Outline

Overview

This unit of study introduces the principles and practices of cybersecurity. Students will explore fundamental concepts such as confidentiality, integrity, availability, risk management, and threat mitigation. Through a combination of lectures and hands-on lab activities, students will gain practical experience with encryption, network security, web security, access control, and incident response. Key topics include cryptographic techniques, secure network design, web application security, mobile and IoT security, and cloud security. The unit also covers important legal and ethical considerations, focusing on regulations such as the Australian Privacy Act and GDPR. By the end of the unit, students will have a solid foundation in cybersecurity, preparing them for advanced study or entry-level positions in the field. Emphasis is placed on real-world applications and current trends to ensure students are equipped to handle emerging cybersecurity challenges.

Unit details and rules

Academic unit	Computer Science
Credit points	6
Prerequisites ?	None
Corequisites ?	None
Prohibitions ?	OINF5995
Assumed knowledge ?	None
Available to study abroad and exchange students	No

Teaching staff

Coordinator	Liyi Zhou, liyi.zhou@sydney.edu.au

Assessment

The census date for this unit availability is 31 March 2026

Details
Criteria

Type	Description	Weight	Due	Length	Use of AI
Written exam	Final Exam Supervised Gradescope exam on campus	50%	Formal exam period	2 hours	AI prohibited
Outcomes assessed:
Out-of-class quiz	Weekly Quizzes Quizzes during the week from Week 03 to Week 12, due before next Monday (Best 5 out of 10)	10%	Multiple weeks	5-10 mins	AI allowed
Outcomes assessed:
Out-of-class quiz	Week 2 Quiz Testing the knowledge of the content taught in weeks 1 & 2.	0%	Week 02	5 - 10 mins	AI allowed
Outcomes assessed:
Presentation	Project Phase 1 Use AI tools to identify vulnerabilities in Android apps, with a focus on crypto vulnerabilities.	15%	Week 06	no restriction	AI allowed
Outcomes assessed:
Presentation	Project Phase 2 Part 1 - Use AI tools to identify vulnerabilities in Android apps, with a focus on non-crypto vulnerabilities; Part 2 - Manually analyze real world web and mobile targets, including bug bounty programs, and report security findings;	25%	Week 11	no restriction	AI allowed
Outcomes assessed:
= hurdle task ? = group assignment ? = early feedback task ?

Assessment summary

Project - Students work in teams to find vulnerabilities using AI tools. Each student must reflect on their own work and on their teammates’ work in the project report, including their contribution and specific tasks completed. Final marks for the group project are based on the quality of the team output and each student’s individual contribution.

Quizzes - Students work independently.

Final Exam - Supervised paper based exam will be conducted. Students must score at least 40% in the final exam to pass the unit (see Pass requirements). Further details about the exam format and logistics will be provided closer to the exam date.

Detailed information for each assessment can be found on Canvas.

Conditions for pass in this unit:

At least 40% in the final exam (hurdle task)
At least 50% total

Assessment criteria

The University awards common result grades, set out in the Coursework Policy 2014 (Schedule 1).

As a general guide, a high distinction indicates work of an exceptional standard, a distinction a very high standard, a credit a good standard, and a pass an acceptable standard.

Result name	Mark range	Description
High distinction	85 - 100	Awarded when you demonstrate the learning outcomes for the unit at an exceptional standard, as defined by grade descriptors or exemplars outlined by your faculty or school.
Distinction	75 - 84	Awarded when you demonstrate the learning outcomes for the unit at a very high standard, as defined by grade descriptors or exemplars outlined by your faculty or school.
Credit	65 - 74	Awarded when you demonstrate the learning outcomes for the unit at a good standard, as defined by grade descriptors or exemplars outlined by your faculty or school.
Pass	50 - 64	Awarded when you demonstrate the learning outcomes for the unit at an acceptable standard, as defined by grade descriptors or exemplars outlined by your faculty or school.
Fail	0 - 49	When you don’t meet the learning outcomes of the unit to a satisfactory standard.

Minimum Pass Requirement:

It is a policy of the School of Computer Science that in order to pass this unit, a student must achieve at least 40% in the written examination. For subjects without a final exam, the 40% minimum requirement applies to the corresponding major assessment component specified by the lecturer. A student must also achieve an overall final mark of 50 or more. Any student not meeting these requirements may be given a maximum final mark of no more than 45 regardless of their average.

For more information see guide to grades.

Use of generative artificial intelligence (AI)

You can use generative AI tools for open assessments. Restrictions on AI use apply to secure, supervised assessments used to confirm if students have met specific learning outcomes.

Refer to the assessment table above to see if AI is allowed, for assessments in this unit and check Canvas for full instructions on assessment tasks and AI use.

If you use AI, you must always acknowledge it. Misusing AI may lead to a breach of the Academic Integrity Policy.

Visit the Current Students website for more information on AI in assessments, including details on how to acknowledge its use.

Late submission

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date:

Deduction of 5% of the maximum mark for each calendar day after the due date.
After ten calendar days late, a mark of zero will be awarded.

