Skip to main content

During 2021 we will continue to support students who need to study remotely due to the ongoing impacts of COVID-19 and travel restrictions. Make sure you check the location code when selecting a unit outline or choosing your units of study in Sydney Student. Find out more about what these codes mean. Both remote and on-campus locations have the same learning activities and assessments, however teaching staff may vary. More information about face-to-face teaching and assessment arrangements for each unit will be provided on Canvas.

Unit of study_

COMP5617: Empirical Security Analysis and Engineering

This unit will present the lessons from recent research and from case studies of practice to bring students the skills to assess and improve the security of deployed systems. A particular focus is on data-driven approaches to collect operational data about a system's security. We explore deployment issues at local and global scale, e. g. for X. 509, DNS, and BGP, and also take human factors explicitly into account. As a result, students will learn to put building blocks of security together in a sound way, to arrive at engineering solutions that are empirically verifiable, functional, and secure against realistic threats. As Dan Geer once famously said: "Any security technology whose effectiveness can't be empirically determined is indistinguishable from blind luck."

Code COMP5617
Academic unit Computer Science
Credit points 6
Assumed knowledge:
Students are expected to have: Good programming skills in Go, Python, or C. UNIX/Linux command-line and tools Technical orientation and foundational networking knowledge Sufficient mathematical skills to understand cryptography Experience working with version control

At the completion of this unit, you should be able to:

  • LO1. demonstrate knowledge of privacy-preserving technologies
  • LO2. demonstrate awareness of security vs. usability trade-offs
  • LO3. effectively research and analyse information about current IT security topics
  • LO4. demonstrate understanding of data-driven security defences
  • LO5. demonstrate practical experience with scanning and monitoring of Internet services to determine deployment security
  • LO6. demonstrate understanding of the building blocks of Internet services such as the Internet naming and routing system, and the WWW
  • LO7. demonstrate understanding of the main security protocols in the Internet stack
  • LO8. demonstrate ability in designing and conducting an empirical security analysis.

Unit outlines

Unit outlines will be available 2 weeks before the first day of teaching for the relevant session.

There are no unit outlines available online for previous years.