Network and Web Security
In this module you will have the opportunity to gain a broad knowledge of network and web security from the network to the application layer. The emphasis of the course is both on the underlying principles and techniques, and on examples of how such principles are applied in practice.
Upon successful completion of this module you will be able to:
- evaluate main threats, attack techniques and defences relevant to cybersecurity and network security
- analyse web applications in order to identify vulnerabilities
- propose countermeasures to address vulnerabilities
- design secure web applications by leveraging security principles
- Cybersecurity overview
- Threat analysis and bug finding
- Internet security
- Serverside security
- Client-side security
- Secure Web Sessions
- Emerging security standards
- Online Privacy issues
Several topics discussed during the module require a general knowledge of computer networks, distributed systems, and programming languages.
Recommended (not required) prerequisites:
- CO211 Operating systems
- CO212 Networks and Communications
- CO408 Privacy Engineering
- CO409 Cryptography
- CO440 Software Reliability
- CO470 Program Analysis
The material will be taught through traditional lectures, in-class demos and additional guest lectures by experts from cybersecurity companies with presence in the UK. There are additional scheduled laboratory sessions where you will practice concepts learned during the lectures. These will be supervised by Graduate Teaching Assistants (GTAs) and the lecturers. There will also be additional in-class tutorials where you will work through unassessed, formative exercises designed to reinforce your understanding of the material taught.
The Piazza Q&A web service will be used as an open online discussion forum for the module.
There will be one coursework that contributes 20% of the mark for the module. There will be a final written exam, which counts for the remaining 80% of the marks. The final exam will take place in the computer labs, where you will answer traditional questions designed to test the theoretical aspects taught and also perform practical security-relevant exercises on dedicated virtual machines.
Verbal feedback will be provided via the GTAs and lecturers during the scheduled laboratory hours and also the in-class tutorial exercises. You will also receive detailed feedback on the coursework submission.
2nd ed., Syngress an imprint of Elsevier
No Starch Press
2nd ed., Wiley
2nd ed., Wiley