Operating System Cybersecurity
Duration
- One Semester
Contact hours
- Equivalent to 48 hours
On-campus unit delivery combines face-to-face and digital learning.
2023 teaching periods
Hawthorn Higher Ed. Semester 2 |
||
---|---|---|
Dates: Results: Last self enrolment: Census: Last withdraw without fail: |
Prerequisites
CYB80001 System Security ProjectCorequisites
NilAims and objectives
Aims
This unit is designed to introduce the protection, manipulation and analysis of the inner working of operating systems. Students will learn how the Windows and Linux kernels work and study classical computer science topics such as concurrency, scheduling, Windows and Linux memory management. A variety of operating system attacks which use buffer overflows, stack smashing, heap sprays, format strings, race conditions, return to LibC (Return-Oriented Programming), integer overflows, privilege escalation, code injection, sandbox bypass, resource exhaustion and hypervisor bypasses will be studied. Defence techniques will include cryptography, authentication, code signing, containerisation and anti-virus software.
Objectives (Unit Learning Outcomes) (ULO)
Students who successfully complete this Unit will be able to:
1. Describe the inner workings of modern operating systems, architectures and strategies used to improve hardware performance.
2. Describe communications and signalling systems used in operating systems.
3. Describe and implement common data structures and software design patterns in single and multi-threaded applications.
4. Explain operating system attacks including memory corruption attacks, privacy violations and unauthorised access.
5. Describe and demonstrate a variety of software flaws which allow privilege escalation, unauthorised access and unauthorised code execution.
6. Analyse and modify operating system source code and utilities, and detect and correct software flaws,
7. Design and implement tools and procedures which can be used to protect operating systems from a variety of attacks.
Students who successfully complete this Unit will be able to:
1. Describe the inner workings of modern operating systems, architectures and strategies used to improve hardware performance.
2. Describe communications and signalling systems used in operating systems.
3. Describe and implement common data structures and software design patterns in single and multi-threaded applications.
4. Explain operating system attacks including memory corruption attacks, privacy violations and unauthorised access.
5. Describe and demonstrate a variety of software flaws which allow privilege escalation, unauthorised access and unauthorised code execution.
6. Analyse and modify operating system source code and utilities, and detect and correct software flaws,
7. Design and implement tools and procedures which can be used to protect operating systems from a variety of attacks.
Unit information in detail
- Teaching methods, assessment, general skills outcomes and content.
Teaching methods
*Scheduled face to face: Lectures (24 hours), Tutorials in Computer Labs (24 hours)
*Scheduled synchronous online Learning events: N/A
Non-scheduled online learning events and activities: N/A
Other non-scheduled learning events and activities: Independent study and assessment tasks (approx.100 hours) Assessment
Types | Individual or Group task | Weighting | Assesses attainment of these ULOs |
Assignments | Individual | 50% | 1,2,3,4,5,6,7 |
Examination | Individual | 50% | 1,2,3,4,5,6,7 |
Minimum requirements to pass this Unit
As the minimum requirements of assessment to pass a unit and meet all Unit Learning Outcomes to a minimum standard, a student must achieve:
(i) an aggregate mark of 50% or more.
(ii) 40% or more in the final examination.
Students who do not successfully achieve hurdle requirement (ii) will receive a maximum of 44% as the total mark for the unit and will not be eligible for a conceded pass.
As the minimum requirements of assessment to pass a unit and meet all Unit Learning Outcomes to a minimum standard, a student must achieve:
(i) an aggregate mark of 50% or more.
(ii) 40% or more in the final examination.
Students who do not successfully achieve hurdle requirement (ii) will receive a maximum of 44% as the total mark for the unit and will not be eligible for a conceded pass.
General skills outcomes
During this unit students will receive feedback on the following key generic skills:
- problem solving skills
- analysis skills
- ability to tackle unfamiliar problems, and
- ability to work independently.
- problem solving skills
- analysis skills
- ability to tackle unfamiliar problems, and
- ability to work independently.
Content
• The Windows kernel
• The Linux kernel
• Concurrency, scheduling, race conditions, deadlock
• Windows and Linux memory management
• inodes, file systems, RAID)
• signals, long jumps, page mapping
• hardware architectures (ARM and Intel), Von Neuman, caching, memory
• threading, stacks, queues, active objects
• Memory corruption attacks: buffer overflows, stack smashing, heap sprays, format strings
• Execution path attacks: race conditions, return to LibC (Return-Oriented Programming), integer overflows, privilege escalation
• Security control bypass attacks: sandbox bypass, hypervisor bypasses
• Defence techniques: authentication, code signing, containerisation and anti-virus software
• Cryptography.
• The Linux kernel
• Concurrency, scheduling, race conditions, deadlock
• Windows and Linux memory management
• inodes, file systems, RAID)
• signals, long jumps, page mapping
• hardware architectures (ARM and Intel), Von Neuman, caching, memory
• threading, stacks, queues, active objects
• Memory corruption attacks: buffer overflows, stack smashing, heap sprays, format strings
• Execution path attacks: race conditions, return to LibC (Return-Oriented Programming), integer overflows, privilege escalation
• Security control bypass attacks: sandbox bypass, hypervisor bypasses
• Defence techniques: authentication, code signing, containerisation and anti-virus software
• Cryptography.
Study resources
- Reading materials.
Reading materials
A list of reading materials and/or required texts will be made available in the Unit Online.