|
School of Psychology and Computer Science |
UCLan Coursework Assessment Brief
|
Academic Year 2020/21 |
|
|
Module Title: Advanced Topics in IT Security
Module Code: CO4510 |
Level 7 |
||
|
Assignment – Research Paper |
This assessment is worth 60% of the overall module mark |
||
|
RELEASE DATES AND HAND IN DEADLINE Start: 23/10/2020 Submission deadline of the research paper: 05/12/2020 23:59 Please note that
this is the latest time you can submit – not the time to
submit! Feedback
will be given to the class within 15 working days of the assignment hand-in
date, i.e., 15 working days counting from the complete contribution due
date. This will take the format of individual written feedback using the
feedback sheet available on Blackboard under the ”Assignment” menupoint. |
|||
|
SUBMISSION DETAILS The assignment work
should be submitted to the appropriate assignment submission Turnitin folder
available on Blackboard[1] by the due
date. You should: 1. Use
the ACM SIG template for Word files, which can be found on Blackboard area, under the following
place: ”Assignment” menupoint ->
”ACM SIG Word Template”. Note
that the ACM SIG template uses numbered references, not Harvard style
referencing. 2.
Use RefWorks (or similar) to organise your references. RefWorks is available
on the UCLan network. |
|||
1. Learning Outcomes
This assignment addresses the following learning outcomes:
· Evaluate approaches to the management of IT Security
· Investigate, summarise and review contemporary topics in IT security
· Apply ideas from research and current practices to address problems of IT system security
3.1. Web Security
· Phishing attack
· SQL injection
· Cross site scripting (XSS)
· Cross site request forgery (CSRF)
· Browser security
· Certificate vulnerabilities (e.g., Heartbleed bug)
· Typosquatting
3.2. Coping with Internal Attackers/Threats
- Based on honeynet/honeypot/honeytoken
- Based on trap document
- Based on intrusion detection system (IDS)
3.3. Authentication Methods
- Multi-factor
authentication
- CAPTCHA
- Biometric
authentication
- Graphical
Passwords
- Shoulder
Surfing
- Single
Sign On (SSO)
3.4. Security and Privacy of Cloud services
- Client-side/end-to-end encryption vs. server side encrytion scheme
- Privacy and accountability of cloud services
o from the data subjects (user), data controller (service provider), and legal perspective.
- Big data problem in cloud computing and storage
- Data theft in cloud (e.g., Fog computing)
- Automated malware analysis in the cloud
- Health-care management in the cloud
3.5. Advanced Persistent
Threats (APT)
- Zero-day
type attacks and their detection
o coping with attacks based on zero-day or unknown vulnerabilitie
3.6 Botnets
- Detecting
and mitigating botnets
- Online
social networks based command and control (C&C) methods and detection
3.7 Smart City Security (IoT)
- Secure
vehicular communications
- Security of smart road traffic control systems
3.8 Security and Privacy in Social
Networks
- Centralized
and decentralized (peer 2 peer) social networks
Penalty
For every 10% you exceed your word limit, you will have 10% of your marks removed until a maximum of 100%. Your word limit does not include references, but does include citations (quotes).
6 Late work
Late work
must be submitted to eLearn in the required assignment slot.
6.1. Penalties for late submission
Except
where an extension of the hand-in and presentation deadline dates has been
approved (using extenuating circumstances forms), lateness penalties will be
applied in accordance with University policy as shown in Table 1[1].
7. Mitigating circumstances
Extensions are granted when there are serious and exceptional factors outside your control. Everyday occurrences such as colds and hay fever do not normally qualify for extensions. Where possible, requests for extensions should be made before the hand-in date.
Information about how to submit :
https://www.uclan.ac.uk/students/support/extenuating_circumstances.php
9 Unfair Means to Enhance Performance
The University operates an electronic plagiarism detection service (Turnitin) where your work will be automatically uploaded, stored and cross-referenced against other material. You should be aware that the software searches the World Wide Web, extensive databases of reference material and work submitted by members of the same class to identify duplication.
To avoid accusations of plagiarism, give an in-text citation and
provide bibliographic details of any source used in the references list.
Remember that you can reuse ideas from different sources but not literal text.
[1] http://www.uclan.ac.uk/aqasu/academic_regulations.php
Student:
|
To be awarded a failing grade
(less than 50%) your work will not have met the required standard. The following (non-exhaustive) list contains examples that may cause
your work to fail (several of the following points together would lead to a
fail).
