Course image 23-24 IY2760/DC3760: Introduction to Information Security
Information Security
This is an introductory course to Information Security.
The course will introduce the fundamental concepts of information security, covering a variety of topics, including elements of cryptography, security protocols, computer and network security.
Course image 23-24 IY2840: Computer and Network Security
Information Security
This course addresses a number of topics in computer and network security. Its content includes Memory errors, Web, network, countermeasures and pointers to research papers. The course prepares students to identify software vulnerabilities, shows how to address these and introduces how vulnerabilities are exploited through malware.
Course image 23-24 IY3501: Security Management
Information Security
IY3501 provides a non-technical introduction to security management. We will explain the need for effective security management and identify the problems associated with security management. We will explore how risks are analysed and how appropriate remedial actions are identified and implemented, referring to relevant standards and legal requirements.
Course image 23-24 IY3660: Applications of Cryptography
Information Security
The aim of this course is to explain the fundamentals behind cryptography and how it is deployed in real-world systems. We will discuss the security services that can be provided by cryptography, the main cryptographic mechanisms (eg symmetric key and public encryption schemes, hash functions, MACs and digital signatures), their security goals, design and basic attacks, and real-world applications and deployment of cryptography. Overall, students will get a broad overview of the key topics in cryptography that they are likely to run into as a practitioner (eg software developer).
The course's approach to present this material is to focus on how to use cryptography to enable secure communications: we will see how to use and combine the several cryptographic tools to set up a channel that can be used to "securely" exchange data between two communicating parties.
The course's approach to present this material is to focus on how to use cryptography to enable secure communications: we will see how to use and combine the several cryptographic tools to set up a channel that can be used to "securely" exchange data between two communicating parties.
Course image 23-24 IY3840: Malicious Software
Information Security
Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.
Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.
By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?".
Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques.
Course image 23-24 IY5501/IY4501: Security Management
Information Security
IY5501 is in two parts: the first part provides an introduction to information security management, and the second part is concerned with research methods.
IY4501 provides an introduction to security management, and shares lectures and all other teaching material with the corresponding part of IY5501.
In the security management part of IY5501 we will explain the need for effective security management and identify the problems associated with security management. We will explore how risks are analysed and how appropriate remedial actions are identified and implemented, referring to relevant standards and legal requirements.
The main goal of the research methods part of IY5501 is to provide students with the tools they need to complete an excellent MSc project. Topics covered include how to use the literature, an introduction to qualitative and quantitative research methods, and guidance on structuring and writing an MSc dissertation.
Course image 23-24 IY5501B: Security Management
Information Security
IY5501B provides an introduction to security management (and for those commencing their degrees from 2023, research methods). We will explain the need for effective security management and identify the problems associated with security management. We will explore how risks are analysed and how appropriate remedial actions are identified and implemented, referring to relevant standards and legal requirements.
Course image 23-24 IY5511/IY5511B: Network Security
Information Security
Aims
The module is concerned with the protection of data transferred over digital networks, including computer and telecommunications networks. We review networking concepts, particularly the concepts of services and protocols, and study how services are incorporated in network communications by specifying protocols. We extend the discussion of services to address security concerns, considering how cryptographic primitives may be used to provide confidentiality, integrity and authentication services. We illustrate these concepts by considering a variety of case studies, typically including wireless, cellular, network and transport layer protocols, techniques and technologies, including non-cryptographic countermeasures such as packet-filtering, intrusion detection, etc.
Objectives
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
The module is concerned with the protection of data transferred over digital networks, including computer and telecommunications networks. We review networking concepts, particularly the concepts of services and protocols, and study how services are incorporated in network communications by specifying protocols. We extend the discussion of services to address security concerns, considering how cryptographic primitives may be used to provide confidentiality, integrity and authentication services. We illustrate these concepts by considering a variety of case studies, typically including wireless, cellular, network and transport layer protocols, techniques and technologies, including non-cryptographic countermeasures such as packet-filtering, intrusion detection, etc.
Objectives
At the end of the module students should have gained an understanding of the fundamentals of the provision of security in networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements.
Course image 23-24 IY5512: Computer Security (Operating Systems)
Information Security
IY5512 is one of the four compulsory modules on the Information Security MSc. The aims of the computer security module are to introduce the security issues that computer systems must address and to describe some of the techniques for implementing security in operating systems.
Course image 23-24 IY5521/IY5621/IY5621B: Legal and Regulatory Aspects of Information Security
Information Security
In the module, we will survey laws that:
- define liability from cyber security failure,
- limit freedom of security operations, and
- explain multinational online liability.
