Systems Security

The Syllabus lists some of the core texts and finer details of this module from an administrative viewpoint.  The Syllabus is here.

The philosophy of this module is to introduce the student to the issues that arise when we consider the security of computer networks, from both a “white-hat” (defensive), and “black-hat” (offensive) perspective. The lecture is in room MD007 from 9:15-11:15 and the practicals are in room MF124/125 from 11:15 to 14:05.

The module is 100% coursework. Coursework 1 is a report on a cyber security topic which is worth 40%. The submission date is week 5 – Monday October 23rd. Week 6 is a non-teaching week so there is no class on Monday 30th October. The second coursework is a lab test where you will demonstrate aspects of your practical & theoretical pen testing skills. This is in week 12 – Monday December 11th and is worth 60% of your final module mark.


Lecture 1 : Introduction & Emerging Topics
Optional additional reading: Tor: The Second-Generation Onion Router by Dingledine et al.
Optional video clip: Three Generations of DoS Attacks

Lecture 2: Authentication – Access control & cryptography
Optional additional reading: Cloud Security – A short primer by Joel-Ahmed Mondol.
Optional video clip: Importance of Good Cloud Security

Lecture 3: Programs & Programming
Optional additional reading: Microsoft vs. Apple: Resilience against Distributed DoS Attack by Altunbasak et al.
Optional video clip Drinking from the caffeine firehose we know as shodan

Lecture 4: Network Security
Optional additional reading: Can we make operating systems reliable and secure by Tanenbaum et al.
Optional video clip: You spent all that money and you still got owned

Lecture 5: Operating Systems
Optional additional reading: A Taxonomy of Buffer Overflow Characteristics by Matt Bishop et al.
Optional video clip: Credit Cards: Everything You have Ever Wanted to Know

Week 6 – No Lecture – Consolidation Week – Project clinic (1/2 day) + plagiarism/writing/presenting workshop.

Lecture 7: Databases
Optional additional reading: It is Time for Trustworthy Systems by Hesier et al.
Optional video clip: Google Hacking for Penetration Testers

Lecture 8: Cloud Computing
Optional additional reading: A Survey on Security for Mobile Devices by La Polla et al.
Optional video clip: Cryptohaze Cloud Cracking by Bitweasil

Lecture 9: Privacy & Security Incident Management
Optional additional reading: Why I wrote PGP by Phil Zimmermann.
Optional video clip: RFID Mythbusting

Lecture 10: Cryptography
Optional additional reading: Keystroke Dynamics for User Authentication by Zhong et al.
Optional video clip: More tricks for defeating SSL

Lecture 11: xxxx
Optional additional reading: Legal, Ethical & Social Issues in the case of an Intrusive Remote Monitoring Software by McBrearty et al.
Optional video clip: Steal Everything, Kill Everyone, Cause Total Financial Ruin!

Lecture 12: No Lecture
Optional additional reading: A Lightweight Authentication Protocol for Secure Communications between Resource-Limited Devices and Wireless Sensor Networks by Ksiazak et al.
Optional video clip: My life as a spyware developer


All practicals are placed on BlackBoard each week.


Coursework components

CLASS ASSIGNMENT 1 – 25% (Date: Week 5)
Cybersecurity Report

CLASS ASSIGNMENT 2 – 75% (Date: Week 12)
Theory & practical lab test

Comments are closed.