Module overview
This module focuses on both theoretical and practical perspectives in the security of software and software systems, by exploring software analysis and reverse engineering.
The aims of the module at a high level are to:
- Explore common threats to the secure operation of software systems
- Give students exposure to software system analysis and penetration of software systems
- Provide practical skills in malware analysis and reverse engineering
Aims and Objectives
Learning Outcomes
Transferable and Generic Skills
Having successfully completed this module you will be able to:
- Recognise software vulnerabilities and protection in a range of application domains
Subject Specific Practical Skills
Having successfully completed this module you will be able to:
- Identify security weaknesses in software systems and applications
- Undertake basic reverse engineering of software
Knowledge and Understanding
Having successfully completed this module, you will be able to demonstrate knowledge and understanding of:
- Reverse Engineering of Software
- Software analysis
- Common issues affecting the security of software systems
Subject Specific Intellectual and Research Skills
Having successfully completed this module you will be able to:
- Describe specific methods for exploiting software systems
Syllabus
The syllabus includes the following topics:
- Understanding software threats and hazards, types of attack and attacker
- Software Vulnerabilities (memory violation, input validation, privilege escalation)
- OS vulnerabilities: patch management, rootkits and viruses
- Penetration testing of software systems
- Malware analysis
- Static/dynamic analysis of software systems
- Reverse engineering of suspicious code
Learning and Teaching
Teaching and learning methods
The module will be delivered through up to 36 lectures, which will include at least two regular lectures each week, in addition to tutorial and practical sessions.
The tutorial and practical sessions are designed to support students and prepare them to take the assignment.
| Type | Hours |
|---|---|
| Completion of assessment task | 46 |
| Teaching | 36 |
| Wider reading or practice | 22 |
| Follow-up work | 18 |
| Preparation for scheduled sessions | 18 |
| Revision | 10 |
| Total study time | 150 |
Resources & Reading list
Textbooks
Eldad Eilam (2005). Reversing: Secrets of Reverse Engineering. John Wiley and Sons.
Dieter Gollman (2011). Computer Security. Wiley.
Assessment
Summative
This is how we’ll formally assess what you have learned in this module.
| Method | Percentage contribution |
|---|---|
| Continuous Assessment | 100% |
Referral
This is how we’ll assess you if you don’t meet the criteria to pass this module.
| Method | Percentage contribution |
|---|---|
| Set Task | 100% |
Repeat
An internal repeat is where you take all of your modules again, including any you passed. An external repeat is where you only re-take the modules you failed.
| Method | Percentage contribution |
|---|---|
| Set Task | 100% |
Repeat Information
Repeat type: Internal & External