Module overview
This module focuses on both theoretical and practical perspectives in the security of software and software systems, by exploring software analysis and reverse engineering.
The aims of the module at a high level are to:
- Explore common threats to the secure operation of software systems
- Give students exposure to software system analysis and penetration of software systems
- Provide practical skills in malware analysis and reverse engineering
Aims and Objectives
Learning Outcomes
Subject Specific Practical Skills
Having successfully completed this module you will be able to:
- Identify security weaknesses in software systems and applications
- Undertake basic reverse engineering of software
Knowledge and Understanding
Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:
- Software analysis
- Reverse Engineering of Software
- Common issues affecting the security of software systems
Subject Specific Intellectual and Research Skills
Having successfully completed this module you will be able to:
- Describe specific methods for exploiting software systems
Transferable and Generic Skills
Having successfully completed this module you will be able to:
- Recognise software vulnerabilities and protection in a range of application domains
Syllabus
The syllabus includes the following topics:
- Understanding software threats and hazards, types of attack and attacker
- Software Vulnerabilities (memory violation, input validation, privilege escalation)
- OS vulnerabilities: patch management, rootkits and viruses
- Penetration testing of software systems
- Malware analysis
- Static/dynamic analysis of software systems
- Reverse engineering of suspicious code
Learning and Teaching
Teaching and learning methods
The module will be delivered through up to 36 lectures, which will include at least two regular lectures each week, in addition to tutorial and practical sessions.
The tutorial and practical sessions are designed to support students and prepare them to take the assignment.
| Type | Hours |
|---|---|
| Teaching | 36 |
| Completion of assessment task | 46 |
| Preparation for scheduled sessions | 18 |
| Wider reading or practice | 22 |
| Revision | 10 |
| Follow-up work | 18 |
| Total study time | 150 |
Resources & Reading list
Textbooks
Dieter Gollman (2011). Computer Security. Wiley.
Eldad Eilam (2005). Reversing: Secrets of Reverse Engineering. John Wiley and Sons.
Assessment
Summative
This is how we’ll formally assess what you have learned in this module.
| Method | Percentage contribution |
|---|---|
| Continuous Assessment | 100% |
Referral
This is how we’ll assess you if you don’t meet the criteria to pass this module.
| Method | Percentage contribution |
|---|---|
| Set Task | 100% |
Repeat
An internal repeat is where you take all of your modules again, including any you passed. An external repeat is where you only re-take the modules you failed.
| Method | Percentage contribution |
|---|---|
| Set Task | 100% |
Repeat Information
Repeat type: Internal & External