19-20 IY2760/IY5760: Introduction to Information Security
Introduction to Information Security
19-20 IY2840: Computer and Network Security
IY2840: Computer and Network Security
19-20 IY3660: Applications of Cryptography
IY3660 Moodle 2019-20
19-20 IY3840: Malicious Software
Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.
Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
19-20 IY5501/IY4501: Security Management
For 'standard mode', all eleven lectures were in the Shilling Auditorium from 14:00-17:00 on Wednesday afternoons. The first lecture was on October 2nd 2019 and the last lecture on December 11th 2019.
For 'block mode', the ten lectures took place between December 16th and December 20th 2019 in Arts Lecture Theatre 1. Lectures ran from 9:15-12:15 and either 13:45-16:45 (Monday/Tuesday) or 13:30-16:30 (Wednesday-Friday).
19-20 IY5511: Network Security
First term, core module for Technical Pathway only.
Aims
The module is concerned with the protection of data transferred over digital networks, including computer and telecommunications networks. We review networking concepts, particularly the concepts of services and protocols, and study how services are incorporated in network communications by specifying protocols. We extend the discussion of services to address security concerns, considering how cryptographic primitives may be used to provide confidentiality, integrity and authentication services. We illustrate these concepts by considering a variety of case studies, typically including wireless, cellular, network and transport layer protocols, techniques and technologies, including non-cryptographic countermeasures such as packet-filtering, intrusion detection, etc.
Objectives
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in information networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
Aims
The module is concerned with the protection of data transferred over digital networks, including computer and telecommunications networks. We review networking concepts, particularly the concepts of services and protocols, and study how services are incorporated in network communications by specifying protocols. We extend the discussion of services to address security concerns, considering how cryptographic primitives may be used to provide confidentiality, integrity and authentication services. We illustrate these concepts by considering a variety of case studies, typically including wireless, cellular, network and transport layer protocols, techniques and technologies, including non-cryptographic countermeasures such as packet-filtering, intrusion detection, etc.
Objectives
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in information networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
19-20 IY5512: Computer Security (Operating Systems)
IY5512 is one of the four compulsory modules on the Information Security MSc. The aims of the computer security module are to introduce the security issues that computer systems must address and to describe some of the techniques for implementing security in operating systems.
19-20 IY5521: Legal and Regulatory Aspects of Electronic Commerce
Legal and Regulatory Aspects of Information Security.
19-20 IY5522: Security Technologies
IY5522 Summary:
This course provides an overview of the core technologies which underpin the provision of security services in computer and network security.
This course provides an overview of the core technologies which underpin the provision of security services in computer and network security.
19-20 IY5523: Secure Business Architectures
IY5523: Secure Business Architectures
This course gives a broad overview of topics that impact the delivery of security architectures within a modern information processing system.
This course gives a broad overview of topics that impact the delivery of security architectures within a modern information processing system.
19-20 IY5606: Smart Cards, Tokens, Security and Applications
Lecture notes for IY5606 - Smart Cards, RFIDs and Embedded Systems Security
Past exam papers are also available through Moodle.
Past exam papers are also available through Moodle.
19-20 IY5607: Software Security
Software Security will:
1. Identify and exploit the software vulnerabilities that can be introduced into programs through language features and poor programming practice;
2. Discuss the countermeasures that can mitigate the exploitation of such software vulnerabilities;
3. Introduce (briefly) malicious software (malware) as a typical consequence of successful software exploitation, nowadays;
4. Provide pointers to/discuss academic and/or industry research-oriented publications on the subject
1. Identify and exploit the software vulnerabilities that can be introduced into programs through language features and poor programming practice;
2. Discuss the countermeasures that can mitigate the exploitation of such software vulnerabilities;
3. Introduce (briefly) malicious software (malware) as a typical consequence of successful software exploitation, nowadays;
4. Provide pointers to/discuss academic and/or industry research-oriented publications on the subject
19-20 IY5609: Digital Forensics
All examinable course material is posted; units 9 and 10 may be posted later for information only.
19-20 IY5612: Cyber Security
Cyber Security - 2019/20 Academic Year