Systems Security

Lectures are on Mondays from 11.15 to 13.05 in room MD108. The practicals are in room MF124 from 14.15 to 17:05. The Syllabus lists some of the core texts and finer details of this module from an administrative viewpoint.  The Syllabus is here.

The philosophy of this module is to introduce the student to the issues that arise when we consider the security of computer networks, from both a “white-hat” (defensive), and “black-hat” (offensive) perspective.

The module is 100% coursework. Coursework 1 is a report on a cyber security topic which is worth 40%. The submission date is week 8. The second coursework is a lab test where you will demonstrate aspects of your practical & theoretical pen testing skills. This is in week 12 and is worth 60% of your final module mark.

Notes

Lecture 1 : Introduction & Emerging Topics
Optional additional reading: Tor: The Second-Generation Onion Router by Dingledine et al.
Optional video clip Drinking from the caffeine firehose we know as shodan

Lecture 2: Authentication – Access control & cryptography
Optional additional reading: Cloud Security – A short primer by Joel-Ahmed Mondol.
Optional video clip: Importance of Good Cloud Security

Lecture 3: Programs & Programming
Optional additional reading: Microsoft vs. Apple: Resilience against Distributed DoS Attack by Altunbasak et al.
Optional video clip: Three Generations of DoS Attacks

Lecture 4: Operating Systems
Optional additional reading: A Taxonomy of Buffer Overflow Characteristics by Matt Bishop et al.
Optional video clip: Credit Cards: Everything You have Ever Wanted to Know

Lecture 5: Network Security Linux Security

Optional additional reading: Can we make operating systems reliable and secure by Tanenbaum et al.
Optional video clip: 
You spent all that money and you still got owned

Reading week
Optional additional reading: It is Time for Trustworthy Systems by Hesier et al.
Optional video clip: Google Hacking for Penetration Testers

Lecture 7: Databases
Optional additional reading: Securing Distributed Systems Using Symmetric Key Cryptography by Babu et al.
Optional video clip: Owning Bad Guys With Javascript Botnets

Lecture 8: Cloud Computing
Optional additional reading: Why I wrote PGP by Phil Zimmermann.
Optional video clip: RFID Mythbusting

Lecture 9: Privacy
Optional additional reading: A Survey on Security for Mobile Devices by La Polla et al.
Optional video clip: Cryptohaze Cloud Cracking by Bitweasil

Lecture 10 The Web, Management & Incidents
Optional additional reading: Keystroke Dynamics for User Authentication by Zhong et al.
Optional video clip: More tricks for defeating SSL

Lecture 11 Legal Issues & Ethics
Optional additional reading: A Lightweight Authentication Protocol for Secure Communications between Resource-Limited Devices and
Wireless Sensor Networks
by Ksiazak et al.
Optional video clip: My life as a spyware developer

Lecture 12 Cryptography
Optional additional reading: Legal, Ethical & Social Issues in the case of an Intrusive Remote Monitoring Software by McBrearty et al.
Optional video clip: Steal Everything, Kill Everyone, Cause Total Financial Ruin!

 

Labs

All practicals are placed on BlackBoard each week. Here are the contents of each lab during the 12 weeks.

 

Assignments

CLASS ASSIGNMENT 1 – 40% (Date: Week 8)
Essay

CLASS ASSIGNMENT 2 – 60% (Date: Week 12)
Class test during lab session on material covered in labs during weeks 1 to 11.

Comments are closed.