Description
This module develops a critical understanding of advanced techniques used by Ethical Hackers to examine the security of web applications.
Aims
The aim of this module is to provide the student with an understanding of advanced computer hacking and the countermeasures that a company can take to minimise their effect.
Learning Outcomes
By the end of this module the student should be able to:
1. Analyse and critically evaluate techniques used to test web application security.
2. Critically evaluate specific countermeasures to advanced hacking techniques
3. Demonstrate a critical evaluation of an advanced security topic with an independent project.
Indicative Content
1 Overview of Web Application
Core Defence Mechanisms. Handling User Access, Authentication, Session Management, Access Control.
2 Web Application Technologies
HTTP Protocol, Requests, Responses and Methods. Encoding schemes. Server side functionality technologies (Java, ASP, PHP).
3 Injecting Code
Attacking SQL Servers, using SQL injection, E-Mail header injection. PHP injection. Other injection attacks. Preventive Measures.
4 Bypassing Client Side Controls
Manipulating cookies, tampering with parameters and URL's. Web proxies.
5 Attacking Authentication
Attacking Session Management, Design Flaws in Authentication Mechanisms Attacking Forgotten Password Functionality, attacking Password change functions. Countermeasures to authentication attacks
6 Cross Site Scripting (XSS)
Reflected XSS Vulnerabilities, Stored XSS Vulnerabilities, DOM-Based XSS Vulnerabilities. Countermeasures to XSS.
7 Web Server Security
Popular web servers and common security threats. Attacks against IIS and Apache. Increasing web server security. Countermeasures (e.g. correct Web Application Set-up).
8
Teaching and Learning Work Loads
Teaching and Learning Method | Hours |
Lecture | 12 |
Tutorial/Seminar | 0 |
Practical Activity | 37 |
Assessment | 71 |
Independent | 80 |
Total | 200 |
Guidance notes
SCQF Level - The Scottish Credit and Qualifications Framework provides an indication of the complexity of award qualifications and associated learning and operates on an ascending numeric scale from Levels 1-12 with SCQF Level 10 equating to a Scottish undergraduate Honours degree.
Credit Value – The total value of SCQF credits for the module. 20 credits are the equivalent of 10 ECTS credits. A full-time student should normally register for 60 SCQF credits per semester.
Disclaimer
We make every effort to ensure that the information on our website is accurate but it is possible that some changes may occur prior to the academic year of entry. The modules listed in this catalogue are offered subject to availability during academic year 2021/22 , and may be subject to change for future years.