University of Technology Sydney

32548 Cybersecurity

Warning: The information on this page is indicative. The subject outline for a particular session, location and mode of offering is the authoritative source of all information about the subject for that offering. Required texts, recommended texts and references in particular are likely to change. Students will be provided with a subject outline once they enrol in the subject.

Subject handbook information prior to 2024 is available in the Archives.

UTS: Information Technology: Electrical and Data Engineering
Credit points: 6 cp

Subject level:

Postgraduate

Result type: Grade and marks

Requisite(s): 32524c LANS and Routing OR 49202c Communication Protocols
The lower case 'c' after the subject code indicates that the subject is a corequisite. See definitions for details.

Recommended studies:

a good understanding of internet protocols, web systems and how interconnected systems are built using these protocols; a sound knowledge of using Unix/Linux system commands is required to complete lab exercises

Description

This subject consolidates the student's understanding of cybersecurity by considering security principles, methodologies and technologies both from a technical and management perspective used in practice. The subject allows students to learn about and discuss various cyber-attack techniques used in practice, and methods to defend against such attacks using industry standard tools and techniques. Topics include cyber-attacks and defenses, web security, firewalls, intrusion detection systems along with security services such as confidentiality, integrity, authentication (CIA) and technologies such as IPSec, SSL, PGP and S/MIME.

Subject learning objectives (SLOs)

Upon successful completion of this subject students should be able to:

1. Recognise and compare major theories and principles that are used in the implementation of a secure network. (D.1)
2. Apply the underlying algorithms used to construct Security Protocols. (D.1)
3. Identify and recognise major security threats and their mitigation strategy. (D.1)
4. Explain the major methodologies for secure networks and what threat they address. (D.1)

Course intended learning outcomes (CILOs)

This subject also contributes specifically to the development of the following Course Intended Learning Outcomes (CILOs):

  • Technically Proficient: FEIT graduates apply theoretical, conceptual, software and physical tools and advanced discipline knowledge to research, evaluate and predict future performance of systems characterised by complexity. (D.1)

Contribution to the development of graduate attributes

Engineers Australia Stage 1 Competencies

Students enrolled in the Master of Professional Engineering should note that this subject contributes to the development of the following Engineers Australia Stage 1 competencies:

  • 1.3. In-depth understanding of specialist bodies of knowledge within the engineering discipline.
  • 2.1. Application of established engineering methods to complex engineering problem solving.
  • 2.2. Fluent application of engineering techniques, tools and resources.
  • 3.3. Creative, innovative and pro-active demeanour.

Teaching and learning strategies

This subject will be delivered as a series of workshops, interactive lectures and lab sessions. The subject relies heavily on UTS Canvas, therefore students are expected to check UTS Canvas regularly to access materials and weekly activities.

Workshops will be interactive and hold discussions on important topics. Lectures are supported by PowerPoint slides, learning materials and strategies described in the Learning Guide. All workshops and lectures will be recorded and will be available to students after the activities in CANVAS. Students are required to read the lecture materials before the workshops in order to understand the concepts clearly. During the workshop sessions a range of questions will be discussed, linking them to the lecture contents, and helping to focus on topics that students have found most challenging. Also, during the workshop sessions, students will be invited to discuss or present their ideas. All materials given in the subject readings are examinable, even those not directly presented or discussed in lectures. Students will gain most from the class time by reading each week's preparation material in advance and clarifying any questions during the interactive workshop sessions, student consultation times and lab discussion times.

During each week's lab session, students will perform a set of provided tasks. The tasks are closely related to the week's lecture topic. There will be discussion sessions during the lab where the lab instructor will pose questions related to the lab activities and students will work either individually or in groups to answer the questions by performing hands-on activities, engaging in group discussions, as well as looking through Internet resources.

Students are expected to attend and participate in all lab activities, contribute to online discussions, complete assignments by their due dates and actively participate in groups for the group-based activities both in and out of class time. An average student aiming to pass the subject is expected to invest 9-10 learning hours each session week for this subject.

The subject will be delivered as a 1.5 hour interactive lecture, followed by a 1.5 hour laboratory session.

Content (topics)

This subject covers the fundamental issues involving cyber security, and latest developments on security protocols, technologies, standards and applications.

The topics are broadly categorised into: (1) Cyber security strategy, (2) Network level security, and (3) Application level security.

1. Cyber security strategy

  • Strategy and Governance
  • Cyber Threat Intelligence
  • Penetration testing and ethical hacking

2. Device and Network level security

  • TCP/IP security
  • Web security
  • Operating Systems security
  • Access control, Wireless and Mobile security

3. Application level security

  • DoS and DDOS attack
  • E-Mail security
  • Intrusion Detection/Prevention Systems
  • Firewalls, IPSec and IoT security

Assessment

Assessment task 1: Quiz

Intent:

The quizzes are designed to motivate continuous learning, analysis and recall the technical knowledge relevant to the subject concepts.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Quiz/test
Groupwork: Individual
Weight: 20%
Length:

20 to 30 minutes in duration

Assessment task 2: Skills Based Assessment

Intent:

The skills based assessment is for students to demonstrate practical skills in identifying and resolving cybersecurity issues as might be found in practice.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 30%

Assessment task 3: Final Exam

Intent:

The final exam will explore the extent of student knowledge and understanding throughout the subject.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Examination
Groupwork: Individual
Weight: 20%
Length:

2 hours

Assessment task 4: Research Project

Intent:

This task is for students to demonstrate an understanding of a given security problem, and to design and implement a solution for the problem.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Project
Groupwork: Group, group assessed
Weight: 10%
Length:

The maximum length of the report excluding appendix and references should not be more than 20 pages.

Assessment task 5: Lab Submission

Intent:

For students to demonstrate hands-on learning of cybersecurity concepts

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 20%

Minimum requirements

In order to pass the subject, a student must achieve an overall mark of 50% or more.

Required texts

  1. Chwan-Hwa (john) Wu & J. David Irwin, "Introduction to Computer Networks and Cybersecurity", CRC Press, ISBN: 978-1-4665-7213-3.
  2. William Stallings,"Network Security Essentials Applications and Standards" (5th Edition/ 6th Edition) ISBN-10: 0133370437, ISBN-13: 978-0133370430.
  3. Wenliang Du, "Computer and Internet security: A Hands-on Approach", Second Edition, ISBN-13:978-1-7330039-3-3

Recommended texts

  1. William Stallings & Lawrie Brown, "Computer Security", 4th edition, ISBN-10: 1-292-22061-9, Pearson, Global Edition
  2. Matt Bishop, "Computer Security: Art and Science" 2nd Edition, ISBN-13: 9780321712332, Pearson
  3. James Helfrich, "Security for Software Engineers", CRC Press, 2019, ISBN: 13:978-1-138-58382-5

References

All additional reference materials will be posted on UTS Canvas.

Other resources

UTS Canvas - canvas.uts.edu.au

Canvas will be used as the major means of communication between subject co-ordinator, teaching staffs and students. Any change in schedule will be updated in Canvas. It is the responsibility of the student to read Canvas regularly. Canvas will be used to provide the lecture notes and the tutorials.