Â鶹ӰԺ

More

Cyber Security module details

Block 1

Foundation of Cyber Security and Engineering – 30 credits 

Part A 

This module covers four topic areas: programming, operating systems, encryption and networks. These topics will be taught in the context of Cyber Security.

  1. Programming – this will move rapidly through procedural programming concepts, C programming practice, debugging, and the relationship between source and executable code. Programming will involve writing, modifying and debugging code using GCC/GDB.
  2. Operating systems – this will focus on non-volatile storage, memory, processes and to a lesser extent scheduling. You will get an adequate mental model of what the operating system does against which other cyber security concepts can be explained and understood. Operating systems will look at (probably Linux) kernel source code.
  3. Encryption – this will cover symmetric and asymmetric ciphers as well as the role of secure hashes for integrity checking. Encryption will involve sending and receiving messages encrypted/signed using GPG and performing integrity checks on various files.
  4. Networks – this will focus on the transport layer but also cover the supporting network and link layers. There will be a strongly applied practical feel to the module. Networking will use netkit/netcat/Wireshark to generate and analyse traffic.

Part B

This module introduces the core electronic and communication engineering concepts and devices that constitute the physical part of the cyber domain. You will learn about the physical constraints on systems and devices which will equip them to have meaningful conversations with practicing engineers about issues surrounding cyber security.

This module covers a wide range of technologies such as Smart Grids and the Internet of Things. You will learn about the technology challenges in IACS systems and how system evolution affects cyber security.

Block 2 

Cyber Threat Intelligence and Network Security – 30 credits 

Part A

Cyber threat intelligence has become one of the most popular topics in recent years with the explosion of cyber threat data from different data sources. Government and industries are looking for threat intelligence experts to help them properly collect, analyse, and produce Cyber Threat Intelligence.

This module develops you' ability to reason about threats to cyber security. You will learn about the strengths and limitations of methods to produce actionable intelligence. The extent of the cyber domain is reviewed from a range of perspectives. That it extends beyond the Internet is particularly emphasised. Various threat actors are considered, operating with different levels of resource and at a variety of different scales. The intelligence cycle and current intelligence theory is critiqued.

This module also focuses on security assessment and management. You will compare cyber threats and measure your potential impact through risk assessment.

Part B  

Trying to defend a modern IT system is a daunting task. You will learn about the conceptual framework of hardware and software layers within a computer and about the common vulnerabilities and threats. Similarly, network components and protocols, designing a defensible network, monitoring and intrusion detection, control mechanisms and threat assessment are studied. You will also learn about the generic aspects of security: privileges and authentication, monitoring techniques, user and software management, hardening techniques etc. An important aspect of the module is the knowledge that some attackers are smarter than defenders and know more about the computer and its systems than defenders do. Acknowledging this and planning accordingly is an essential skill.

Block 3

Malware Analysis, Penetration Testing and Incident Response – 30 credits

Part A

This module shows how to think like an attacker, how to probe systems for exploitable vulnerabilities and how to react appropriately when an incident occurs. You will learn about key components of corporate IT infrastructure - these include network topology and components, DNS, email, and authentication services such as LDAP. The module also explains the principles, tools, and techniques of penetration testing. You will learn how to perform reconnaissance on a target, how to identify possible victims and how to enumerate your services, how to gain access and how to escalate your privileges and hide your tracks. Client-side attacks, social engineering and physical attacks will also be covered, as will standard practices and rules of engagement.

This module also covers incident response and explains the principles, tools and techniques used to react appropriately. You will learn about the essential preparations before an incident occurs, how to detect incidents, including extrusion detection, how to perform an initial response, how to collect live data and network-based evidence, evidence handling and analysis, incident reporting and resolution. 

