ASSIGNMENT 50%. Report 3000 words detailing underpinning research, evaluation and design of a component of a security system. (LO 1, 2, 3 and 6)

A 2 hours EXAMINATION 50% (LO 4, 5 and 6).
Final assessment.

Principles of computer and information security. Cryptography mechanisms and encryption standards, Security Protocols, Access Control, Authentication and Authorisation, Operating System protection mechanisms. Database security. Network configuration and security. Securing e-business. Security models. Human factors in security. Security policies and planning. Legal and ethical issues. Globalisation of threats and security issues and responses.

Self-replicating and infecting software - structure/operation and techniques for attack detection, prevention and damage limitation. Defences and tools - e.g. security scanners, file integrity checkers, application of cryptography, antivirus tools and techniques.

Attack patterns and strategies for breaking code. Reconnaissance, scanning, unauthorised access through application software, operating system and network attacks and exploits, denial of service attacks, Backdoors and RootKits. Reverse engineering.

Software security testing Secure initialisation, validation, limit and error handling.

Social and commercial impact of attacks and infection by malicious software.

Directed reading and research. The tutorial/practical session will have to be scheduled in an appropriate laboratory.
36 lecture hours and 12 tutorial/practical hours

NONE

Prior study of a level 4 introductory programming module and a level 4 introductory hardware and system software module and a level 4 mathematics module.

ESSENTIAL:

Analyzing Computer Security, Pfleeger, C.P., S. L. Pfleeger, 2011, Pearson, 1st edition, ISBN: 978-0132839402

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, Ligh, M., S. Adair, B. Hartstein, M. Richard, 2010, Wiley, ISBN: 978-0470613030

Grey Hat Hacking, Harper, A, S. Harris, J. Ness, C. Eagle, G. Lenkey, T. Williams, 2011, McGraw-Hill, ISBN: 978-0071742559

The Art of Computer Virus Research and Defence, Szor, P., 2005, Addison Wesley, ISBN:0321304543

OECD, Computer Viruses and other Malicious Software, OECD, 2009, ISBN: 978-9264056503

BACKGROUND:
Computer Security, Gollmann, D., 2010, Wiley, 3rd edition, ISBN: 978-0470741153

Modern Malicious Software: Taxonomy and Advanced Detection Methods, Volynkin, A., 2009, VDM Verlag, ISBN: 978-3639122954

1. Critically discuss the principles and concepts involved in the securing of computer systems both stand-alone and networks based.
(COMMUNICATION; KNOWLEDGE & UNDERSTANDING)

2. Specify, design and justify the design decisions of an exemplar component of a security system.
(APPLICATION; PROBLEM SOLVING)

3. Critically evaluate various techniques used in exemplar security systems.
(ANALYSIS; LEARNING)

4. Critically discuss the principles and concepts that underpin malicious software and software based attacks.
(COMMUNICATION; KNOWLEDGE & UNDERSTANDING)

5. Critically evaluate various techniques used in the defence of computer systems against malicious software and software based attacks.
(ANALYSIS; LEARNING)

6. Critically discuss the ethical and legal issues involved in security of computer systems and the social and commercial impact of malicious software and software based attacks.
(ANALYSIS; COMMUNICATION)