Postgraduate Course: Computer Security (Level 11) (INFR11244)
Course Outline
| School | School of Informatics |
College | College of Science and Engineering |
| Credit level (Normal year taken) | SCQF Level 11 (Postgraduate) |
Availability | Not available to visiting students |
| SCQF Credits | 20 |
ECTS Credits | 10 |
| Summary | To be a professional or researcher in the area, it is necessary to understand fundamental issues in connection with Cyber Security, Privacy, and Trust. This course aims to develop a deep understanding of current computer security and privacy topics and will prepare students for conducting research in this area.
The course is focused on the main aspects of Cyber Security, Privacy, and Trust. It is broken into 5 broad units: Cryptography, Secure communications, Network Security, OS security, and Web Security. Through these units students will explore topics like Cryptography, Software vulnerabilities, Web security, Malware, Access control, Mobile security, Differential privacy, Hardware protection, Side channel attacks, Block-chains, Network security, Usable security, and Passwords.
The very nature of the subject raises important societal and ethical concerns and will be raised in lectures as pertaining to each topic.
We will further provide 5 guest lectures from security professionals from industry (one for each of the 5 broad units / topics covered in the course) for our level 11 students. |
| Course description |
The goal of this course is to introduce students to fundamental security, privacy, and trust concepts and offer them working knowledge of threats and counter-measures in order for them to follow and leverage any developments / research in these areas. The topics to be covered in the course will include a sampling of the following:
- Introduction: fundamental concepts, access control models, threat modelling
- Network security: basic networking concepts, DoS, Transport layer security, Link layer security, DNS attacks, Firewalls, Intrusion detection
- Usable security: basic human factors, warning design, phishing, authentication, device authentication
- Cryptography: symmetric ciphers, asymmetric ciphers, MACs and hash functions, digital signatures
- Cryptographic protocols: identification, authentication and key agreement, SSL / TLS, anonymity protocols, TOR
- OS security: OS concepts, memory and filesystem, access control, file permissions, memory safety, stack-based buffer overflows
- Malware: viruses, trojan horses, worms, rootkits
- Web security: WWW basics, client-side attacks, session hijacking XSS, CSRF, defenses, server-side attacks, SQL injection, RFI, LFI
|
Entry Requirements (not applicable to Visiting Students)
| Pre-requisites |
|
Co-requisites | |
| Prohibited Combinations | Students MUST NOT also be taking
Computer Security (INFR10067)
|
Other requirements | Only available to students on the MSc in Cyber Security, Privacy, and Trust. |
Course Delivery Information
|
| Academic year 2023/24, Not available to visiting students (SS1)
|
Quota: None |
| Course Start |
Semester 1 |
Timetable |
Timetable |
| Learning and Teaching activities (Further Info) |
Total Hours:
200
(
Lecture Hours 30,
Seminar/Tutorial Hours 5,
Summative Assessment Hours 2,
Revision Session Hours 3,
Programme Level Learning and Teaching Hours 4,
Directed Learning and Independent Learning Hours
156 )
|
| Assessment (Further Info) |
Written Exam
70 %,
Coursework
30 %,
Practical Exam
0 %
|
| Additional Information (Assessment) |
Coursework 1 will involve writing one academic paper review. A paper review will be a structured report (no longer than 3 pages) that critically presents the context, the contributions, and the limitations of the selected paper. A curated list of seed papers will be provided. The paper review will be worth 15%.
Coursework 2 will involve writing one report on a disclosed CVE (Common Vulnerabilities and Exposures). A CVE report will be a structured report (no longer than 3 pages) that summarises the disclosed vulnerability and connects it to a concepts / method / technique learned in class. A curated list of CVEs will be provided. The CVE report will be worth 15%.
Exam 70% |
| Feedback |
Students will be provided feedback about their understanding and their critical arguments in their paper reviews by the TA / tutor running the tutorials. |
| Exam Information |
| Exam Diet |
Paper Name |
Hours & Minutes |
|
| Main Exam Diet S1 (December) | Computer Security (Level 11) (INFR11244) | 2:00 | |
Learning Outcomes
On completion of this course, the student will be able to:
- demonstrate detailed understanding of fundamental aspects of cyber security, privacy, and trust by being able to state relevant definitions, concepts and mechanisms
- recognise the common security threats against computer systems, and describe and manipulate the basic mechanisms to address them
- critically evaluate the literature related to their chosen topic, and to formulate academically-informed views on a range of security issues in the form of critical paper reviews
- use basic techniques and design principles underlying security solutions including aspects of cryptography, security protocols, and secure programming
- conduct a hands-on basic security analysis of a computer system, and use the World Wide Web to research the latest security alerts and information
|
Reading List
The textbook will be Introduction to Computer Security (First Edition), Michael Goodrich and Roberto Tamassia, Pearson.
There will be lecture slides and also a selected papers reading list for optional reading as well as seed material for the literature surveys the students will write. |
Additional Information
| Graduate Attributes and Skills |
1) Develop skills reading research papers and critically analysing the methodology, technical contributions, and evaluation
2) Be able to transfer knowledge from an academic paper to a real-world scenario
3) Apply critical analysis, evaluation and synthesis to issues that are informed by forefront developments in the subject/discipline/sector |
| Keywords | Security,Privacy,Trust,Secure Systems,CSEC-11 |
Contacts
| Course organiser | Dr Marc Juarez Miro
Tel: (0131 6)50 2707
Email: marc.juarez@ed.ac.uk |
Course secretary | Ms Lindsay Seal
Tel: (0131 6)50 2701
Email: lindsay.seal@ed.ac.uk |
|
|
University Homepage