The course covers leading techniques currently used by attackers to exploit systems and networks. Students are introduced to various attack strategies including injection, rootkits and denial of service attacks as well as underpinning security defence techniques such as signature based analysis, anomaly-based analysis and traceback techniques for detection of attacks. Students are required to critically analyse the characteristics of various security tools such as firewalls, host/network-based security tools, and signature/anomaly-based security tools. Students who complete this course gain a practical knowledge of security attack detection and analysis, which is highly beneficial for carrying out security incident analysis in organisations.
Availability2021 Course Timetables
- Semester 1 - 2021
- Semester 1 - 2021
- Semester 2 - 2021
On successful completion of the course students will be able to:
1. Identify and analyse security risks in heterogeneous network infrastructures.
2. Analyse the methods employed by attackers to exploit vulnerabilities in networked systems.
3. Design and develop advanced security mechanisms to counteract attacks in networked systems.
4. Evaluate security technologies used to counteract security attacks in networked infrastructures.
Module 1: Risk Management
- Course overview
- Overview of security attacks in current systems and networks
Risk Management Framework
- Risk management approach
- Threat modelling and penetration testing
- Best practices for improving security
Module 2: Software Security Attacks
Software security attacks and mitigation strategies
- Attacks exploiting vulnerabilities in OS and applications: buffer overflow, SQL injection
- Malware: rootkits, zero day attacks, polymorphism and metamorphism
- Attacks in virtualisation: VM escape, VM sprawl
Module 3: Network Security Attacks
Network security attacks and mitigation strategies
- Attacks in wired networks: LAN attacks, insider attacks, WAN attacks, DDos
- Attacks in wireless networks: WLAN attacks, rouge access points, war driving
Module 4: Security Technologies
- Design choices for security tools
- Analysis of border security tools: packet filter, stateful filters, DPI and application
- Analysis of host-based and network-based security tools
- Analysis of signature-based and anomaly-based security tools
- Malware analysis techniques: dynamic and static analysis techniques
- Analysis of virtualisation-based security techniques
- Analysis of network attacks traceback security techniques
This course has similarities to COMP3500. If you have successfully completed COMP3500 you cannot enrol in this course.
INFT2031 Systems and Network Administration or COMP2240 Operating Systems or ELEC2720 Introduction to Embedded Computing.
Written Assignment: Assignment 1: Risk Analysis and Attack Methods
Written Assignment: Assignment 2: Application of Security Mechanisms
Formal Examination: Final Examination *
* This assessment has a compulsory requirement.
In order to pass this course, each student must complete ALL of the following compulsory requirements:
Course Assessment Requirements:
- Formal Examination: Minimum Grade / Mark Requirement - Students must obtain a specified minimum grade / mark in this assessment item to pass the course. - Students must obtain 40% in the final exam to pass the course.
Callaghan and Online
Face to Face On Campus 2 hour(s) per Week for Full Term
Online students will receive equivalent instruction through online or other distance education strategies.
Face to Face On Campus 38 hour(s) per Term Full Term
2 hours per week shared with COMP3500 plus an additional two hours per fortnight. Online students will receive equivalent instruction through online or other distance education strategies.
The University of Newcastle acknowledges the traditional custodians of the lands within our footprint areas: Awabakal, Darkinjung, Biripai, Worimi, Wonnarua, and Eora Nations. We also pay respect to the wisdom of our Elders past and present.