Handbook home
Web Security (COMP90074)
Graduate courseworkPoints: 12.5On Campus (Parkville)
About this subject
- Overview
- Eligibility and requirements
- Assessment
- Dates and times
- Further information
- Timetable (login required)(opens in new window)
Contact information
Semester 2
Email: toby.murray@unimelb.edu.au
Overview
Availability | Semester 2 |
---|---|
Fees | Look up fees |
AIMS
The Internet pervades nearly every aspect of our lives, from banking through to dating, and onto our interactions with government. As more of our lives move online we face ever greater risks to our data and way of life from internet vulnerabilities and attacks. Web Security will examine the fundamentals behind common vulnerabilities and attacks, and will introduce students to ways of mitigating the risks associated with them. It will also examine some of the ethical challenges faced when evaluating security and disclosing vulnerabilities.
INDICATIVE CONTENT
The subject will examine some of the cyber security challenges faced during system implementation and deployment. In particular it will identity common attack vectors, covering in more detail some of the Open Web Application Security Project (OWASP) Top 10 list of web application vulnerabilities, which may include topics such as injection, cross‐site scripting, session hijacking, and cross‐site request forgery, amongst others. Where appropriate practical examples will be examined to relate theory to practice. The subject will discuss methods for mitigating the risks associated with such vulnerabilities, and may include discussions on distributed denial of service, input validation and sanitisation, penetration testing, and the associated ethical and legal constraints, automated vulnerability scanning, and web application firewalls.
Intended learning outcomes
On completion of this subject, students should be able to:
- Identify common attack vectors
- Discuss mitigation strategies for common attack vectors
- Develop appropriate input validation and data sanitisation strategies
- Compare software updating strategies and their effectiveness at mitigating software vulnerabilities
- Explain the importance of correctly configuring software
- Critique options for vulnerability disclosure and the associated ethical challenges
Generic skills
- Ability to apply knowledge of science and engineering fundamentals
- Ability to undertake problem identification, formulation and solution
- Ability to utilise a systems approach to complex problems
- Capacity for creativity and innovation
- Understanding of professional and ethical responsibilities, and a commitment to them
Last updated: 31 January 2024
Eligibility and requirements
Prerequisites
Code | Name | Teaching period | Credit Points |
---|---|---|---|
COMP90015 | Distributed Systems |
Semester 2 (On Campus - Parkville)
Semester 1 (On Campus - Parkville)
|
12.5 |
OR
Admission into the MC-CS Master of Computer Science
OR
Admission into the 100pt Program course entry point in the MC-IT Master of Information Technology
AND
Selection of the Cyber Security specialisation (formal) in the MC-IT Master of Information Technology
Corequisites
None
Non-allowed subjects
None
Inherent requirements (core participation requirements)
The Master of Information Technology welcomes applications from students with disabilities. It is University and degree policy to take all reasonable steps to minimise the impact of disability upon academic study, and reasonable adjustments will be made to enhance a student’s participation in the degree.
The Master of Information Technology requires all students to enrol in subjects where they will require:
- The ability to comprehend complex theory and technology-related information
- The ability to clearly and independently communicate a knowledge and application of theory, and technology principles and practices during assessment tasks
- The ability to actively and safely contribute in IT development and management activities
Students must possess behavioural and social attributes that enable them to participate in a complex learning environment. Students are required to take responsibility for their own participation and learning. They also contribute to the learning of other students in collaborative learning environments, demonstrating interpersonal skills and an understanding of the needs of other students. Assessment may include the outcomes of tasks completed in collaboration with other students.
There may be additional inherent academic requirements for some subjects, and these requirements are listed within the description of the requirements for each of these subjects.
Students who feel their disability will impact on meeting this requirement are encouraged to discuss this matter with the relevant Subject Coordinator and the Disability Liaison Unit: http://www.services.unimelb.edu.au/disability/
Last updated: 31 January 2024
Assessment
Description | Timing | Percentage |
---|---|---|
One programming‐based assignment in 2 parts (30‐40 hours). Due in two parts, week 5 and 8.
| From Week 5 to Week 8 | 25% |
One individual written report, consisting of approximately 1200‐1500 words (25‐35 hours).
| Week 12 | 25% |
One 2 hour written examination.
| During the examination period | 50% |
Last updated: 31 January 2024
Dates & times
- Semester 2
Principal coordinator Toby Murray Mode of delivery On Campus (Parkville) Contact hours 36 hours, comprising two 1-hour lectures and one 1-hour tutorial per week Total time commitment 200 hours Teaching period 22 July 2024 to 20 October 2024 Last self-enrol date 2 August 2024 Census date 2 September 2024 Last date to withdraw without fail 20 September 2024 Assessment period ends 15 November 2024 Semester 2 contact information
Email: toby.murray@unimelb.edu.au
Time commitment details
200
What do these dates mean
Visit this webpage to find out about these key dates, including how they impact on:
- Your tuition fees, academic transcript and statements.
- And for Commonwealth Supported students, your:
- Student Learning Entitlement. This applies to all students enrolled in a Commonwealth Supported Place (CSP).
Subjects withdrawn after the census date (including up to the ‘last day to withdraw without fail’) count toward the Student Learning Entitlement.
Additional delivery details
IMPORTANT: ONLY students in their final semester of the Master of Information Technology (Cyber Security) are allowed to enrol into this subject for Semester 1.
ALL other students must enrol in Semester 2. We will withdraw you from the subject if you are enrolled in Semester 1 and it is not your final semester.
Last updated: 31 January 2024
Further information
- Texts
Prescribed texts
There are no specifically prescribed or recommended texts for this subject.
- Available through the Community Access Program
About the Community Access Program (CAP)
This subject is available through the Community Access Program (also called Single Subject Studies) which allows you to enrol in single subjects offered by the University of Melbourne, without the commitment required to complete a whole degree.
Entry requirements including prerequisites may apply. Please refer to the CAP applications page for further information.
- Available to Study Abroad and/or Study Exchange Students
This subject is available to students studying at the University from eligible overseas institutions on exchange and study abroad. Students are required to satisfy any listed requirements, such as pre- and co-requisites, for enrolment in the subject.
Last updated: 31 January 2024