Useful links
Unit of study_
COMP5617: Empirical Security Analysis and Engineering
This unit will present the lessons from recent research and from case studies of practice to bring students the skills to assess and improve the security of deployed systems. A particular focus is on data-driven approaches to collect operational data about a systems security. We explore deployment issues at local and global scale, e. g. for X. 509, DNS, and BGP, and also take human factors explicitly into account. As a result, students will learn to put building blocks of security together in a sound way, to arrive at engineering solutions that are empirically verifiable, functional, and secure against realistic threats. As Dan Geer once famously said: Any security technology whose effectiveness cant be empirically determined is indistinguishable from blind luck.
| Code | COMP5617 |
|---|---|
| Academic unit | Computer Science |
| Credit points | 6 |
|
Prerequisites:
?
|
INFO3616 or ELEC5616 or CSEC3616 or CSEC5616 |
|---|---|
|
Corequisites:
?
|
None |
| Prohibitions:
?
|
COMP4617 |
At the completion of this unit, you should be able to:
- LO1. Understand the balance between risk, achieved security, and cost; experience with threat modelling and risk analysis as tools to choose this balance for a given system
- LO2. Understand common security terminology in security literature
- LO3. Understand different ways in which security of computer systems can be compromised, e.g. physically, remotely, operationally (esp. social engineering); and relate specific attack scenarios to the major security goals such as authentication, integrity, secrecy, non-repudiation
- LO4. Understand the major challenges for security of programs, information, computers and networks, and ability to avoid most egregious (typical) flaws in designing and operating IT systems
- LO5. Demonstrate a high-level knowledge of common approaches to achieve security goals in computer systems, including the main security protocols in the Internet stack
- LO6. demonstrate knowledge of privacy-preserving technologies
- LO7. Produce written reports that evaluate a system's security
- LO8. Research information on security issues from the literature, and analyse a security incident use case
Unit outlines
Unit outlines will be available 1 week before the first day of teaching for the relevant session.
- Semester 2, 2023 [Normal evening] - Camperdown/Darlington, Sydney
- Semester 2, 2022 [Normal evening] - Camperdown/Darlington, Sydney
- Semester 2, 2022 [Normal evening] - Remote
- Key dates
Key dates through the academic year, including teaching periods, census, payment deadlines and exams.
- Student administration
Enrolment, course planning, fees, graduation, support services, student IT
- Expectations of student conduct
Code of Conduct for Students, Conditions of Enrollment, University Privacy Statement, Academic Integrity
- Academic appeals
Academic appeals process, special consideration, rules and guidelines, advice and support
- Learning and teaching policy
Policy register, policy search
- Financial support
Scholarships, interest free loans, bursaries, money management
- Study resources
Learning Centre, faculty and school programs, Library, online resources
- Health and support
Student Centre, counselling & psychological services, University Health Service, general health and wellbeing
