Skip to main content

During 2021 we will continue to support students who need to study remotely due to the ongoing impacts of COVID-19 and travel restrictions. Make sure you check the location code when selecting a unit outline or choosing your units of study in Sydney Student. Find out more about what these codes mean. Both remote and on-campus locations have the same learning activities and assessments, however teaching staff may vary. More information about face-to-face teaching and assessment arrangements for each unit will be provided on Canvas.

Unit of study_

COMP5618: Applied Cybersecurity

Digital technologies permeate every part of our lives. The internet has created a more open society, allowing us to create, share and access information and knowledge freely. As more of the services we rely on are digitised and available to use over the web, the more our identity, productivity, access to information, connectivity, social connections and financial well-being depends on information security. Consequently, a deep understanding of both offensive and defensive security techniques is fast becoming essential knowledge for a career in computing. This course will provide in-depth knowledge of offensive security that will prepare the student for work in any technical field where they will are responsible for the development or maintenance of sensitive systems. The course begins by introducing the basic tools used by hackers, before highlighting the common weaknesses- and mitigations- for various levels of the technology stack, such as web applications, operating systems and corporate networks. Finally, students are provided practical insights into careers in information security in the areas of attack detection, prevention and defence. Students will develop the skills necessary to both gain access to test computers and to defend test networks from attack.

Details

Academic unit Computer Science
Unit code COMP5618
Unit name Applied Cybersecurity
Session, year
? 
Semester 2, 2020
Attendance mode Normal evening
Location Camperdown/Darlington, Sydney
Credit points 6

Enrolment rules

Prohibitions
? 
None
Prerequisites
? 
None
Corequisites
? 
None
Assumed knowledge
? 

(ELEC5616 OR INFO2315 OR INFO2222) with a grade of Credit or greater

Available to study abroad and exchange students

Yes

Teaching staff and contact details

Coordinator Suranga Seneviratne, suranga.seneviratne@sydney.edu.au
Type Description Weight Due Length
Final exam (Take-home extended release) Type E final exam Final examination (oral)
The final examination of this unit is an oral examination.
40% Formal exam period 30 minutes
Outcomes assessed: LO2 LO9 LO8 LO7 LO6 LO5 LO3
Participation Practical lab participation and task completion
n/a
10% Multiple weeks n/a
Outcomes assessed: LO2 LO3 LO5 LO6 LO7 LO9
Assignment Assignment 1 - security incident paper review
n/a
10% Week 07 n/a
Outcomes assessed: LO1 LO2 LO4 LO5 LO7 LO8 LO9
Assignment Assignment 2 - penetration defence
n/a
15% Week 10 n/a
Outcomes assessed: LO3 LO9 LO6 LO5
Online task In-class test - secure code warrior
n/a
10% Week 11 1 Hour
Outcomes assessed: LO2 LO6 LO7 LO9
Assignment Assignment 3 - mobile CTF
n/a
15% Week 12 n/a
Outcomes assessed: LO2 LO9 LO7 LO5
Type E final exam = Type E final exam ?
  • Secure code warrior: Throughout the whole semester, students will have access to the `secure code warrior` which consists of a series of online exercises about security issues and code review, which can be worked on as homework.
  • Security incident paper review: Students will write a short summary essay about a real-world security incident, and give a brief overview presentation about this incident to the class.
  • Final examination: An oral exam on all aspects of the course, focussing on the students’ understanding of the covered security technologies and measures.

Detailed information for each assessment can be found on Canvas.

Assessment criteria

The University awards common result grades, set out in the Coursework Policy 2014 (Schedule 1).

As a general guide, a high distinction indicates work of an exceptional standard, a distinction a very high standard, a credit a good standard, and a pass an acceptable standard.

Result name

Mark range

Description

High distinction

85 - 100

 

Distinction

75 - 84

 

Credit

65 - 74

 

Pass

50 - 64

 

Fail

0 - 49

When you don’t meet the learning outcomes of the unit to a satisfactory standard. It is a policy of the School of Computer Science that in order to pass this unit, a student must achieve at least 40% in the written examination. For subjects without a final exam, the 40% minimum requirement applies to the corresponding major assessment component specified by the lecturer. A student must also achieve an overall final mark of 50 or more. Any student not meeting these requirements may be given a maximum final mark of no more than 45 regardless of their average.

For more information see sydney.edu.au/students/guide-to-grades.

Late submission

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date:

  • Deduction of 5% of the maximum mark for each calendar day after the due date.
  • After ten calendar days late, a mark of zero will be awarded.

Special consideration

If you experience short-term circumstances beyond your control, such as illness, injury or misadventure or if you have essential commitments which impact your preparation or performance in an assessment, you may be eligible for special consideration or special arrangements.

Academic integrity

The Current Student website provides information on academic honesty, academic dishonesty, and the resources available to all students.

The University expects students and staff to act ethically and honestly and will treat all allegations of academic dishonesty or plagiarism seriously.

We use similarity detection software to detect potential instances of plagiarism or other forms of academic dishonesty. If such matches indicate evidence of plagiarism or other forms of dishonesty, your teacher is required to report your work for further investigation.

