Skip to main content

Module

CSC8212 : Security Tools and Analysis

  • Offered for Year: 2022/23
  • Module Leader(s): Dr Rasha Ibrahim
  • Owning School: Computing
  • Teaching Location: Newcastle City Campus
Semesters
Semester 1 Credit Value: 20
ECTS Credits: 10.0

Aims

It is often impossible to guarantee the complete security of a system, and a cyber-security analyst often aims instead to reveal gaps in security provisioning. The aim of this module is to develop skills to select and apply tools and techniques for carrying out security testing strategies including vulnerability scanning, penetration testing and ethical hacking.

Outline Of Syllabus

•       This module will look at a range of security tools and analysis, covering:
•       Definition of Ethical Hacking
•       Network Analysis (such as host discovery and traffic analysis)
•       Web Application Analysis (such as XSS and vulnerability reporting)
•       Operating System Analysis (such as privilege escalation and buffer exploitation)
•       Cryptography Analysis (such as brute-force on hashing)
•       Malware Analysis (such as reverse engineering and intrusion detection)
•       Forensics Analysis (such as steganography and log analysis)

Teaching Methods

Teaching Activities
Category Activity Number Length Student Hours Comment
Structured Guided LearningLecture materials400:1510:00Short videos explaining the concepts and demonstrating the tools & techniques [Online non-synch]
Structured Guided LearningLecture materials400:3020:00Written and interactive material about the tools and techniques. [Online non-synchronous]
Guided Independent StudyAssessment preparation and completion401:0040:00Completion of practical exercises
Guided Independent StudyAssessment preparation and completion441:0044:00Writing of the report accounting for and reflecting on the practical exercises (max 4,000 words)
Scheduled Learning And Teaching ActivitiesPractical61:006:00Work in a supervised environment to develop skills and professional practical exercises. [PIP]
Scheduled Learning And Teaching ActivitiesDrop-in/surgery400:3020:00Engagement on discussion forums, discussion with demonstrators, mod leaders & students [Online Sync]
Guided Independent StudyIndependent study401:3060:00Follow-up on the lecture material.
Total200:00
Jointly Taught With
Code Title
CSC8210Security Fundamentals and Tools
Teaching Rationale And Relationship

This module follows a blended learning delivery method; articulated around 40 units of practical skill material. Each unit of material consists of a short video, accompanied by written and interactive material, including short formative quizzes. Learners are expected to discuss about the material on the discussion forum, curated by demonstrators and module lecturers. In addition, drop-in sessions (either online, using Zoom/Teams, or present-in-person, depending on availability) will offer learners the possibility to ask specific questions in small groups to demonstrators, and module talks will enable module leaders to reflect on the online discussion forums, and to discuss about points repeatedly mentioned. The assessment is done by realising a sequence of individualised practical exercises (i.e., given an exercise, the specific solution is different for each learner, even though the difficulty is the same), which are gradually released. Each practical corresponds to one or two units of material. Practical exercises are automatically verified, providing instant feedback to the learners. The final report consists of a reflection from the student on the different exercises done, steered by specific questions.

Assessment Methods

The format of resits will be determined by the Board of Examiners

Other Assessment
Description Semester When Set Percentage Comment
Report1M100A 4000-word security Analysis report including Individual exercises to be completed based on the module practical sessions
Formative Assessments
Description Semester When Set Comment
Report1MDraft report including sample of reflective work, final report structure and formatting
Assessment Rationale And Relationship

The coursework consists of a series of practical tasks that need to be solved using security tools and analysis techniques covered in the module, as described in the syllabus. Most practical tasks will be automatically assessed during the module, enabling module participants to keep track of their progress. A final report should be submitted, including a reflection on the practical exercises, and how the student informed their choices. The report is worth 100% of the final mark and should be submitted at the end of the module. A formative assessment covering the overall structure and sample of reflective writing is conducted in the first third of the module, in order to receive feedback on the general approach, including the formatting.

Reading Lists

Timetable