Secure Systems: Attack and Defence
2024/2025
Recommended prerequisite for participation in the module
The project unit requires basic knowledge about network security, e.g. obtained by following the first semester of the education. The project unit makes use of elements from the other courses of the semester.Content, progress and pedagogy of the module
OBJECTIVE
In this project unit, the students learn to protect a given system against cyber attacks and/or to test how a given system can be attacked. The system to be used can be based either on software alone, or it can be a cyber physical system consisting of both hardware and software elements. It can also be an embedded system, or a distributed system connected through one or more networks.
REASON
The students achieve both theoretical understanding and practical experience in protecting and security testing systems, which are important elements in the education, and important competences for the candidates after graduation.
Learning objectives
Knowledge
Must have knowledge about:
- ethical and legal aspects of security testing.
- handling of results from security tests, including responsible disclosure of newly found vulnerabilities.
- how to formulate own competences related to PBL.
Skills
Must have skills in:
- protecting a system against attacks, including one or more of
the following elements:
o Analysis of systems in order to uncover relevant cyber risks and attack vectors.
o Prevention of cyber attacks by selecting and establishing relevant countermeasures.
o Section and implementation of techniques to monitor systems in order to detect cyber attacks.
o Selection and implementation of techniques for detecting cyber attacks based on relevant information, possibly including information from monitoring systems.
o Mitigating and dealing with cyber attacks when they are discovered, and considering conditions related to forensics.
- security testing how a given system is protected and might be
attacked, including one or more of the following elements:
o Analysis of attack vectors
o Conducting reconnaissance, including the selection of relevant methods and tools.
o Network scanning and vulnerability scanning, including the selection of relevant methods and tools.
o Conducting security tests. - reflecting over own use of PBL methods and how these methods can be used in the future projects and work situations.
Competences
Must have competences in:
- assessing, selecting and applying methods in order to secure and/or to conduct security testing of a given system, evaluate the specific results generated by using these methods, as well as reflecting over approach and results.
Type of instruction
Types of instruction are listed at the start of §17; Structure and contents of the programme
Exam
Exams
| Name of exam | Secure Systems: Attack and Defence |
| Type of exam | Oral exam based on a project |
| ECTS | 15 |
| Assessment | 7-point grading scale |
| Type of grading | External examination |
| Criteria of assessment | The criteria of assessment are stated in the Examination Policies and Procedures |
Facts about the module
| Danish title | Sikre systemer: Angreb og forsvar |
| Module code | ESNCYSK2P3 |
| Module type | Project |
| Duration | 1 semester |
| Semester | Spring
|
| ECTS | 15 |
| Language of instruction | English |
| Empty-place Scheme | Yes |
| Location of the lecture | Campus Copenhagen |
| Responsible for the module | |
| Used in | |
Organisation
| Education owner | Master of Science (MSc) in Engineering (Cyber Security) |
| Study Board | Study Board of Electronics and IT |
| Department | Department of Electronic Systems |
| Faculty | The Technical Faculty of IT and Design |
