IY4S733 - Advanced Security Concepts 01 Jul 2022 - 31 Aug 2028 | Version 1

Associated Module Information

Module Code: IY4S733
Module Title: Advanced Security Concepts
Faculty: Faculty of Computing, Engineering and Science
Faculty Group: Cyber Security
Faculty Sub Group: Cyber Security
Module Leader: Muhammad Awais
Module Team: Joshua Richards, Rachael Medhurst, Sharan Johnstone, Christopher Tubb, Andrew Bellamy, Christopher Manley, Madhu Khurana, Emma Derbi, Joshua Richards, Peter Eden, Richard Ward, Beth Jenkins, Arun Kumar, Nisha Rawindaran, Mamoun Qasem, Chelsea Cooper
First Intended Intake: SEP 2022 Final Year of Intake:
Date Closed:
Credit Value: 20 Credit Level: 7
Language: English
Percentage of Module Taught in Welsh: 0
Equivalent Module:
HECOS codes: 100376 - computer and information security
HECOS Code Weighting: 100

Document Version Information

Version 1
Valid From 01 Jul 2022
Valid To 31 Aug 2028

Module Aims

To provide detailed technical knowledge of the advanced concepts associated with cyber security attack and defence surfaces.

Content Summary

Attack Surface and Detection

  • Attack surface, attack vectors and corresponding vulnerabilities
  • Attack detection methodologies as part of organisational security architecture
  • Intrusion and anomaly detection approaches
  • Decision support systems and situational awareness

Defence Surface and Situational Awareness

  • Role of People, Process and Technology in continuous monitoring
  • Cyber security visualization: anomaly detection and trust management
  • Socio-technical cyber defence
  • AI-driven Cyber warfare

Learning and Teaching Methods

Activity Type Hours
Lecture 12
Tutorial 12
Practical classes and workshops 24
Independent Study 78
Directed Study 48
Formative Assessment - Scheduled 2
Interdisciplinary work 12
Problem / challenge based learning 12
Total Hours Selected 200

Learning Outcomes

# Learning Outcome
LO1 To demonstrate a systematic and critical understanding of cyber-attack surface.
LO2 To demonstrate the ability to conduct thorough analysis, evaluation and synthesis of the cyber defence surface and situational awareness.

Module Requisites

N/A

Assessment Criteria

Assessment Category Assessment Type Description Duration Word Count Weight (%) Best of? Pass Mark
Asynchronous Assessment Practical Coursework 1 (Asynch) A challenge based practical coursework 0 2499 100 No 40

Assessment Matrix

Assessment Type Learning Outcomes
LO1 LO2
Practical Coursework 1 (Asynch)

Reading List

Anderson,R. (2021) Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd Edition, Wiley.

Roberts, A. (2021) Cyber Threat Intelligence - The No-Nonsense Guide for CISOs and Security Managers, Apress.

Kenyon, B. (2019). ISO 27001 controls – A guide to implementing and auditing, itgp, 2019.

McNab,C. (2016) Network Security Assessment,3rd Edition. O’Reilly.

Wang, L. et al. (2017) Network Security Metrics, Springer.

Hills, M. (2016) Why Cyber Security is a Socio-Technical Challenge: New Concepts & Practical Measures to Enhance Detection Nova.

Donaldson, S.et al. (2015). Stanley G. Siegel, Chris K. Williams and Abdul Aslam, Enterprise Cybersecurity - How to Build a Successful Cyberdefense Program Against Advanced Threats, Apress.

Ronald R. et al. (2015). Intelligent Methods for Cyber Warfare, Springer.

Duncan Hodges and Sadie Creese, Understanding cyber-attacks, 1st edition, Taylor & Francis Group, 2015.

Usman, M. et al. 2015. Mobile agent-based cross-layer anomaly detection in smart home sensor networks using fuzzy logic, IEEE Transactions on Consumer Electronics, vol. 61, no. 2, pp. 197-205.

Recommended Reading

  • Piërre van de Laar, Jan Tretmans and Michael Borth, Situation Awareness with Systems of Systems, Springer, 2013.
  • Ian Mann, Hacking the Human - Social Engineering Techniques and Security Countermeasures, Gower, 2010.
  • Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits, by Kymie M. C. Tan, Kvein S. Killourhy, Roy A. Maxion, in Proceedings of RAID 2002, LNCS 2516.
  • MITRE Adversarial Tactics, Techniques & Common Knowledge:ATT&CK, https://attack.mitre.org for resources.
  • MITRE Common Attack Pattern enumeration and classification CAPEC, https://capec.mitre.org.