·
The
abstract is very badly written/many typos/grammar issues. ·
Very
badly written/many typos/grammar issues/missing context, main findings/cannot
understand the research question and goal ·
Used
very low quality/number of sources/no main findings/results identified/no
critical reasoning/many typos ·
Critical
discussion: very limited or no drawbacks identified\very low quality
suggestions\many typos or grammar issues/ no critical discussion. ·
Very
limited number (0-4) and quality (old, poor conferences/journals) of
references ·
Can be
bad format (Not ACM format) ·
Can
exceed greatly the word limit (2400 words + 10%).
|
|
To be awarded a pass mark (52,
55, 58) your work will be of a competent standard.
·
The
abstract is readable but still too long/short or contain some
spelling/grammar issues. ·
Acceptable
sentences/may contain some typos and grammatical issues/understandable writing
skill
·
Used
low quality/number of sources/low quality discussion of main
findings/results identified/ limited no critical reasoning. ·
Critical
discussion: limited drawbacks identified\low quality suggestions\some typos
or grammar issues ·
Limited
number (5-7) and quality (old, poor conferences/journals) of references ·
Good
format (ACM format) Can exceed
slightly the word limit (2400 words +10%).
Your report structure, writing style (compact/focused), referencing
quality/quantity will be used to determine whether you receive a low (52),
mid (55) or high (58) pass grade.
|
|
To be awarded a merit grade
(62, 65, 68) your work will be of a very good standard.
·
The
abstract is readable and in appropriate length, it may contain only few
spelling/grammar issues. ·
Good
sentences/may contain only few typos and grammatical issues/easy
readability ·
Used acceptable
quality/number of sources/acceptable quality discussion of main findings/results
identified/contain critical reasoning but missing some or contain unnecessary
parts
·
Critical
discussion: Sufficient drawbacks identified\ good quality suggestions\few
typos or grammar issues ·
Acceptable/good
number (8-12) and quality (acceptable conferences/journals) of
references
·
Good
format (ACM format) ·
Within the
word limit (2400 words + 10%).
Your report structure, writing style (professional/compact/focused)
and referencing quality/quantity will be used to determine whether you
receive a low (62), mid (65) or high (68) merit grade.
|
|
To be awarded a distinction
grade (74, 80, 87, 94, 100) your work will be of a very good standard.
·
The
abstract is compact and clear with very few or no spelling/grammar issues. ·
Well-written/good/professional
sentences/may contain very few typos and grammatical issues ·
Used
high quality/number of sources/high quality discussion of main
findings/results identified/with high quality critical reasoning
·
Critical
discussion: High number of drawbacks or important drawbacks identified\ high
quality suggestions\very few or no typos/grammar issues ·
High
number (> 12) and quality (acceptable conferences/journals) of
references
·
Good
format (ACM format) ·
Within
the word limit (2400 words + 10%).
Your report structure, writing style (professional/compact/focused)
and referencing quality/quantity will be used to determine whether you
receive a low (74), mid (87) or high (94, 100) distinction grade.
|
1. Assignment Description
This
assignment is individual,
You have to write a paper with a total size of 2400 words in the ACM SIG
template (excluding
references). Please check the Section 5 for more info on the template.
Research Paper Structure
The paper should contain at least the following sections. Note that you may add sections and subsections to improve the paper and its structure; for example, you may want to organise the literature review in sub-sections
- . An abstract provides a compact summary of the report, which hightlight what you have done, and usually include the major findings and their significance. It is very important that based on the abstract a reader should be able to tell whether your paper will be useful to them. (ideally 200-300 words)
- . An introduction summarizes your research question and its context/ background (such as trends, statistics, recent developments in the field), the practical relevance of this question, the initial goal of your paper (how you expected to answer your research question), the relevance of the question for practitioners or researchers, how you did answer your question, and how the paper is structured.
- A critical analysis of existing literature relevant to your research question. Identify any interesting results, insights, how effective are the proposed methods, and their limitations. Where applicable, also review relevant practices from high quality sources. Additionally, consider the extent to which methods proposed in research papers have been tested in industry. Due to the constraint on page number, only consider the most relevant, recent papers in the field.
- Based on the drawbacks and limitation identified in this field, propose and discuss a possible (future) direction to improve or overcome some of these drawbacks. You may also discuss the mitigations or counter measures collected from research and/or current practices that minimise or avoid issues identified by the literature review.
- · Note that you do not have to develop a method (since it is out of scope of this assignment), but only provide some interesting thoughts and discussion on a possible direction (i.e., mainly expressing your idea)5. A conclusion drawing conclusions about what you have achieved, reflecting on your initial goal, and summarize the main findings.
