The challenges of contemporary data acquisition and analysis have been characterised as “the four V’s of Big Data” (volume, variety, velocity and validity). These require the use of specialised data storage, aggregation and processing techniques. This module introduces a range of tools and techniques necessary for working with data in a variety of formats with a view to developing data driven applications. The module focuses primarily on developing applications using the Python scripting language and associated libraries and will also introduce a range of associated data storage and processing technologies and techniques.
The module covers the following topics:
• Data types and formats: numerical and time series, graph, textual, unstructured,
• Data sources and interfaces: open data, APIs, social media, web-based
• NoSQL databases such as document (MongoDB), graph and key value pair
• Techniques for dealing with large data sets, including Map Reduce
• Developing Data Driven Applications in Python
The Benchmark Statement for Computing specifies the range of skills and knowledge that should be incorporated in computing courses. This module encompasses cognitive skills in Computational Thinking, Modelling and Methods and Tools, Requirements Analysis and practical skills in specification, development and testing and the deployment and use of tools and critical evaluation in addition to providing useful generic skills for employment.
This module will cover elements of operating system disk-level architectures, such as Windows and Linux. This will allow students to study how operating systems store system and user data, and thus students will gain an understanding as to what information could technically be held on such systems. This data could include user files, as well as user activities such as login session data, browsing histories, operating system manipulation, and general user interactions with a variety of operating system tools. This understanding will be expanded through theoretical knowledge and practical exercises in extracting information from systems, using a variety of open source and commercial forensic analysis tools, and documenting the results of such a process using consistent and thorough evidential procedures. This includes the production of event timelines, as well as the analysis of system logs, operating system state, file systems, and application data. The module will also consider the ethical and professional issues related to digital forensics.
Incident Response and Malware Analysis
The aim of the module is to develop a deep understanding of advanced areas related to security and live/network forensics, with a strong focus on virtualised environments that will allow graduates to act professionally within incident response and in malware/threat analysis. An outline of the main areas includes:
• Threat Timelining This involves networks and host traces around key threats, such as DDoS, malware infection and data loss.
• Host Investigation Evidence Gathering: Windows, Linux, Android and Mac OS.
• System Architectures, Services and Devices. Networked infrastructures (Servers/Firewall/IDS/ Syslog).
• Network Protocol Analysis. Advanced Network Protocol Analysis, Advanced Trace Analysis, IDS Signature Detection, and Security Threat Network Traces.
• Log Capture/Analysis, and Time-lining. Creating large-scale data infrastructure and analysis methods such as Big Data, SIEM and cross-log analysis .
• Malware Forensics. Code Analysis, Host/Network Analysis, Reverse Engineering. Mobile/x86 architecture, Machine Code Analysis, Vulnerability Analysis and Sandboxed Analysis.
• Malware Analysis. Encoding methods. Static/Dynamic Analysis. Disassembly. Obfuscation. Behaviour Analysis. Encoding methods.
• Advanced Malware Analysis. Anti-disassembly, anti-debugging, packers and unpackers, malware launching, malware signatures, and shell code analysis.
• Data Hiding Data hiding methods, tunnelling, and disk encryption.
• Current Related Research.
The aim of the module is to develop a deep understanding of advanced areas related to security and digital forensics that will allow graduates to act professionally in the design, analysis, implementation, and reporting of network security strategies. An outline of the main areas includes:
• Introduction. Networking Concepts; Network Security Concepts; Network Threats and Attacks; Network Defense - Perimeter, Defence in Depth
• Firewalls. Concepts; Types - Host, Network; Technologies - Static packet filtering; Stateful packet filtering; Multilayer firewall; Architectures; Polices; and Implementation and Deployment.
• Intrusion Detection and Prevention Systems (IDPS). Concepts; Types; Alert Monitoring and Sensor Tuning; behavioural analysis, in-line/out-of-line.
• Access Control and Authentication. Concepts: Trust and Identity; Attacks; Models - Access Control Models; Network Device Access Control; AAA, Layer 2; Device Hardening.
• Remote Access and VPNs. Concepts; Cryptography; Types - L2, L3 and L4/5; Technologies; IPSec and SSL.
• Wireless Security. Wireless Overview; Attacks; Encryption; Authentication.
• CCNA Certification - Concepts. CIA; Attacks on CIA; Data Classification; Law and Ethics; Network policies; Risk Management and Secure Network Design; Security in the SDLC; Cisco self-defending network; Secure Administration.
• CCNA Certification - Secure Infrastructure and Extending Security. Cisco Layer 2 Security; Cisco IOS Firewalls. Cisco IOS IPS; Cisco VPN and Cryptographic Solutions; Digital Signatures and PKI.
This module covers Networking fundamentals, such as data signalling principles, layer 2 addressing and media sharing. Internet technology, including IP addressing and the role of TCP will be covered, as will network planning. The implementation side will cover router operations and configuration as well as broadcast domains, switches and VLANs. Finally, the module will cover emerging networking areas of Wireless and mobile networks.
Routing and Switching Technologies
The module covers the theoretical and practical aspects related to designing small enterprise and large wide area networks using different layer 2 and layer 3 devices, technologies and standards. The practical activities are aligned with both Cisco Certified Network Professional (CCNP) Routing and Switching and Huawei HCNP-R&S certifications. The scientific content reviews in-depth the latest standards and protocols as devised by the Internet Engineering Task Force (IETF) and IEEE. Principle topics to be covered therefore are:
OSI and TCP/IP communication Models
Medium Access Mechanisms (LANs)
VLANs and Virtual Trunking Protocol
Spanning Tree Protocol (STP)
Inter VLAN Routing
Multilayer Switching (MS)
Intra-domain routing protocols
Inter-domain routing protocols
Multicast routing algorithms and protocols
Internet Mobility Protocols: Mobile IPv4, Mobile IPv6, and Moving Network (NEMO)
Internet of Things
Medium Access Mechanisms (LANs): This includes a wide range of mechanisms with a main focus on the LANs.
VLANs and Virtual Trunking Protocol: VLANs will be covered in terms of the concept, benefits, types, configuration and communication between VLANs. In addition, trunking in VLANs will be discussed in depth.
Spanning Tree Protocol (STP): the concept and usefulness of the STP will be discussed in depth. In addition, the network conditions that benefit from STP services will be analysed.
Inter VLAN Routing: The interaction between the two layers (Layers 2 & 3) will be the main focus here including the routing process.
Multilayer Switching (MS): The concept of the MS, components in terms of both hardware and software requirements will be discussed in depth.
Redundancy: The need for redundancy and the requirements for implementing redundancy will be discussed and analysed.
IP Telephony, QoS and Transparent LAN services: These topics will be discussed in depth crossing both the system and application levels.