Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
For 'standard mode', all eleven lectures will be in the Shilling Auditorium from 14:00-17:00 on Wednesday afternoons. The first lecture will be on October 2nd 2019 and the last lecture on December 11th 2019.
For 'block mode', the ten lectures will take place between December 16th and December 20th 2019 in Arts Lecture Theatre 1. Lectures will run from 9:15-12:15 and either 13:45-16:45 (Monday/Tuesday) or 13:30-16:30 (Wednesday-Friday).
The module is concerned with the protection of data transferred over digital networks, including computer and telecommunications networks. We review networking concepts, particularly the concepts of services and protocols, and study how services are incorporated in network communications by specifying protocols. We extend the discussion of services to address security concerns, considering how cryptographic primitives may be used to provide confidentiality, integrity and authentication services. We illustrate these concepts by considering a variety of case studies, typically including wireless, cellular, network and transport layer protocols, techniques and technologies, including non-cryptographic countermeasures such as packet-filtering, intrusion detection, etc.
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in information networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
IY5512 is one of the four compulsory modules on the Information Security MSc. The aims of the computer security module are to introduce the security issues that computer systems must address and to describe some of the techniques for implementing security in operating systems.
This course provides an overview of the core technologies which underpin the provision of security services in computer and network security.
This course gives a broad overview of topics that impact the delivery of security architectures within a modern information processing system.
Past exam papers are also available through Moodle.
1. Identify and exploit the software vulnerabilities that can be introduced into programs through language features and poor programming practice;
2. Discuss the countermeasures that can mitigate the exploitation of such software vulnerabilities;
3. Introduce (briefly) malicious software (malware) as a typical consequence of successful software exploitation, nowadays;
4. Provide pointers to/discuss academic and/or industry research-oriented publications on the subject