Undergraduate Course: Computer Security (INFR10067)
|School||School of Informatics
||College||College of Science and Engineering
|Credit level (Normal year taken)||SCQF Level 10 (Year 3 Undergraduate)
||Availability||Available to all students
|Summary||Computer Security is concerned with the protection of computer systems and their data from threats which may compromise integrity, availability, or confidentiality; the focus is on threats of a malicious nature rather than accidental. This course aims to give a broad understanding of computer security. Topics include security risks, attacks, prevention and defence methods; techniques for writing secure programs; an overview of the foundations for cryptography, security protocols and access control models.
***This course replaces INFR10058 Computer Security (10 credits).***
The goal of this course is to introduce students to fundamental security concepts and offer them working knowledge of threats and counter-measures.
The topics covered in the course are:
- Introduction: fundamental concepts, access control models, threat modelling.
- Network security: basic networking concepts, DoS, Transport layer security, Link layer security, DNS attacks, Firewalls, Intrusion detection.
- Usable security: basic human factors, warning design, phishing, authentication, device authentication.
- Cryptography: symmetric ciphers, asymmetric ciphers, MACs and hash functions, digital signatures.
- Cryptographic protocols: identification, authentication and key agreement, SSL/TLS, anonymity protocols, TOR.
- OS security: OS concepts, memory and file system, access control, file permissions, memory safety, stack-based buffer overflows.
- Malware: viruses, trojan horses, worms, rootkits.
- Web security: WWW basics, client-side attacks, session hijacking XSS, CSRF, defences, server-side attacks, SQL injection, RFI, LFI.
Entry Requirements (not applicable to Visiting Students)
||Other requirements|| This course is open to all Informatics students including those on joint degrees. For external students where this course is not listed in your DPT, please seek special permission from the course organiser (lecturer).
For some parts of the course, good mathematical ability and basic understanding of logic (predicate calculus) are highly desirable. An ability to program in Java may be assumed for practical exercises.
Information for Visiting Students
|High Demand Course?
Course Delivery Information
|Academic year 2022/23, Available to all students (SV1)
|Learning and Teaching activities (Further Info)
Lecture Hours 30,
Seminar/Tutorial Hours 5,
Supervised Practical/Workshop/Studio Hours 4,
Summative Assessment Hours 2,
Programme Level Learning and Teaching Hours 4,
Directed Learning and Independent Learning Hours
|Assessment (Further Info)
|Additional Information (Assessment)
||3 pieces of coursework: 1 formative assessment, 2 assessments (25% of course total).
1 exam (75% of course total).
If delivered in semester 1, this course will have an option for semester 1 only visiting undergraduate students, providing assessment prior to the end of the calendar year.
||Hours & Minutes
|Main Exam Diet S2 (April/May)||2:00|
|Resit Exam Diet (August)||2:00|
On completion of this course, the student will be able to:
- Describe common security threats against computer systems, and identify appropriate mechanisms to address them.
- Explain techniques and design principles that underlie the common mechanisms for protecting the security, privacy, and trust of computer systems and networks.
- Be able to complete a basic security analysis of computer systems or networks.
- Be able to independently collect, filter out, and contextualise information about security vulnerabilities and their mitigations.
|Introduction to Computer Security (First Edition), Michael Goodrich and Roberto Tamassia, Pearson.|
|Course organiser||Dr Myrto Arapinis
Tel: (0131 6)50 9981
|Course secretary||Mrs Michelle Bain
Tel: (0131 6)51 7607