The module covers a range of topics that include:
- Malware analysis and investigation
- Low-level concepts of Operating Systems
- Understanding endpoints (smartphones, servers, PC/Mac/smartphones) and how they are configured
- Data collection and mitigation of surveillance
The module involves developing understanding of Logging and Auditing, it also includes extraction and examination of the storage mediums, RAM, and networks using tools such as FTK Imager, Autopsy, and Volatility. The module also involves malware analysis using various static and dynamic analysis tools.
This module introduces the foundational concepts of cryptography, focusing on securing data and communications. It also explores key exchange mechanisms and the role of digital certificates in ensuring trust in digital interactions. The module begins with a brief overview of security concepts before diving into cryptographic principles. The key focus areas are:
- Security concepts
- Cryptographic concepts
- Key exchange principles
- Digital certificates and signatures
The security concepts covers :
- Confidentiality, Integrity, and Authentication: Foundations of secure communication.
- Basic Threats: Overview of common security threats like eavesdropping, tampering, and impersonation.
- Security Mechanisms: Brief introduction to encryption, firewalls, and access control.
- Importance of Security: Ensuring trust, data protection, and system reliability.
The cryptographic concepts covers:
- Encryption and Decryption: Transforming data into unreadable formats and restoring it.
- Types of Cryptography: Symmetric (e.g., AES) and Asymmetric (e.g., RSA) methods.
- Hash Functions: Verifying data integrity using algorithms like SHA-256.
- Applications: Securing communication, file encryption, and data storage
The key exchange principles covers:
- Secure Key Sharing: Exchanging cryptographic keys over insecure channels.
- Diffie-Hellman: Method for establishing a shared secret using modular arithmetic.
- Elliptic Curve Diffie-Hellman (ECDH): Efficient key exchange leveraging elliptic curves.
- Challenges and Solutions: Overcoming risks like interception during key exchange.
The digital certificates and signatures covers :
- Digital Certificates: Verifying the ownership of public keys via Certificate Authorities (CAs).
- Public Key Infrastructure (PKI): Framework managing certificates and trust.
- Digital Signatures: Ensuring message authenticity and integrity using private keys.
- Applications: Securing web traffic (HTTPS), email authentication, and document verification.
The module covers a range of topics that include:
- Basic cloud computing concepts, advantages, and service delivery models.
- Identity and Access Management (IAM) for centrally managing access to cloud resources.
- Secure networking practices within the cloud environments.
- Design and implementation of highly available, and secure cloud architecture.
- Design and implementation of cloud resources such as Virtual servers, Databases, and storage solutions.
- Introduction to serverless architecture within the cloud environments.
- Application Data protection, both in transit and at rest, with in the cloud environments.
- Logging and Monitoring within the cloud.
- Incident Response Management within the cloud environments.
Students will undertake a large self-directed software project in a specialist topic of their choice with guidance and support from a dedicated academic supervisor.
The project will begin with an appraisal of said topic, usually through a literature review and/or a commercial assessment of viability. This will be followed by planning and creation of a practical software artefact covering an implementation lifecycle, making use of project management techniques.
Ethical issues will be explored, leading to required approval for quantitative and/or qualitative testing, with results then analysed and used to inform futher development and to draw conclusions against a hypothesis.
This module is introduces the theory and practice of network protocol design, maintenance and evalutation. We will build from first principles towards a professional, research and development approach to the subject. This will include topics such as:
- Routing
- Traffic engineering
- Distributed protocol design
- Use of discrete event simulation tools
- Evaluation and analysis of protocols
- Mobile and wireless networking
- Graph theory
- Network optimisation
- Computational complexity
- Software defined networking
- Information centric networking
The module combines relevant theoretical abstractions with essential practical networking approaches to build a strong profile of skills, abilities and knowledge for the successful student.
The module covers a range of topics that include:
- Open Source Intelligence (OSINT)
- Social Media Intelligence (SOCMINT)
- Human Intelligence (HUMINT)
- Cyber crime
- Cyber activism
- Cyber espionage
- Information Operations (INFO-OPS)
- Incident Response
Students will learn how to use indicators of compromise to detect initial incidents. YARA rules will be created to perform threat hunting. Cyber Kill Chain and SANS incident response models will be used to map out the entire attack methodology used by threat actors. The module involves understanding critical infrastructure hacking. Previous breach reports will be used to identify attackers' capabilities in order to identify potential threat actors.