3 Selecting a Research Topic
The
following research questions are provided to give you an idea of the type of
question that you are expected to answer. Before you start, you should locate a
paper that will help you to find other papers.
|
Important: Let
your tutor know about your chosen topic before
you start.
You should specify
a research question, and you should narrow down the topic. Otherwise,
you will run out of space quickly.
|
- Privacy
and accountability of social networks
o
from
the data subjects (user), data controller (service provider), and legal
perspective.
- Protecting
children in online social networks
- Crowdturfing
activities in online social networks and detection
- Sybil
(fake) account problem in online social networks and detection
3.9 Mobile Security
- Privilege
escalation attacks
- Android
security problems
- IOS
security problems
3.10 Firewall, IDS Security
- Firewall/IDS misconfiguration problems
o
Inconsistency/Anomaly
in firewall and IDS rulesets
- Conformation
between high-level firewall/IDS policy and low-level firewall/IDS configuration
3.11 Hardware security modules (HSM)
- Security
of Banking Hardware Security Modules
- Security
HSM API analysis
3.12 Shilling attacks against recommender systems
·
How
effective are recommender systems against shilling attack
·
E.g.,
Amazon, Netflix
TOP CONFERENCES AND JOURNALS IN CYBER SECURITY AND PRIVACY
You may browse the websites of the following top conferences and journal for the most relevant related works. Note that each conference and journal have a different version each year, e.g., CCS 2014, CCS 2015, etc., therefore you can Google based on the conference name + year + keywords. Also, keep in mind that these are only recommendation, you are allowed to work with papers from other places.
• ACM Conference on Computer and Communications Security (CCS)
• USENIX Security Symposium (USENIX)
• IEEE Symposium on Security and Privacy
• Network & Distributed System Security Symposium (NDSS)
• European Symposium on Research in Computer Security (ESORICS)
• ACM Conference on Security and Privacy in Wireless and Mobile Networks (WISEC)
• ACM Symposium on Information, Computer and Communications Security (ASIACCS)
• Privacy Enhancing Technologies Symposium (PETS)
• Workshop on Privacy in the Electronic Society (WPES)
• Annual Privacy Forum (APF)
• Black Hat
• DEF CON
• IEEE Transactions on Information Forensics and Security Journal
• IEEE Security & Privacy Journal
• TDSC - IEEE Transactions on Dependable and Secure Computing Journal
• TISSEC - ACM Transactions on Information and System Security Journal
• IEEE Communications Magazine
• ACM Computing Surveys (CSUR)
|
HELP AND SUPPORT Please
edit the below to describe how any questions arising from this assessment
brief should be handled – e.g. tutorials in seminars, online forum, etc.
·
Enter
here details for how academic support for this assessment will be provided ·
For support with using library resources,
please contact <insert name and email address
of your subject librarian> or SubjectLibrarians@uclan.ac.uk. You will
find links to lots of useful resources in the My Library tab on Blackboard. ·
If you have not yet made the
university aware of any disability, specific learning difficulty, long-term
health or mental health condition, please complete a Disclosure
Form. The Inclusive Support team
will then contact to discuss reasonable adjustments and support relating to
any disability. For more information, visit the Inclusive
Support site. ·
To
access mental health and wellbeing support, please complete our online referral form. Alternatively, you can email wellbeing@uclan.ac.uk, call 01772 893020 or visit our UCLan Wellbeing Service pages for more information. ·
If you have any other query or require further support you can contact
The <i>, The Student Information and Support Centre. Speak with us for advice on accessing all the
University services as well as the Library services. Whatever your query,
our expert staff will be able to help and support you. For more information
, how to contact us and our opening hours visit Student Information and
Support Centre. ·
If you have any valid mitigating circumstances that
mean you cannot meet an assessment submission deadline and you wish to
request an extension, you will need to apply online prior to the deadline. |
|
|
|
|
|
|
|
|
Disclaimer: The
information provided in this assessment brief is correct at time of
publication. In the unlikely event that any changes are deemed necessary,
they will be communicated clearly via e-mail and a new version of this assessment
brief will be circulated. |
Version: 1 |
10 Reassessed
Work
Reassessment in written examinations and coursework is at the
discretion of the Course Assessment Board and is dealt with strictly in
accordance with University policy and procedures. Revision classes for
referrals will take place during ’reassessment revision, appeals and guidance
week’ as marked on the academic calendar.
The mark for the reassessed module is subject to a maximum of 50%.
Please see the UCLAN Academic Regulations and Assessment Handbook for
information and penalties related to “unfair means to enhance performance”[1].
0 comments:
Post a Comment