COMP2700: Difference between revisions
(Course description added) |
(Add more technical details) |
||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:COMP2700: Cyber Security Foundations}} | {{DISPLAYTITLE:COMP2700: Cyber Security Foundations}} | ||
This course is true to its word, it introduces students to the basics of cyber security and only runs in semester 2. There is a math prerequisite quiz at the start of the course (required for the second part of the course which has a heavy focus on cryptography and the mathematics behind it). The prerequisite quiz has a focus on modular arithmetic and polynomials to ensure students are well prepared for the fast-paced second half of the course. This course has a course hurdle of at least '''40%''' on the final exam. | This course is true to its word, it introduces students to the basics of cyber security and only runs in semester 2. There is a math prerequisite quiz at the start of the course (required for the second part of the course which has a heavy focus on cryptography and the mathematics behind it). The prerequisite quiz has a focus on modular arithmetic and polynomials to ensure students are well prepared for the fast-paced second half of the course. This course has a course hurdle of at least '''40%''' on the final exam. It would be beneficial if students coming into the course had some prior programming experience as assignments require analysis and examination of code in assignment 1 and 2. This is however not a programming course, but does heavily rely on aspects of the C programming language and the Python programming language to conduct labs and assignments. | ||
| Line 23: | Line 23: | ||
The assignments in the course mirror Capture the Flag (CTF) style questions. Students are assigned questions and must exploit vulnerabilities, either in a Linux environment (Assignment 1) or deficiencies in implementations of common cryptographic mediums/methods (Assignment 2). This course has a weekly 3 hour lab and 3 one hour lectures a week. Labs have a follow up lab quiz to ensure students understood the topics covered in the most recent lab, quizzes are untimed, but have a one week deadline. | |||
The assignments in the course mirror Capture the Flag (CTF) style questions. Students are assigned questions and must exploit vulnerabilities, either in a Linux environment (Assignment 1) or deficiencies in implementations of common cryptographic mediums/methods (Assignment 2). This course has a weekly 3 hour lab and 3 one hour lectures a week. Labs have a follow up lab quiz to ensure students understood the topics covered in the most recent lab, quizzes are untimed, but have a one week deadline. Labs are done in a Linux distribution, Azure Virtual Machine, provided by the ANU running Ubuntu Linux mainly for Assignment 1 and the first half of the course. The second half does not require heavy use of the VM, but instead requires students to use tools such as openssh, [https://www.cryptool.org/en/jcryptool JCryptool] and python libraries related to cryptography, mainly [https://www.pycryptodome.org/en/latest/ PyCryptodome]. Other external websites are also used to demonstrate various elements of cryptography, these include [https://www.cryptool.org/en/cto/aes-step-by-step CrypTool-Online], and [https://gchq.github.io/CyberChef/ CyberChef]. | |||
Revision as of 19:31, 16 January 2022
This course is true to its word, it introduces students to the basics of cyber security and only runs in semester 2. There is a math prerequisite quiz at the start of the course (required for the second part of the course which has a heavy focus on cryptography and the mathematics behind it). The prerequisite quiz has a focus on modular arithmetic and polynomials to ensure students are well prepared for the fast-paced second half of the course. This course has a course hurdle of at least 40% on the final exam. It would be beneficial if students coming into the course had some prior programming experience as assignments require analysis and examination of code in assignment 1 and 2. This is however not a programming course, but does heavily rely on aspects of the C programming language and the Python programming language to conduct labs and assignments.
This course is split into two distinct sections. The first half is an introduction to the basics of Linux/Unix systems and general security foundations, the main topics being:
- Security management
- Identity and authentication
- Access control
- Hardware, software and operating system security
- Vulnerability basics and defence mechanisms
The second half seeks to provide students an adequate cryptography background. The main topics here are:
- Ciphers (Classic, stream and block)
- Encryption modes
- Hash functions
- Message Authentication Codes (MACs)
- RSA
- Diffie-Hellman key exchange
- Network security
The assignments in the course mirror Capture the Flag (CTF) style questions. Students are assigned questions and must exploit vulnerabilities, either in a Linux environment (Assignment 1) or deficiencies in implementations of common cryptographic mediums/methods (Assignment 2). This course has a weekly 3 hour lab and 3 one hour lectures a week. Labs have a follow up lab quiz to ensure students understood the topics covered in the most recent lab, quizzes are untimed, but have a one week deadline. Labs are done in a Linux distribution, Azure Virtual Machine, provided by the ANU running Ubuntu Linux mainly for Assignment 1 and the first half of the course. The second half does not require heavy use of the VM, but instead requires students to use tools such as openssh, JCryptool and python libraries related to cryptography, mainly PyCryptodome. Other external websites are also used to demonstrate various elements of cryptography, these include CrypTool-Online, and CyberChef.
This course does not follow on from the prerequisite courses (COMP1100/COMP1130; and COMP1600) and is its own stand alone course designed to prepare students for the Major in Cyber Security.
There is a required reading textbook: Understanding Cryptography by Christof Paar and lecture slides are modified versions of lecture slides provided by Chrisoft Paar. The course also has a recommended reading Computer Security by Dieter Gollmann.