This unit has an exception to the standard University policy or supplementary information has been provided by the unit coordinator. This information is displayed below:

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date: Deduction of 5% of the marks for each calendar day after the due date. After answers explained in the lab, a mark of zero will be awarded.

Academic integrity

The University expects students to act ethically and honestly and will treat all allegations of academic integrity breaches seriously.

Our website provides information on academic integrity and the resources available to all students. This includes advice on how to avoid common breaches of academic integrity. Ensure that you have completed the Academic Honesty Education Module (AHEM) which is mandatory for all commencing coursework students

Penalties for serious breaches can significantly impact your studies and your career after graduation. It is important that you speak with your unit coordinator if you need help with completing assessments.

Visit the Current Students website for more information on AI in assessments, including details on how to acknowledge its use.

Learning support

Simple extensions

If you encounter a problem submitting your work on time, you may be able to apply for an extension of five calendar days through a simple extension.  The application process will be different depending on the type of assessment and extensions cannot be granted for some assessment types like exams.

Special consideration

If exceptional circumstances mean you can’t complete an assessment, you need consideration for a longer period of time, or if you have essential commitments which impact your performance in an assessment, you may be eligible for special consideration or special arrangements.

Special consideration applications will not be affected by a simple extension application.

Using AI responsibly

Co-created with students, AI in Education includes lots of helpful examples of how students use generative AI tools to support their learning. It explains how generative AI works, the different tools available and how to use them responsibly and productively.

Support for students

The Support for Students Policy reflects the University’s commitment to supporting students in their academic journey and making the University safe for students. It is important that you read and understand this policy so that you are familiar with the range of support services available to you and understand how to engage with them.

The University uses email as its primary source of communication with students who need support under the Support for Students Policy. Make sure you check your University email regularly and respond to any communications received from the University.

Learning resources and detailed information about weekly assessment and learning activities can be accessed via Canvas. It is essential that you visit your unit of study Canvas site to ensure you are up to date with all of your tasks.

If you are having difficulties completing your studies, or are feeling unsure about your progress, we are here to help. You can access the support services offered by the University at any time:

Support and Services (including health and wellbeing services, financial support and learning support)
Course planning and administration
Meet with an Academic Adviser

Weekly schedule

WK	Topic	Learning activity
Week 01	Introduction, cybersecurity basics, security lifecycle, system and threat models	Lecture (2 hr)
Week 01	Introduction, cybersecurity basics, security lifecycle, system and threat models	Tutorial (1 hr)
Week 02	Al assisted vulnerability discovery, mobile security, assignment walkthrough	Lecture (2 hr)
Week 02	Al assisted vulnerability discovery, mobile security, assignment walkthrough	Tutorial (1 hr)
Week 03	Mobile security continued, responsible disclosure, assignments walkthrough	Lecture (2 hr)
Week 03	Mobile security continued, responsible disclosure, assignments walkthrough	Tutorial (1 hr)
Week 04	Cryptography basics part 1	Lecture (2 hr)
Week 04	Cryptography basics part 1	Tutorial (1 hr)
Week 05	Cryptography basics part 2	Lecture (2 hr)
Week 05	Cryptography basics part 2	Tutorial (1 hr)
Week 06	Authentication, data security, cloud security	Lecture (2 hr)
Week 06	Authentication, data security, cloud security	Tutorial (1 hr)
Week 07	Network security, protocols, TLS, web security, DoS and DDoS	Lecture (2 hr)
Week 07	Project Phase 1 Presentation	Tutorial (1 hr)
Week 08	(i) Software security, static and dynamic analysis; (ii) Intrusion detection and prevention	Lecture (2 hr)
Week 08	Week 7 + Week 8 Content: Network security, protocols, TLS, web security, DoS and DDoS; Software security, static and dynamic analysis; Intrusion detection and prevention;	Tutorial (1 hr)
Week 09	Blockchain security, DeFi, front running and related attacks	Lecture (2 hr)
Week 09	Blockchain security, DeFi, front running and related attacks	Tutorial (1 hr)
Week 10	AI for security and security for AI	Lecture (2 hr)
Week 10	AI for security and security for AI	Tutorial (1 hr)
Week 11	Human, Organisational & Regulatory Aspects	Lecture (2 hr)
Week 11	Human, Organisational & Regulatory Aspects	Tutorial (1 hr)
Week 12	(i) Operating system security, IoT and robotics security, and other key security domains. (ii) Overview of major security and software engineering research conferences.	Lecture (2 hr)
	Project Phase 2 Presentation	Tutorial (1 hr)
	Week 12 content + recap the entire unit: (i) Operating system security, IoT and robotics security, and other key security domains. (ii) Overview of major security and software engineering research conferences.	Tutorial (1 hr)
Week 13	Recap	Lecture (2 hr)

Attendance and class requirements

Each week, students must:

Perform own independent study by reviewing provided materials, reading the required sections of literature and completing weekly exercises in the tutorial sheet.
Be prepared (completed task/research/background reading) for all face-to-face sessions (online/physical) with teaching staff and group project members.
Attend and participate in all classes scheduled.

Tutorials will NOT be recorded.

