Module Descriptors
SOFTWARE SECURITY ASSESSMENT & MALWARE ANALYSIS
COCS60724
Key Facts
Digital, Technology, Innovation and Business
Level 6
30 credits
Contact
Leader: Christopher Hawkins
Hours of Study
Scheduled Learning and Teaching Activities: 53
Independent Study Hours: 247
Total Learning Hours: 300
Pattern of Delivery
- Occurrence B, Stoke Campus, UG Semester 2 to UG Semester 1
Sites
- Stoke Campus
Assessment
- Coursework - Assignment - report 2000 words weighted at 70%
- Coursework - Assignment - sample analysis report 2000 words weighted at 30%
Module Details
Module Texts
Essential:
The Art of Software Security Assessment, Mark Dowd, John McDonald and Justin Schuh, Addison-Wesley, 2007, ISBN 978-0321444424
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, Ligh, M., S. Adair, B. Hartstein, M. Richard, 2010, Wiley, ISBN: 978-0470613030
Grey Hat Hacking, Harper, A, S. Harris, J. Ness, C. Eagle, G. Lenkey, T. Williams, 2011, McGraw-Hill, ISBN: 978-0071742559
The Art of Computer Virus Research and Defence, Szor, P., 2005, Addison Wesley, ISBN:0321304543
Mark Dowd and John McDonald and Justin Schuh, The Art of Software Security Assessment, Addison-Wesley, 2007
OECD, Computer Viruses and other Malicious Software, OECD, 2009, ISBN: 978-9264056503
Background:
Computer Security, Gollmann, D., 2010, Wiley, 3rd edition, ISBN: 978-0470741153
Modern Malicious Software: Taxonomy and Advanced Detection Methods, Volynkin, A., 2009, VDM Verlag, ISBN: 978-3639122954
The Art of Software Security Assessment, Mark Dowd, John McDonald and Justin Schuh, Addison-Wesley, 2007, ISBN 978-0321444424
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code, Ligh, M., S. Adair, B. Hartstein, M. Richard, 2010, Wiley, ISBN: 978-0470613030
Grey Hat Hacking, Harper, A, S. Harris, J. Ness, C. Eagle, G. Lenkey, T. Williams, 2011, McGraw-Hill, ISBN: 978-0071742559
The Art of Computer Virus Research and Defence, Szor, P., 2005, Addison Wesley, ISBN:0321304543
Mark Dowd and John McDonald and Justin Schuh, The Art of Software Security Assessment, Addison-Wesley, 2007
OECD, Computer Viruses and other Malicious Software, OECD, 2009, ISBN: 978-9264056503
Background:
Computer Security, Gollmann, D., 2010, Wiley, 3rd edition, ISBN: 978-0470741153
Modern Malicious Software: Taxonomy and Advanced Detection Methods, Volynkin, A., 2009, VDM Verlag, ISBN: 978-3639122954
Module Indicative Content
1. Introduction to software security assessment
2. Programming Basics (Building Blocks) 3. 3. Common Software Vulnerabilities
4. Client/Server Module
5. Common Network Protocols
6. Firewalls and IDS Assessment
7. Web-Based Application Assessment
8. Introduction to Malicious Software
9. Malware Analysis Techniques
10. Static Analysis
11. Dynamic Analysis
12. Software Debugging
2. Programming Basics (Building Blocks) 3. 3. Common Software Vulnerabilities
4. Client/Server Module
5. Common Network Protocols
6. Firewalls and IDS Assessment
7. Web-Based Application Assessment
8. Introduction to Malicious Software
9. Malware Analysis Techniques
10. Static Analysis
11. Dynamic Analysis
12. Software Debugging
Module Resources
You will need access to these resources:
The VLE plus access to Malware analysis tools and a network test laboratory
An ICT Workplace environment.
Work-Based Learning Agreement will be completed for this module to ensure that the student will have access to the required resources in the workplace.
The Internet
Word Processing software for use in the coursework .