WK Topic Learning activity Learning outcomes
Week 01 Ethics, environment, and tools Lecture and tutorial (3 hr) LO1 LO4 LO8
Week 02 Networking and infrastructure Lecture and tutorial (3 hr) LO2 LO3 LO9
Week 03 Networking - traversal Lecture and tutorial (3 hr) LO2 LO3 LO5 LO9
Week 04 Mobile security - static analysis and reverse engineering Lecture and tutorial (3 hr) LO5 LO6 LO7
Week 05 Mobile security - dynamic analysis Lecture and tutorial (3 hr) LO5 LO6 LO7
Week 06 Web applications - common vulnerabilities and threats Lecture and tutorial (3 hr) LO2 LO3 LO4 LO6 LO7 LO8
Week 07 Web vulnerability scanners Lecture and tutorial (3 hr) LO2 LO3 LO4 LO6 LO7 LO8
Week 08 Linux security Lecture and tutorial (3 hr) LO2 LO3 LO5 LO6
Week 09 Student Presentations Lecture and tutorial (3 hr) LO1 LO8 LO9
Week 10 Practical Vulnerability Scanning and Exploitation Lecture and tutorial (3 hr) LO2 LO3 LO5 LO7 LO9
Week 11 Guest lecture (Topic TBD) Lecture and tutorial (3 hr) LO1 LO4 LO8 LO9
Week 12 Digital Forensics & UoS Review Lecture and tutorial (3 hr) LO1 LO6 LO8

Attendance and class requirements

Study commitment: Students will participate in weekly three hour lab sessions that include 30-60 minutes of lecture material, interspersed with practical exercises. During each lab tutorial, academic papers will be distributed that relate to the following week’s topics. At the beginning of each lab, the paper from the previous week will be reviewed by the tutor, before a practical example relating to the topic will be performed by the students. This course includes a ‘mobile capture the flag’ (CTF) competition whereby students will attempt to reverse engineer various mobile app codes. Students will be provided access to a live-boot persistent Kali Linux USB drive to be used as their ‘attacking’ system, and a network-based host which they use to practice defence.

Study commitment

Typically, there is a minimum expectation of 1.5-2 hours of student effort per week per credit point for units of study offered over a full semester. For a 6 credit point unit, this equates to roughly 120-150 hours of student effort in total.

Learning outcomes are what students know, understand and are able to do on completion of a unit of study. They are aligned with the University’s graduate qualities and are assessed as part of the curriculum.

At the completion of this unit, you should be able to:

  • LO1. present and discuss a security incident with security experts
  • LO2. understand security measures to defend against malicious technical attacks leveled against connected systems
  • LO3. understand the implementation of infrastructure to detect and defend against network-based attacks
  • LO4. research information on security issues from the literature, and analyse a security incident use case
  • LO5. demonstrate practical knowledge of penetration testing via hands-on experience with standard industry tools
  • LO6. understand audit trails and identify where those should be implemented for use in incident response
  • LO7. understand the software infrastructure for modern web-based, mobile, and cloud-hosted applications
  • LO8. demonstrate knowledge of ethical and legal aspects of IT security and data privacy
  • LO9. recognise and resolve weaknesses in commonly-used systems.

Graduate qualities

The graduate qualities are the qualities and skills that all University of Sydney graduates must demonstrate on successful completion of an award course. As a future Sydney graduate, the set of qualities have been designed to equip you for the contemporary world.

GQ1 Depth of disciplinary expertise

Deep disciplinary expertise is the ability to integrate and rigorously apply knowledge, understanding and skills of a recognised discipline defined by scholarly activity, as well as familiarity with evolving practice of the discipline.

GQ2 Critical thinking and problem solving

Critical thinking and problem solving are the questioning of ideas, evidence and assumptions in order to propose and evaluate hypotheses or alternative arguments before formulating a conclusion or a solution to an identified problem.

GQ3 Oral and written communication

Effective communication, in both oral and written form, is the clear exchange of meaning in a manner that is appropriate to audience and context.

GQ4 Information and digital literacy

Information and digital literacy is the ability to locate, interpret, evaluate, manage, adapt, integrate, create and convey information using appropriate resources, tools and strategies.

GQ5 Inventiveness

Generating novel ideas and solutions.

GQ6 Cultural competence

Cultural Competence is the ability to actively, ethically, respectfully, and successfully engage across and between cultures. In the Australian context, this includes and celebrates Aboriginal and Torres Strait Islander cultures, knowledge systems, and a mature understanding of contemporary issues.

GQ7 Interdisciplinary effectiveness

Interdisciplinary effectiveness is the integration and synthesis of multiple viewpoints and practices, working effectively across disciplinary boundaries.

GQ8 Integrated professional, ethical, and personal identity

An integrated professional, ethical and personal identity is understanding the interaction between one’s personal and professional selves in an ethical context.

GQ9 Influence

Engaging others in a process, idea or vision.

Outcome map

Learning outcomes Graduate qualities
GQ1 GQ2 GQ3 GQ4 GQ5 GQ6 GQ7 GQ8 GQ9
No changes have been made since this unit was last offered'

“IMPORTANT: School policy relating to Academic Dishonesty and Plagiarism. In assessing a piece of submitted work, the School of Computer Science may reproduce it entirely, may provide a copy to another member of faculty, and/or to an external plagiarism checking service or in-house computer program and may also maintain a copy of the assignment for future checking purposes and/or allow an external service to do so.”

Disclaimer

The University reserves the right to amend units of study or no longer offer certain units, including where there are low enrolment numbers.

To help you understand common terms that we use at the University, we offer an online glossary.