Advanced Software and System Security
48 hours face to face + blended
One Semester or equivalent
Hawthorn
Available to incoming Study Abroad and Exchange students
Overview
The aim of this unit is to provide students with a comprehensive understanding of software and system-level security, focusing on identifying, analysing, and mitigating software vulnerabilities. Through hands-on experience in static and dynamic analysis, reverse engineering, fuzzing, and exploitation techniques, students will learn how to uncover and defend against real-world security threats in user applications and operating systems, including kernel-level vulnerabilities.
Requisites
Prerequisites
COS60004 Creating Web Applications
OR
COS60018 Programming Principles and Practices
Teaching periods
Location
Start and end dates
Last self-enrolment date
Census date
Last withdraw without fail date
Results released date
Semester 2
Location
Hawthorn
Start and end dates
03-August-2026
01-November-2026
01-November-2026
Last self-enrolment date
16-August-2026
Census date
01-September-2026
Last withdraw without fail date
22-September-2026
Results released date
08-December-2026
Learning outcomes
Students who successfully complete this unit will be able to:
- Explain the architecture and operation of modern operating systems, focusing on user–kernel mode transitions, memory management strategies, and process control mechanisms.
- Elucidate prevalent software security vulnerabilities and perform a systematic analysis of their exploitation vectors, attack surfaces, and propagation pathways within modern execution environments.
- Conduct in-depth analysis and empirical demonstration of real-world software and system vulnerabilities that facilitate privilege escalation, unauthorized access control bypass, and arbitrary code execution through exploit chaining.
- Design and implement defensive frameworks and operational mechanisms that harden operating systems against a broad spectrum of real-world attack vectors, including privilege exploitation, kernel-level compromise, and advanced persistent threats.
- Analyze and articulate system-level communication paradigms, memory management architectures, and dynamic linking mechanisms, with emphasis on their security ramifications for software integrity, isolation, and resilient execution.
Teaching methods
Hawthorn
| Type | Hours per week | Number of weeks | Total (number of hours) |
|---|---|---|---|
| On-campus Lecture |
2.00 | 12 weeks | 24 |
| On-campus Class |
2.00 | 12 weeks | 24 |
| Unspecified Activities Independent Learning |
8.50 | 12 weeks | 102 |
| TOTAL | 150 |
Assessment
| Type | Task | Weighting | ULO's |
|---|---|---|---|
| Project and Presentation | Individual /Group | 40 - 50% | 1,4,5 |
| Online Quizzes | Individual | 10 - 30% | 1,2,3,4,5 |
| Report and Presentation | Individual/Group | 40 - 50% | 2,3,5 |
Content
- Basics of software and system security
- Common software bugs and how attackers exploit them
- How operating systems manage memory and processes
- Tools for finding bugs in software automatically (static analysis)
- Tools for testing software by running it in different ways (dynamic analysis and fuzzing)
- Techniques for combining different bug-finding tools (hybrid analysis)
- Understanding how software is built and runs (binaries, linking, loading)
- How attackers break software using stack and heap attacks
- How attackers exploit other software bugs (like type confusion or race conditions)
- Security issues in the operating system kernel
- Hands-on experience with security tools and real-world examples
- Assignments focused on bug finding and writing simple exploits
Study resources
Reading materials
A list of reading materials and/or required textbooks will be available in the Unit Outline on Canvas.