Staffordshire University has subscriptions to electronic book services such as Safari Tech Books, Ebrary and Netlibrary. There are titles in each of the collections that will support students studying this module. Staffordshire University has subscriptions to IEEExplore, ACM Digital Library, Elsevier Science Direct and Infotrac Computer Database all offering full text electronic access to journals and conference proceedings
The VLE plus access to Malware analysis tools and a network test laboratory
An ICT Workplace environment.
Work-Based Learning Agreement will be completed for this module to ensure that the student will have access to the required resources in the workplace.
The Internet
Word Processing software for use in the coursework .
Staffordshire University has subscriptions to electronic book services such as Safari Tech Books, Ebrary and Netlibrary. There are titles in each of the collections that will support students studying this module. Staffordshire University has subscriptions to IEEExplore, ACM Digital Library, Elsevier Science Direct and Infotrac Computer Database all offering full text electronic access to journals and conference proceedings
Module Special Admissions Requirements
Prior study of Software Fundamentals (COCS40732) and Core Skills (CORE40733) (or similar)
Module Additional Assessment Details
Assignment 70% (learning outcomes 1, 2 and 3)
Report 2000 words detailing underpinning research, evaluation and design of a component of a Software security.
Assignment 30% (Learning Outcomes 3, 4 and 5)
Sample analysis report (2000 words) discussing how a malware analyst once given an unknown software will analyse it in order to decide whether it is malicious or not. Coursework must be submitted electronically using the University submission system (Blackboard), and is due on the date and time listed on the assignment. Late submission will not be accepted (the submission link on blackboard will be removed automatically at the due date), and will result in a zero for the assignment.
Report 2000 words detailing underpinning research, evaluation and design of a component of a Software security.
Assignment 30% (Learning Outcomes 3, 4 and 5)
Sample analysis report (2000 words) discussing how a malware analyst once given an unknown software will analyse it in order to decide whether it is malicious or not. Coursework must be submitted electronically using the University submission system (Blackboard), and is due on the date and time listed on the assignment. Late submission will not be accepted (the submission link on blackboard will be removed automatically at the due date), and will result in a zero for the assignment.
Module Learning Strategies
Module Launch (30 hours)
There will be a module launch during which around 20 hours of face to face contact will be devoted to undertaking tasks which are designed to provide useful insights into the module content and purpose. The remaining time will be spent on guided learning activities.
Additional Guided Learning (22 hours)
A module tutor who is part of the teaching team of the module will be allocated to you and you will meet them during the launch. Following the launch, there will be some materials on the VLE which are designed to guide your learning. Additionally, there will be at least two hour long sessions per week of contact time for the eleven weeks following the launch. This will be used for learning guided led by your module tutor. It will be a face to face presentation if you are on day release. For online learners it will be flipped classroom approach with group (up to 20) seminars.
Reviews:
• Tutorial reviews for online learners (1 hour per student)
Online learners will have 2 tutorial sessions with their module tutor during the course of the module. These will be individual or small group sessions during which your module tutor will be able to answer any queries that you have regarding module work. The review weeks are listed in the module handbook and mentors will be invited to join the call and provide feedback.
• Tutorial sessions for day release learners (at least 1 hour per student)
There will scheduled tutorial sessions (up to 20 students) during the 11 weeks following the launch which will take the place of the tutorial reviews for day release students
Independent learning (247 hours)
The module leader will provide resources through the virtual learning environment which will include videos and presentations as well as links to useful websites. Other academic learning will be achieved through reading around the subject area. Module tutors will suggest useful texts, though many others will be suitable and can be found in our e-library. If you require help understanding any of the concepts, you may contact your module tutor for assistance.
Part of your independent learning will take place in your workplace under the guidance of your mentor. You will complete a work-based learning agreement to ensure that arrangements are in place at your workplace to facilitate this work-based learning. You are encouraged to endeavour to apply your growing academic knowledge to improve your work practice and to reflect on your work-based experiences to improve your learning.
You will be required to complete assignment work during independent learning time. Assignment work for a 30 credit module at level 6 should take around 140 hours to complete
Additional help with learning
You will have access to the departmental librarian. As a student, you are more than welcome to visit the university at any time and to use the resources. During time at the university, you may arrange to meet your module tutor or academic coach for additional help
There will be a module launch during which around 20 hours of face to face contact will be devoted to undertaking tasks which are designed to provide useful insights into the module content and purpose. The remaining time will be spent on guided learning activities.
