CS407 – Computer Security

General Aims

The aim of this class is to provide students with the opportunity to develop a security mind-set by introducing them to core material in the area of computer security. This should enable students to identify potential threats and vulnerabilities for a range of situations, and propose appropriate actions to mitigate these issues.

Learning Outcomes

After completing this class, participants should be able to:

• compare and contrast secure communication solutions;
• evaluate an existing or proposed system in terms of potential vulnerabilities and recommend the most appropriate security solution to apply;
• summarise the key vulnerabilities, threats, and attacks with regards to network security and propose suitable approaches to mitigate these issues;
• plan and implement an aspect of technical security such as log analysis.

Syllabus

The following syllabus is reflective of the types of topics which will be covered:

• Secure communications: cryptography and steganography
• Network security: an examination of the potential threats to network security such as packet sniffing; an examination of the corresponding mitigation techniques
• Access control: an examination of the different approaches to user authentication and access control including topics such as alternative authentication
• Human aspects of computer security: this is an ever important aspect of security – the class will explore how the user impacts security and examine why technical solutions are not the whole picture
• Further ‘hot’ topics: for example malware – decomposing the structure of malware and antivirus approaches

Recommended Text/Reading*

* This list is indicative only – the class lecturer may recommend alternative reading material. Please do not purchase any of the reading material listed below until you have confirmed with the class lecturer that it will be used for this class.