COMP6500
10 units
6000 level
Course handbook
Description
The course covers leading techniques currently used by attackers to exploit systems and networks. Students are introduced to various attack strategies including injection, rootkits and denial of service attacks as well as underpinning security defence techniques such as signature based analysis, anomaly-based analysis and traceback techniques for detection of attacks. Students are required to critically analyse the characteristics of various security tools such as firewalls, host/network-based security tools, and signature/anomaly-based security tools. Students who complete this course gain a practical knowledge of security attack detection and analysis, which is highly beneficial for carrying out security incident analysis in organisations.
Availability2024 Course Timetables
Callaghan
- Semester 1 - 2024
Online
- Semester 1 - 2024
Learning outcomes
On successful completion of the course students will be able to:
1. Identify and analyse security risks in heterogeneous network infrastructures.
2. Analyse the methods employed by attackers to exploit vulnerabilities in networked systems.
3. Design and develop advanced security mechanisms to counteract attacks in networked systems.
4. Evaluate security technologies used to counteract security attacks in networked infrastructures.
Content
Module 1: Risk Management
Introduction
- Course overview
- Overview of security attacks in current systems and networks
Risk Management Framework
- Risk management approach
- Threat modelling and penetration testing
- Best practices for improving security
Module 2: Software Security Attacks
Software security attacks and mitigation strategies
- Attacks exploiting vulnerabilities in OS and applications: buffer overflow, SQL injection
- Malware: rootkits, zero day attacks, polymorphism and metamorphism
- Attacks in virtualisation: VM escape, VM sprawl
Module 3: Network Security Attacks
Network security attacks and mitigation strategies
- Attacks in wired networks: LAN attacks, insider attacks, WAN attacks, DDos
- Attacks in wireless networks: WLAN attacks, rouge access points, war driving
Module 4: Security Technologies
Security technologies
- Design choices for security tools
- Analysis of border security tools: packet filter, stateful filters, DPI and application
- Analysis of host-based and network-based security tools
- Analysis of signature-based and anomaly-based security tools
- Malware analysis techniques: dynamic and static analysis techniques
- Analysis of virtualisation-based security techniques
- Analysis of network attacks traceback security techniques
Requisite
This course has similarities to COMP3500. If you have successfully completed COMP3500 you cannot enrol in this course.
Assumed knowledge
INFT6031 Systems and Network Administration. COMP6240 Operating Systems (in addition to INFT6031) would be preferred.
Assessment items
Written Assignment: Assignment 1: Risk Analysis and Attack Methods
Written Assignment: Assignment 2: Application of Security Mechanisms
Online Open Book Formal Examination: Final Examination
Compulsory Requirement: Pass requirement 40% - Must obtain 40% in this assessment item to pass the course.
Contact hours
Semester 1 - 2024 - Callaghan
Computer Lab-1
- Face to Face On Campus 2 hour(s) per week(s) for 10 week(s) starting in week 3
Lecture-1
- Face to Face On Campus 2 hour(s) per week(s) for 12 week(s) starting in week 1
Semester 1 - 2024 - Online
Computer Lab-1
- Online 2 hour(s) per week(s) for 10 week(s) starting in week 3
- Online students will receive equivalent instruction through online or other distance education strategies.
Lecture-1
- Online 2 hour(s) per week(s) for 12 week(s) starting in week 1
- Online students will receive equivalent instruction through online or other distance education strategies.
Course outline
- COMP6500 - Semester 1, 2024 (All) (PDF, 269.9 KB)
The University of Newcastle acknowledges the traditional custodians of the lands within our footprint areas: Awabakal, Darkinjung, Biripai, Worimi, Wonnarua, and Eora Nations. We also pay respect to the wisdom of our Elders past and present.