The challenges of contemporary data acquisition and analysis have been characterised as “the four V’s of Big Data” (volume, variety, velocity and validity). These require the use of specialised data storage, aggregation and processing techniques. This module introduces a range of tools and techniques necessary for working with data in a variety of formats with a view to developing data driven applications. The module focuses primarily on developing applications using the Python scripting language and associated libraries and will also introduce a range of associated data storage and processing technologies and techniques.
The module covers the following topics:
• Data types and formats: numerical and time series, graph, textual, unstructured,
• Data sources and interfaces: open data, APIs, social media, web-based
• NoSQL databases such as document (MongoDB), graph and key value pair
• Techniques for dealing with large data sets, including Map Reduce
• Developing Data Driven Applications in Python
The Benchmark Statement for Computing specifies the range of skills and knowledge that should be incorporated in computing courses. This module encompasses cognitive skills in Computational Thinking, Modelling and Methods and Tools, Requirements Analysis and practical skills in specification, development and testing and the deployment and use of tools and critical evaluation in addition to providing useful generic skills for employment.
This module will cover elements of operating system disk-level architectures, such as Windows and Linux. This will allow students to study how operating systems store system and user data, and thus students will gain an understanding as to what information could technically be held on such systems. This data could include user files, as well as user activities such as login session data, browsing histories, operating system manipulation, and general user interactions with a variety of operating system tools. This understanding will be expanded through theoretical knowledge and practical exercises in extracting information from systems, using a variety of open source and commercial forensic analysis tools, and documenting the results of such a process using consistent and thorough evidential procedures. This includes the production of event timelines, as well as the analysis of system logs, operating system state, file systems, and application data. The module will also consider the ethical and professional issues related to digital forensics.
Incident Response and Malware Analysis
The aim of the module is to develop a deep understanding of advanced areas related to security and live/network forensics, with a strong focus on virtualised environments that will allow graduates to act professionally within incident response and in malware/threat analysis. An outline of the main areas includes:
• Threat Timelining This involves networks and host traces around key threats, such as DDoS, malware infection and data loss.
• Host Investigation Evidence Gathering: Windows, Linux, Android and Mac OS.
• System Architectures, Services and Devices. Networked infrastructures (Servers/Firewall/IDS/ Syslog).
• Network Protocol Analysis. Advanced Network Protocol Analysis, Advanced Trace Analysis, IDS Signature Detection, and Security Threat Network Traces.
• Log Capture/Analysis, and Time-lining. Creating large-scale data infrastructure and analysis methods such as Big Data, SIEM and cross-log analysis .
• Malware Forensics. Code Analysis, Host/Network Analysis, Reverse Engineering. Mobile/x86 architecture, Machine Code Analysis, Vulnerability Analysis and Sandboxed Analysis.
• Malware Analysis. Encoding methods. Static/Dynamic Analysis. Disassembly. Obfuscation. Behaviour Analysis. Encoding methods.
• Advanced Malware Analysis. Anti-disassembly, anti-debugging, packers and unpackers, malware launching, malware signatures, and shell code analysis.
• Data Hiding Data hiding methods, tunnelling, and disk encryption.
• Current Related Research.
The work for this module comprises the completion of an individual research project. Each student is assigned a personal Supervisor, and an Internal Examiner who monitors progress and feedback, inputs advice, examines the dissertation and takes the lead at the viva.
There are three preliminary deliverables prior to the submission of the final dissertation:
(1) Project proposal
(2) Initial Report including time plan and dissertation outline
The aim of the module is to develop a deep understanding of advanced areas related to security and digital forensics that will allow graduates to act professionally in the design, analysis, implementation, and reporting of network security strategies. An outline of the main areas includes:
• Introduction. Networking Concepts; Network Security Concepts; Network Threats and Attacks; Network Defense - Perimeter, Defence in Depth
• Firewalls. Concepts; Types - Host, Network; Technologies - Static packet filtering; Stateful packet filtering; Multilayer firewall; Architectures; Polices; and Implementation and Deployment.
• Intrusion Detection and Prevention Systems (IDPS). Concepts; Types; Alert Monitoring and Sensor Tuning; behavioural analysis, in-line/out-of-line.
• Access Control and Authentication. Concepts: Trust and Identity; Attacks; Models - Access Control Models; Network Device Access Control; AAA, Layer 2; Device Hardening.
• Remote Access and VPNs. Concepts; Cryptography; Types - L2, L3 and L4/5; Technologies; IPSec and SSL.
• Wireless Security. Wireless Overview; Attacks; Encryption; Authentication.
• CCNA Certification - Concepts. CIA; Attacks on CIA; Data Classification; Law and Ethics; Network policies; Risk Management and Secure Network Design; Security in the SDLC; Cisco self-defending network; Secure Administration.
• CCNA Certification - Secure Infrastructure and Extending Security. Cisco Layer 2 Security; Cisco IOS Firewalls. Cisco IOS IPS; Cisco VPN and Cryptographic Solutions; Digital Signatures and PKI.
This module covers Networking fundamentals, such as data signalling principles, layer 2 addressing and media sharing. Internet technology, including IP addressing and the role of TCP will be covered, as will network planning. The implementation side will cover router operations and configuration as well as broadcast domains, switches and VLANs. Finally, the module will cover emerging networking areas of Wireless and mobile networks.
Routing and Switching Technologies
The module covers the theoretical and practical aspects related to designing small enterprise and large wide area networks using different layer 2 and layer 3 devices, technologies and standards. The practical activities are aligned with both Cisco Certified Network Professional (CCNP) Routing and Switching and Huawei HCNP-R&S certifications. The scientific content reviews in-depth the latest standards and protocols as devised by the Internet Engineering Task Force (IETF) and IEEE. Principle topics to be covered therefore are:
OSI and TCP/IP communication Models
Medium Access Mechanisms (LANs)
VLANs and Virtual Trunking Protocol
Spanning Tree Protocol (STP)
Inter VLAN Routing
Multilayer Switching (MS)
Intra-domain routing protocols
Inter-domain routing protocols
Multicast routing algorithms and protocols
Internet Mobility Protocols: Mobile IPv4, Mobile IPv6, and Moving Network (NEMO)
Internet of Things