Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
MFBSO UP MPWF DSZQUP
This module is concerned with the protection of data transferred over commercial information networks, including computer and telecommunications networks. After an initial brief study of current networking concepts, a variety of generic security technologies relevant to networks are studied, including user identification techniques, authentication protocols and key distribution mechanisms. This leads naturally to consideration of security solutions for a variety of types of practical networks, including LANs, WANs, proprietary computer networks, mobile networks and electronic mail.
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in information networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
IY5512 is one of the four compulsory modules on the Information Security MSc. The aims of the computer security module are to introduce the security issues that computer systems must address and to describe some of the techniques for implementing security in operating systems.
This course provides an overview of the core technologies which underpin the provision of security services in computer and network security.
This course gives a broad overview of topics that impact the delivery of security architectures within a modern information processing system.
Past exam papers are also available through Moodle.
1. Identify and exploit the software vulnerabilities that can be introduced into programs through language features and poor programming practice;
2. Discuss the countermeasures that can mitigate the exploitation of such software vulnerabilities;
3. Introduce (briefly) malicious software (malware) as a typical consequence of a successful software exploitation, nowadays;
4. Provide pointers to/discuss academic and/or industry research-oriented publications on the subject
MSc Information Security