The module is designed for a multinational student body and is not limited to the laws of any single jurisdiction. No prior study of law is necessary.
- define liability from cyber security failure,
- limit freedom of security operations, and
- explain multinational online liability.
The module is designed for a multinational student body and is not limited to the laws of any single jurisdiction. No prior study of law is necessary.
Course image 23-24 IY5609/IY4609/IY3609: Digital Forensics
Information Security
This module covers foundations and some theoretical background for the preservation, collection, examination, and analysis of digital evidence.
The course introduces principles of forensic science and sketches relevant aspects of general and UK legal and regulatory principles, but is not limited to digital forensics as used in courts of law since areas such as compliance monitoring and even the analysis of cyber security breaches also rely on these techniques and principles.
The module covers methods for the collection and analysis of digital evidence, highlighting limitations and fragility of evidence as well as susceptibility to malicious manipulation.
The module covers storage as well as network forensics techniques, host-based techniques for analysing memory and live system behaviour with an emphasis on Microsoft Windows and selected mobile platforms (Apple iOS and Google Android).
The course introduces principles of forensic science and sketches relevant aspects of general and UK legal and regulatory principles, but is not limited to digital forensics as used in courts of law since areas such as compliance monitoring and even the analysis of cyber security breaches also rely on these techniques and principles.
The module covers methods for the collection and analysis of digital evidence, highlighting limitations and fragility of evidence as well as susceptibility to malicious manipulation.
The module covers storage as well as network forensics techniques, host-based techniques for analysing memory and live system behaviour with an emphasis on Microsoft Windows and selected mobile platforms (Apple iOS and Google Android).
Course image 23-24 IY5610/IY4610: Security Testing- Theory and Practice
Information Security
IY5610/4610 is the weekly mode Security Testing Theory and Practice course. Students will learn:
- Best practice in reporting and conducting security assessments and audits
- Security assessment and audit frameworks
- Practical skills in gathering and utilising OSINT to inform clients of their exposure to remote and local cyber threats
- Enumeration and confirmation of vulnerabilities in a variety of hosts (LAN and Web)
- Target Exploitation for the purpose of providing a methodological review of vulnerabilities and their consequences
- Theory regarding attacker-defender interactions, focusing on game-theoretic concepts
Students will interact with standards such as ISO27000 and NIST SP 800-115, as well as OWASP.
Student can expect a focus on ethics with regards to client confidentiality, legal issues facing security testers (indemnity and culpability in specific situations), and the principles of white-hat hacking.
Please bear in mind that this course focuses first and foremost on an ethical and methodological approach to exploitation, and that students are responsible for ensuring that they follow good practice, as defined in the course documentation (and elaborated on in Lecture 1).
- Best practice in reporting and conducting security assessments and audits
- Security assessment and audit frameworks
- Practical skills in gathering and utilising OSINT to inform clients of their exposure to remote and local cyber threats
- Enumeration and confirmation of vulnerabilities in a variety of hosts (LAN and Web)
- Target Exploitation for the purpose of providing a methodological review of vulnerabilities and their consequences
- Theory regarding attacker-defender interactions, focusing on game-theoretic concepts
Students will interact with standards such as ISO27000 and NIST SP 800-115, as well as OWASP.
Student can expect a focus on ethics with regards to client confidentiality, legal issues facing security testers (indemnity and culpability in specific situations), and the principles of white-hat hacking.
Please bear in mind that this course focuses first and foremost on an ethical and methodological approach to exploitation, and that students are responsible for ensuring that they follow good practice, as defined in the course documentation (and elaborated on in Lecture 1).
Course image 23-24 IY5612/IY4612/IY3612: Critical Infrastructure Security
Information Security
This module covers aspects of cyber security focused on advanced adversaries and threats to information systems, and particularly cyber-physical systems found in critical national infrastructures.
For this, a number of models to study large-scale systems and networks are introduced, as well as models of adversaries and interactions with adversaries along with selected case studies of such advanced attacks and attack vectors.
The module also covers cyber-physical system security at lower levels with an overview particularly of control systems and SCADA architectures as well as threats and attacks against these.
For this, a number of models to study large-scale systems and networks are introduced, as well as models of adversaries and interactions with adversaries along with selected case studies of such advanced attacks and attack vectors.
The module also covers cyber-physical system security at lower levels with an overview particularly of control systems and SCADA architectures as well as threats and attacks against these.