Additional Guided Learning (22 hours)
A module tutor who is part of the teaching team of the module will be allocated to you and you will meet them during the launch. Following the launch, there will be some materials on the VLE which are designed to guide your learning. Additionally, there will be at least two hour long sessions per week of contact time for the eleven weeks following the launch. This will be used for learning guided led by your module tutor. It will be a face to face presentation if you are on day release. For online learners it will be flipped classroom approach with group (up to 20) seminars.
Reviews:
• Tutorial reviews for online learners (1 hour per student)
Online learners will have 2 tutorial sessions with their module tutor during the course of the module. These will be individual or small group sessions during which your module tutor will be able to answer any queries that you have regarding module work. The review weeks are listed in the module handbook and mentors will be invited to join the call and provide feedback.
• Tutorial sessions for day release learners (at least 1 hour per student)
There will scheduled tutorial sessions (up to 20 students) during the 11 weeks following the launch which will take the place of the tutorial reviews for day release students
Independent learning (247 hours)
The module leader will provide resources through the virtual learning environment which will include videos and presentations as well as links to useful websites. Other academic learning will be achieved through reading around the subject area. Module tutors will suggest useful texts, though many others will be suitable and can be found in our e-library. If you require help understanding any of the concepts, you may contact your module tutor for assistance.
Part of your independent learning will take place in your workplace under the guidance of your mentor. You will complete a work-based learning agreement to ensure that arrangements are in place at your workplace to facilitate this work-based learning. You are encouraged to endeavour to apply your growing academic knowledge to improve your work practice and to reflect on your work-based experiences to improve your learning.
You will be required to complete assignment work during independent learning time. Assignment work for a 30 credit module at level 6 should take around 140 hours to complete
Additional help with learning
You will have access to the departmental librarian. As a student, you are more than welcome to visit the university at any time and to use the resources. During time at the university, you may arrange to meet your module tutor or academic coach for additional help
Module Learning Outcomes
1- CRITICALLY DISCUSS THE PRINCIPLES AND CONCEPTS INVOLVED IN THE SECURING OF COMPUTER SYSTEMS BOTH STAND-ALONE AND NETWORKS BASED.
Communication
Knowledge & Understanding
2- SPECIFY, DESIGN AND JUSTIFY THE DESIGN DECISIONS OF AN EXEMPLAR COMPONENT OF A SOFTWARE SECURITY.
Application
Problem Solving
3- CRITICALLY ANALYSE AND EVALUATE VARIOUS TECHNIQUES USED IN EXEMPLAR SOFTWARE SECURITY.
Analysis and Learning
4- CRITICALLY DISCUSS THE PRINCIPLES AND CONCEPTS THAT UNDERPIN MALICIOUS SOFTWARE AND SOFTWARE BASED ATTACKS.
Communication
Knowledge & Understanding
5. CRITICALLY ANALYSE SECURITY REQUIREMENTS INCLUDING FUNCTIONAL AND NON-FUNCTIONAL SECURITY REQUIREMENTS.
Analysis
Learning
Communication
Knowledge & Understanding
2- SPECIFY, DESIGN AND JUSTIFY THE DESIGN DECISIONS OF AN EXEMPLAR COMPONENT OF A SOFTWARE SECURITY.
Application
Problem Solving
3- CRITICALLY ANALYSE AND EVALUATE VARIOUS TECHNIQUES USED IN EXEMPLAR SOFTWARE SECURITY.
Analysis and Learning
4- CRITICALLY DISCUSS THE PRINCIPLES AND CONCEPTS THAT UNDERPIN MALICIOUS SOFTWARE AND SOFTWARE BASED ATTACKS.
Communication
Knowledge & Understanding
5. CRITICALLY ANALYSE SECURITY REQUIREMENTS INCLUDING FUNCTIONAL AND NON-FUNCTIONAL SECURITY REQUIREMENTS.
Analysis
Learning