Study commitment

Typically, there is a minimum expectation of 1.5-2 hours of student effort per week per credit point for units of study offered over a full semester. For a 6 credit point unit, this equates to roughly 120-150 hours of student effort in total.

Learning outcomes

Learning outcomes are what students know, understand and are able to do on completion of a unit of study. They are aligned with the University's graduate qualities and are assessed as part of the curriculum.

Outcomes
Graduate qualities

At the completion of this unit, you should be able to:

LO1. (Attacks & Defenses) - Explain system model, threat model, and common attack vectors.
LO2. (Attacks & Defenses) - Understand fundamental security operations and incident response procedures
LO3. (AI + Security) - Explain common security risks and challenges in AI based systems.
LO4. (AI + Security) - Use AI assisted techniques to identify potential security vulnerabilities.
LO5. (Software and Platform Security) - Understand basic web / mobile security considerations
LO6. (Software and Platform Security) - Understand basic security tools and issues in software development.
LO7. (Systems Security) - Understand fundamental cryptographic concepts and mechanisms.
LO8. (Systems Security) - Develop a basic understanding of security issues in operating systems.
LO9. (Systems Security) - Develop a basic understanding of security issues in distributed systems.
LO10. (Infrastructure Security) - Explain fundamental network security concepts and practices.
LO11. (Infrastructure Security) - Understand the basic security issues in cyber physical systems.
LO12. (Human, Organisational & Regulatory Aspects) - Demonstrate understanding of risk governance and their application in cybersecurity.
LO13. (Human, Organisational & Regulatory Aspects) - Apply knowledge of cybersecurity regulations and compliance requirements in basic scenarios.
LO14. (Human, Organisational & Regulatory Aspects) - Describe the role of human factors in security breaches.
LO15. (Human, Organisational & Regulatory Aspects) - Understanding privacy requirements and their organizational impacts.

Graduate qualities

The graduate qualities are the qualities and skills that all University of Sydney graduates must demonstrate on successful completion of an award course. As a future Sydney graduate, the set of qualities have been designed to equip you for the contemporary world.

GQ1	Depth of disciplinary expertise Deep disciplinary expertise is the ability to integrate and rigorously apply knowledge, understanding and skills of a recognised discipline defined by scholarly activity, as well as familiarity with evolving practice of the discipline.
GQ2	Critical thinking and problem solving Critical thinking and problem solving are the questioning of ideas, evidence and assumptions in order to propose and evaluate hypotheses or alternative arguments before formulating a conclusion or a solution to an identified problem.
GQ3	Oral and written communication Effective communication, in both oral and written form, is the clear exchange of meaning in a manner that is appropriate to audience and context.
GQ4	Information and digital literacy Information and digital literacy is the ability to locate, interpret, evaluate, manage, adapt, integrate, create and convey information using appropriate resources, tools and strategies.
GQ5	Inventiveness Generating novel ideas and solutions.
GQ6	Cultural competence Cultural Competence is the ability to actively, ethically, respectfully, and successfully engage across and between cultures. In the Australian context, this includes and celebrates Aboriginal and Torres Strait Islander cultures, knowledge systems, and a mature understanding of contemporary issues.
GQ7	Interdisciplinary effectiveness Interdisciplinary effectiveness is the integration and synthesis of multiple viewpoints and practices, working effectively across disciplinary boundaries.
GQ8	Integrated professional, ethical, and personal identity An integrated professional, ethical and personal identity is understanding the interaction between one’s personal and professional selves in an ethical context.
GQ9	Influence Engaging others in a process, idea or vision.

Outcome map

Learning outcomes	Graduate qualities
Learning outcomes

Responding to student feedback

This section outlines changes made to this unit following staff and student reviews.

This is a new unit

Disclaimer

Important: the University of Sydney regularly reviews units of study and reserves the right to change the units of study available annually. To stay up to date on available study options, including unit of study details and availability, refer to the relevant handbook.

To help you understand common terms that we use at the University, we offer an online glossary.

Current students

Overview

Overview

Unit details and rules

Teaching staff

Assessment

Assessment

Assessment summary

Assessment criteria

Use of generative artificial intelligence (AI)

Late submission

Academic integrity

Learning support

Learning support

Simple extensions

Special consideration

Using AI responsibly

Support for students

Weekly schedule

Weekly schedule

Attendance and class requirements

Study commitment

Learning outcomes

Learning outcomes

Graduate qualities

Outcome map

Responding to student feedback

Responding to student feedback

Disclaimer

On this page

Useful links

INFO5995: Introduction to Cybersecurity

Semester 1, 2026 [Normal evening] - Camperdown/Darlington, Sydney

Overview

Overview

Unit details and rules

Teaching staff

Assessment

Assessment

Assessment summary

Assessment criteria

Use of generative artificial intelligence (AI)

Late submission

Academic integrity

Learning support

Learning support

Simple extensions

Special consideration

Using AI responsibly

Support for students

Weekly schedule

Weekly schedule

Attendance and class requirements

Study commitment

Learning outcomes

Learning outcomes

Graduate qualities

Outcome map

Responding to student feedback

Responding to student feedback

Disclaimer

On this page

Useful links