University of Technology Sydney

48730 Cybersecurity

Warning: The information on this page is indicative. The subject outline for a particular session, location and mode of offering is the authoritative source of all information about the subject for that offering. Required texts, recommended texts and references in particular are likely to change. Students will be provided with a subject outline once they enrol in the subject.

Subject handbook information prior to 2024 is available in the Archives.

UTS: Engineering: Electrical and Data Engineering
Credit points: 6 cp

Subject level:

Undergraduate

Result type: Grade and marks

Requisite(s): (31268 Web Systems OR 48410 Introduction to ICT Engineering OR 41082 Introduction to Data Engineering OR 65325 Digital Trace and Identity OR 48450 Real-time Operating Systems OR 48033 Internet of Things)) AND ((31270 Networking Essentials OR 41092 Network Fundamentals OR 48720 Network Fundamentals)
Anti-requisite(s): 32548 Cybersecurity

Recommended studies:

a good understanding of internet protocols, web systems and how interconnected systems are built using these protocols; a sound knowledge of using Unix/Linux system commands is required to complete lab exercises

Description

Cybersecurity is a major issue for enterprises, with breaches of security possibly being punished by legal sanctions, financial loss, or loss of customer confidence. This subject consolidates the student's understanding of cybersecurity by considering security principles both from both a people management and a technical perspective, exploring security technologies commonly used in industry. Topics include cyber-attacks and defense strategies, including web security, firewalls, intrusion detection systems along with security services such as confidentiality, integrity, authentication (CIA). A range of security technologies such as IPSec, SSL, PGP and S/MIME are covered in this subject. Students doing this subject are well placed to contribute to the cybersecurity solution of a modern organisation using industry-based tools and solutions.

Subject learning objectives (SLOs)

Upon successful completion of this subject students should be able to:

1. Recognise and compare major theories and principles that are used in the implementation of a secure network. (D.1)
2. Apply the underlying algorithms used to construct Security Protocols. (D.1)
3. Identify and recognise major security threats and their mitigation strategy. (D.1)
4. Explain major methodologies for secure networks and what threat they address. (D.1)

Course intended learning outcomes (CILOs)

This subject also contributes specifically to the development of the following Course Intended Learning Outcomes (CILOs):

  • Technically Proficient: FEIT graduates apply abstraction, mathematics and discipline fundamentals, software, tools and techniques to evaluate, implement and operate systems. (D.1)

Contribution to the development of graduate attributes

Engineers Australia Stage 1 Competencies

This subject contributes to the development of the following Engineers Australia Stage 1 Competencies:

  • 1.3. In-depth understanding of specialist bodies of knowledge within the engineering discipline.
  • 2.2. Fluent application of engineering techniques, tools and resources.

Teaching and learning strategies

This subject will be delivered as a series of workshops, interactive lectures and lab sessions. The subject relies heavily on UTS Canvas, therefore students are expected to check UTS Canvas regularly to access materials and weekly activities.

Workshops will be interactive and hold discussions on important topics. Lecture notes are supported by PowerPoint slides, learning materials and strategies described in the Learning Guide. All workshops and lectures will be recorded and will be available to students after the activities in CANVAS. Students are required to read the lecture materials before the workshops in order to understand the concepts clearly. During the workshop sessions a range of questions will be discussed, linking them to the lecture contents, and helping to focus on topics that students have found most challenging. Also, during the workshop sessions, students will be invited to discuss or present their ideas. All materials given in the subject readings are examinable, even those not directly presented or discussed in lectures. Students will gain most from the class time by reading each week's preparation material in advance and clarifying any questions during the interactive workshop sessions, student consultation times and lab discussion times.

During each week's lab session, students will perform a set of provided tasks. The tasks are closely related to the week's lecture topic. There will be discussion sessions during the lab where the lab instructor will pose questions related to the lab activities and students will work either individually or in groups to answer the questions by performing hands-on activities, engaging in group discussions, as well as looking through Internet resources.

Students are expected to attend and participate in all lab activities, contribute to online discussions, complete assignments by their due dates and actively participate in groups for the group-based activities both in and out of class time. An average student aiming to pass the subject is expected to invest 9-10 learning hours each session week for this subject.

The subject will be delivered as a 1.5 hour interactive lecture, followed by a 1.5 hour laboratory session.

Content (topics)

This subject covers the fundamental issues involving cyber security, and the latest developments on security protocols, technologies, standards and applications.

The topics are broadly categorised into: (1) Cyber security strategy; (2) Network level security; and (3) Application level security.

1. Cyber security strategy

  • Strategy and Governance
  • Cyber Threat Intelligence
  • Penetration testing and ethical hacking

2. Device and Network level security

  • TCP/IP security
  • Web security
  • Operating Systems security
  • Access control, Wireless and Mobile security

3. Application level security

  • DoS and DDOS attack
  • E-Mail security
  • Intrusion Detection/Prevention Systems
  • Firewalls, IPSec and IoT security

Assessment

Assessment task 1: Quiz

Intent:

The quizzes are designed to motivate continuous learning, analysis and recall the technical knowledge relevant to the subject concepts.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Quiz/test
Groupwork: Individual
Weight: 20%
Length:

20 to 30 minutes

Assessment task 2: Skills Based Assessment

Intent:

The skills based assessment is for students to demonstrate practical skills in identifying and resolving network security issues as might be found in practice.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 30%

Assessment task 3: Final Exam

Intent:

The final exam will explore the extent of student knowledge and understanding throughout the subject.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Examination
Groupwork: Individual
Weight: 30%
Length:

2 hours

Assessment task 4: Lab Submission

Intent:

For students to demonstrate hands-on learning of cybersecurity concepts.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 20%

Minimum requirements

In order to pass the subject, a student must achieve an overall mark of 50% or more.

Required texts

  1. Chwan-Hwa (john) Wu & J.David Irwin, "Introduction to Computer Networks and Cyber Security", CRC Press, ISBN: 978-1-4665-7213-3.
  2. William Stallings,"Network Security Essentials Applications and Standards" (5th Edition/ 6th Edition) ISBN-10: 0133370437, ISBN-13: 978-0133370430.
  3. Wenliang Du, 'Computer and Internet Security, A Hands on approach", Second Edition, ISBN: 978-1-7330039-3-3

Recommended texts

  1. William Stallings & Lawrie Brown, "Computer Security", 4th edition, ISBN-10: 1-292-22061-9, Pearson, Global Edition
  2. Matt Bishop, "Computer Security: Art and Science", 2nd edition, ISBN-13: 9780321712332, Pearson
  3. James Helfrich, "Security for Software Engineers", CRC Press, 2019, ISBN: 13:978-1-138-58382-5

Other resources

UTS Canvas - canvas.uts.edu.au

Canvas will be used as the major means of communication between subject co-ordinator, teaching staffs and students. Any change in schedule will be updated in Canvas. It is the responsibility of the student to read Canvas regularly. Canvas will be used to provide the lecture notes and the tutorials.