Part B

Investigation of a compromised host reveals an unidentified executable. What does it do? Answering this question might be the only way of discovering to what extent their systems are compromised. You will learn the principles, tools and techniques used to reverse engineer binaries, including how to avoid anti reversing traps. It is all too easy to make it seem that malware analysis is the methodical application of a prepared response, but the reality is that, when faced with actual incidents and executables, the biggest hurdle to overcome is the fear of the unknown. This module aims to present the material in such a way that the you become comfortable with making good-quality decisions quickly, when faced with an unknown situation.

Block 4

Digital Forensics with Legal, Ethical and Research Methods – 30 credits

Part A

This module focuses on the ethical and professional context of cyber security digital engineering, systems management, and digital forensics and in doing so it addresses the theory of professionals in organisations, security management, project management, the legal framework, ethical issues in professional practice and their resolution, legal and professional responsibilities of the digital engineer, systems manager, computer forensic and security practitioner. The legal component will address UK and international law affecting cyber security, digital engineering, systems management, and digital forensics. The module identifies and explains relevant research methods.

Part B

This module gives the foundation skills to the you for digital forensic investigation. You are taught analytical and investigative skills using industrial standard tools and techniques in a digital forensic examination laboratory. During the module you will be introduced to the foundation of digital forensic investigation and will learn how to examine digital devices such as desktop computers, mobile phones, tablets, etc. in a forensically sound manner. With great link with public and private organisations as well as various law enforcement agencies, we aim at the you receive the best learning experience towards becoming a digital forensic investigator. By completion of this module, you will be able to demonstrate a critical knowledge of tools and methods used in digital forensics and associate scientific risks and proper use of relevant guideline to maintain a chain of custody.

Blocks 5 & 6

PGT Project – 60 credits

The aim of the project/dissertation is to provide you with the opportunity to carry out a self-managed in-depth study involving design, fact finding, analysis, synthesis and integration of complex ideas which are sometimes based on incomplete and contradictory data or requirements. The project will demonstrate the application of skills acquired from the taught course to the solution to a particular problem or research topic. The project is a self-contained piece of work and may reflect and build on the material studied by the student. 

While there are a range of types of projects, there are no rigid distinctions between them, as the scope and importance of literature analysis, primary research, and system development can be tailored to fit the needs and interests of individual you and topics. Development projects, research projects and literature study projects are the most common types: 

  1. Development Project: The student will produce a working piece of software that serves a particular purpose, meeting a defined set of requirements. The product may include self-designed and purpose-built hardware as well as software, for example an innovative robotic system.
  1. Research Project: The student will create a research proposal and plan, identify research questions, undertake a literature review, review, select and evaluate data collection and data analysis methods, design and implement empirical research, analyse data and report research outcomes. All research projects are required to be undertaken within, and contribute to, a theoretical framework.
  1. Literature Study Project: A project may consist of a literature review alone when it is extensive, strategically significant, rigorously defined and implemented, and includes well-thought-out recommendations and implications. The student will produce a novel and creative analysis that attempts to answer one or more unanswered (or perhaps wrongly answered) research questions. The student will produce a report describing and critically evaluating existing documents and other sources of information, setting them in the context of a clear conceptual framework, and presenting a cogent analysis.
  1. Consultancy Project: The student will produce a consultancy-style report to meet a clearly defined need for a clearly defined client or audience, providing a detailed and sophisticated critical evaluation of existing techniques, approaches or systems, or how to solve a practical problem, with recommendations. The practical consultancy work should be set in the context of how the work can answer more general and scholarly questions.
  1. Data Analysis Project: The student will evaluate, select and apply computational techniques for data analysis and knowledge extraction, to solve a novel data analysis or knowledge extraction problem, or develop a novel technique for solving a particular data analysis problem, or develop a novel technique for presenting data or statistical information to support a particular human activity.

  2. Conceptual Analysis Project: The student will develop an analysis on paper of a system or of how to solve a problem. Projects might involve developing an analysis of a working software system by applying one or more analytical techniques - for example for producing a usability evaluation, or analysing or modelling a process, or producing a notation or technique for describing a particular sort of information that a software system might generate or use, or devising a procedure for tackling a particular class of problem in software development.