| CODE | CPS5132 | ||||||||||||
| TITLE | Systems Security Lab | ||||||||||||
| UM LEVEL | 05 - Postgraduate Modular Diploma or Degree Course | ||||||||||||
| MQF LEVEL | 7 | ||||||||||||
| ECTS CREDITS | 20 | ||||||||||||
| DEPARTMENT | Computer Science | ||||||||||||
| DESCRIPTION | With the prevalence of always-on connectivity and advancements in technology today, threats are evolving rapidly to exploit different aspects of these technologies. With a threat landscape in constant motion, it becomes imperative for ICT infrastructure to develop a strong security posture, which means enhancing the protection, detection, and response from/to cybersecurity threats. The old approach to security facing today's challenges and threats, where the only concern was to have a good firewall to protect the perimeter and have antivirus on the endpoints, is no longer practical. This study-unit provides a practical survey of network security applications and cryptographic protocol standards, attack methods and patterns to recognize malicious activity within on-premise and cloud infrastructure alike, including the forensic analysis of malware samples, and insights into hardware-level security, thereby preparing the basis for subsequent incident response processes. Study-unit Aims: This study-unit aims to prepare students for the following cybersecurity roles: - Risk analyst - Penetration tester - Security auditor - Security architect - Network/cloud security engineer - Secrity analysts/Incident responders - Digital forensics investigator by taking a tool-centric approach to survey the current threat landscape and security controls. Learning Outcomes: 1. Knowledge & Understanding By the end of the study-unit the student will be able to describe, discuss and demonstrate the operation of: - Network security concepts: Ciphers, key distribution and authentication protocols and supporting infrastructure, identity management, distributed access control, email security, securing web APIs and cloud-native applications; - Ethical hacking concepts: The adversarial mentality in cybersecurity across the entire cyber kill-chain, targeting web and cloud applications, browsers, mobile applications, stand-alone binaries, firewalls and intrusion detection evasion; - Digital Forensics and Incident Response concepts: Forensic evidence acquisition, analysis and sound evidence handling for incident/criminal investigation purposes, involving physical, logical, and live acquisition options for various OSes, filesystems and hypervisors and the correlation of these forensic sources with system logs, intrusion alerts, and threat intelligence feeds using log analytics; - Whole system security: Secure implementation of cryptography and isolated execution in light of hardware-level threats, with secure digital rights management and cache side-channels as primary case studies. 2. Skills By the end of the study-unit the student will be able to: - Set up secure DMZs, VPNs, VLANs, web APIs and cloud-native apps, email gateways, and identify incorrect block cipher usage or insecure certificate handling inside protocol design and implementation; - Identify vulnerabilities by applying a methodological approach against targets inside a LAN, a cloud deployment, web applications, and mobile apps, while demonstrate exploitability and assessing the impact; - Investigate security breaches, as alerted by suspect events or IDS alerts, originating from various entry-points and through the assistance of real-time situational awereness provided by SIEMs. Recover incident-relevant files (including deleted ones) and emails, reconstruct recent device usage from system logs, extract chats from locked smartphone, extract potential malware files from network packet captures and volatile memory dumps, followed by their decoding/decryption and analysis to solve incidents and configure security controls to prevent re-occurrence; - Replicate hardware side-channel attacks as part of a product security audit. Main Text/s and any supplementary readings: Text: - Stallings, W. (2016). Network security essentials: applications and standards. Pearson. ISBN-13: 978-0134527338 - Velu, V. K., & Beggs, R. (2019). Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux 2019.1–the ultimate white hat hackers' toolkit. Packt Publishing Ltd. ISBN-13: 978-1789340563 - Johansen, G. (2017). Digital forensics and incident response. Packt Publishing Ltd. ISBN-13: 978-1838649006. Reference: - Hertzog, R., O'Gorman, J., & Aharoni, M. (2017). Kali linux revealed. Mastering the Penetration Testing Distribution. – ISBN-13: 978-0997615609 - Zientara, D. (2016). Mastering PfSense. Packt Publishing. ISBN-13: 978-1788993173 - McDonald, A., Haycox, I., Taylor, C., Back, M., Rusenko, D., Hildebrandt, R., & Koetter, P. B. (2009). Linux E-mail. Packt Publishing Ltd. ISBN-13: 978-1847198648 - Estrin, E. (2022). Cloud Security Handbook: Find Out How to Effectively Secure Cloud Environments Using AWS, Azure, and GCP. Packt Publishing, Limited. ISBN-13: 978-1800569195 - Yadav, A. Kmar. T. (2016). Advanced Splunk. Packt Publishing Ltd. ISBN-13: 978-1785884351 - Lampson, B. W. (1973). A note on the confinement problem. Communications of the ACM, 16(10), 613-615. |
||||||||||||
| ADDITIONAL NOTES | Pre-Requisite qualifications: Bachelor's degree with a strong ICT component | ||||||||||||
| STUDY-UNIT TYPE | Lecture, Independent Study and Practical | ||||||||||||
| METHOD OF ASSESSMENT |
|
||||||||||||
| LECTURER/S | John Napier Martin Camilleri Kirsten Cremona Sandro Spina |
||||||||||||
|
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints. Units not attracting a sufficient number of registrations may be withdrawn without notice. It should be noted that all the information in the description above applies to study-units available during the academic year 2024/5. It may be subject to change in subsequent years. |
|||||||||||||