Skip to main content

CS263 Cyber Security

CS263 15 CATS (7.5 ECTS) Term 1

Availability

Option - CS, CSE, DM

Note: This module is only available to students in the second year of their degree and is not available as an unusual option to students in other years of study.

Academic Aims

The module aims to provide students with a grounding in the specification, design, implementation and evaluation of secure systems. This includes coverage of formal, pattern-based and domain-specifics approaches to development, as well as the human factors relevant to secure systems.

Learning Outcomes

On completion of the module the student will be able to:

  • Understand core security concepts and technologies relating to the development of secure systems.

  • Understand the significance of context in the development of secure systems, as relating to varying computer architectures and platforms.
  • Understand how software development methodologies can be augmented to account for the development of secure systems, including coverage of pattern and model-driven development approaches.
  • Understand and have experience applying defensive programming approaches in the development and analysis of secure systems.
  • Understand and have experience the principles of state-of-the-art approaches for the testing of secure testing, including penetration testing and fuzzing.
  • Appreciate the long-term challenges surrounding and approaches for managing secure systems in an organisational context.

Content

The emphasis of the module is on the specification, design, implementation and evaluation of secure systems. The outline below is illustrative of what will be covered, though the nature of computer security means that the specific topics covered will vary as developments dictate

  • Secure Systems Development Context
    - Core concepts - confidentiality, availability, authenticity, control, trust, etc.
    - Core technologies - authentication, permissions and access control,
privacy controls, communication protocols, event monitoring, sandboxing, cryptographic hashes, etc.
    - Architectures - Distributed systems, centralised systems, dynamic composition, etc.
    - Platforms - Operating systems, middleware, virtualisation, etc.

  • Specification and Design
    - Formal specification methods and secure systems
    - Secure model-driven development
    - Secure architecture and pattern-based design
    - Methodologies and standards for secure systems development

  • Implementation and Testing
    - Secure programming techniques
    - Security and design-patterns for systems implementation
    - Network security – IPSec, tunnelling, VPNs, etc.
    - Obfuscation and de-obfuscation
    - Reverse Engineering
    - Fuzzing

  • Evaluation and Maintenance
    - Validation methods and system hardening
    - Human factors and organisational security
    - Software and threat evolution
    - Remote protection
    - Penetration testing

Books

  • Bishop, M. Introduction to Computer Security, 2004, Addison-Wesley.
  • Bejtlich, R. The Practice of Network Security Monitoring, 2013, No Starch Press.
  • Merkow, M. S., Raghavan, L., Secure and Resilient Software: Requirements, Test Cases and Testing Methods, 2011, Auerbach Publications.
  • Stallings, W., Cryptography and Network Security: Principles and Practice, 2016, Pearson.
  • Zhu, L., Zhang, Z., Xu, C., Secure and Privacy-Preserving Data Communication in Internet of Things, 2017, Springer.

Assessment

Two hour examination (70%), coursework (30%)

Teaching

30 lectures and 10 practical classes