage limitation. Defences and tools - e.g. security scanners, file integrity checkers, application of cryptography, antivirus tools and techniques.
- Attack patterns and strategies for breaking code. Reconnaissance, scanning, unauthorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.
- Software security testing Secure initialisation, validation, limit and error handling.
Module Additional Assessment Details
Assignment 50% (learning outcomes 1, 2 and 3)
Report 3000 words detailing underpinning research, evaluation and design of a component of a security system.
Assignment 50% (Learning Outcomes 4 and 5)
Report 3000 words detailing research into exemplar malicious software and defensive measures against such software.
Final assessment.
Report 3000 words detailing underpinning research, evaluation and design of a component of a security system.
Assignment 50% (Learning Outcomes 4 and 5)
Report 3000 words detailing research into exemplar malicious software and defensive measures against such software.
Final assessment.
Module Learning Strategies
Directed reading and research. The tutorial/practical session will have to be scheduled in an appropriate laboratory.
36 lecture hours and 12 tutorial/practical hours
36 lecture hours and 12 tutorial/practical hours
Module Texts
Essential:
Analyzing Computer Security, Pfleeger, C.P., S. L. Pfleeger, 2011, Pearson, 1st edition, ISBN: 978-0132839402
Malware Analyst¿s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, Ligh, M., S. Adair, B. Hartstein, M. Richard, 2010, Wiley, ISBN: 978-0470613030
Grey Hat Hacking, Harper, A, S. Harris, J. Ness, C. Eagle, G. Lenkey, T. Williams, 2011, McGraw-Hill, ISBN: 978-0071742559
The Art of Computer Virus Research and Defence, Szor, P., 2005, Addison Wesley, ISBN:0321304543
OECD, Computer Viruses and other Malicious Software, OECD, 2009, ISBN: 978-9264056503
Background:
Computer Security, Gollmann, D., 2010, Wiley, 3rd edition, ISBN: 978-0470741153
Modern Malicious Software: Taxonomy and Advanced Detection Methods, Volynkin, A., 2009, VDM Verlag, ISBN: 978-3639122954
Analyzing Computer Security, Pfleeger, C.P., S. L. Pfleeger, 2011, Pearson, 1st edition, ISBN: 978-0132839402
Malware Analyst¿s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, Ligh, M., S. Adair, B. Hartstein, M. Richard, 2010, Wiley, ISBN: 978-0470613030
Grey Hat Hacking, Harper, A, S. Harris, J. Ness, C. Eagle, G. Lenkey, T. Williams, 2011, McGraw-Hill, ISBN: 978-0071742559
The Art of Computer Virus Research and Defence, Szor, P., 2005, Addison Wesley, ISBN:0321304543
OECD, Computer Viruses and other Malicious Software, OECD, 2009, ISBN: 978-9264056503
Background:
Computer Security, Gollmann, D., 2010, Wiley, 3rd edition, ISBN: 978-0470741153
Modern Malicious Software: Taxonomy and Advanced Detection Methods, Volynkin, A., 2009, VDM Verlag, ISBN: 978-3639122954
Module Resources
None
Module Special Admissions Requirements
Prior study of a level 4 introductory programming module and a level 4 introductory hardware and system software module and a level 4 mathematics module.