Module manager: Dr H. Arshad Jhumka
Email: H.A.Jhumka@leeds.ac.uk
Taught: Semester 1 (Sep to Jan) View Timetable
Year running 2024/25
| COMP2221 | Networks |
| COMP2912 | Software Engineering Principles |
| ELEC2645 | Embedded Systems Project |
This module is not approved as a discovery module
Security is an increasing problem for all computer systems. Users, administrators and developers all need to be aware of the risks and the need to develop systems that are resistant to attacks. It is the responsibility of a professional Computer Science practitioner to be aware of tools and techniques that can be used to mitigate the threats to systems security. This module focuses on these threats and how they can be mitigated by good design, implementation and testing of computer systems. In addition, the module will also cover intrusion detection and analysis. This module considers case studies from industrial security breaches and contributes to commercial awareness.
This module will provide the fundamental skills and knowledge required to develop secure software. This module contributes to developing responsible and commercially aware Computer Science practitioners.
On successful completion of this module a student will have demonstrated the ability to:
- evaluate the risks inherent in a computer system and produce a scheme of mitigation to manage the risk to an appropriate level for the system.
- explain common vectors of attack in computer systems.
- identify a range of different vulnerabilities in software applications.
- identify a range of suitable techniques to handle attacks
- use technical knowledge of cryptography to make a well-reasoned selection of appropriate cryptographic techniques for a given situation.
This module covers the following 5 topic areas:
- Cryptography: the role of cryptography in security, modern cryptographic algorithms and their use in software development and encryption in computer networks.
- Risk management: threat and security modelling, risk assessment, attack trees and security models.
- Modes of attack: network protocols, malware, arbitrary behaviour and software vulnerabilities.
- Mitigation techniques: counter measures, authentication techniques (biometrics and two-factor authentication), penetration testing, secure systems design and intrusion detection.
- Ethical issues: ethics of security research, responsible disclosure and privacy (this will be replaced by formal foundations.
| Delivery type | Number | Length hours | Student hours |
|---|---|---|---|
| Laboratory | 10 | 2 | 20 |
| Lecture | 20 | 1 | 20 |
| Private study hours | 60 | ||
| Total Contact hours | 40 | ||
| Total hours (100hr per 10 credits) | 100 | ||
Coursework and labs.
| Assessment type | Notes | % of formal assessment |
|---|---|---|
| In-course Assessment | Coursework | 30 |
| Total percentage (Assessment Coursework) | 30 | |
Normally resits will be assessed by the same methodology as the first attempt, unless otherwise stated.
| Exam type | Exam duration | % of formal assessment |
|---|---|---|
| Standard exam (closed essays, MCQs etc) | 2.0 Hrs 0 Mins | 70 |
| Total percentage (Assessment Exams) | 70 | |
Normally resits will be assessed by the same methodology as the first attempt, unless otherwise stated
The reading list is available from the Library website
Last updated: 9/27/2024
Errors, omissions, failed links etc should be notified to the Catalogue Team