1. Handbook
  2. Subjects
  3. Web Security
  4. Print

Web Security (COMP90074)

Graduate courseworkPoints: 12.5On Campus (Parkville)

You’re viewing the 2024 Handbook:
Or view archived Handbooks

Overview

Availability
Semester 2
FeesLook up fees

AIMS

The Internet pervades nearly every aspect of our lives, from banking through to dating, and onto our interactions with government. As more of our lives move online we face ever greater risks to our data and way of life from internet vulnerabilities and attacks. Web Security will examine the fundamentals behind common vulnerabilities and attacks, and will introduce students to ways of mitigating the risks associated with them. It will also examine some of the ethical challenges faced when evaluating security and disclosing vulnerabilities.

INDICATIVE CONTENT

The subject will examine some of the cyber security challenges faced during system implementation and deployment. In particular it will identity common attack vectors, covering in more detail some of the Open Web Application Security Project (OWASP) Top 10 list of web application vulnerabilities, which may include topics such as injection, cross‐site scripting, session hijacking, and cross‐site request forgery, amongst others. Where appropriate practical examples will be examined to relate theory to practice. The subject will discuss methods for mitigating the risks associated with such vulnerabilities, and may include discussions on distributed denial of service, input validation and sanitisation, penetration testing, and the associated ethical and legal constraints, automated vulnerability scanning, and web application firewalls.

Intended learning outcomes

On completion of this subject, students should be able to:

  • Identify common attack vectors
  • Discuss mitigation strategies for common attack vectors
  • Develop appropriate input validation and data sanitisation strategies
  • Compare software updating strategies and their effectiveness at mitigating software vulnerabilities
  • Explain the importance of correctly configuring software
  • Critique options for vulnerability disclosure and the associated ethical challenges

Generic skills

  • Ability to apply knowledge of science and engineering fundamentals
  • Ability to undertake problem identification, formulation and solution
  • Ability to utilise a systems approach to complex problems
  • Capacity for creativity and innovation
  • Understanding of professional and ethical responsibilities, and a commitment to them

Last updated: 31 January 2024

Eligibility and requirements

Prerequisites

Code Name Teaching period Credit Points
COMP90015 Distributed Systems
Semester 2 (On Campus - Parkville)
Semester 1 (On Campus - Parkville)
 12.5

OR

Admission into the MC-CS Master of Computer Science

OR

Admission into the 100pt Program course entry point in the MC-IT Master of Information Technology

AND

Selection of the Cyber Security specialisation (formal) in the MC-IT Master of Information Technology

Corequisites

None

Non-allowed subjects

None

Inherent requirements (core participation requirements)

The Master of Information Technology welcomes applications from students with disabilities. It is University and degree policy to take all reasonable steps to minimise the impact of disability upon academic study, and reasonable adjustments will be made to enhance a student’s participation in the degree.

The Master of Information Technology requires all students to enrol in subjects where they will require:

  • The ability to comprehend complex theory and technology-related information
  • The ability to clearly and independently communicate a knowledge and application of theory, and technology principles and practices during assessment tasks
  • The ability to actively and safely contribute in IT development and management activities

Students must possess behavioural and social attributes that enable them to participate in a complex learning environment. Students are required to take responsibility for their own participation and learning. They also contribute to the learning of other students in collaborative learning environments, demonstrating interpersonal skills and an understanding of the needs of other students. Assessment may include the outcomes of tasks completed in collaboration with other students.

There may be additional inherent academic requirements for some subjects, and these requirements are listed within the description of the requirements for each of these subjects.

Students who feel their disability will impact on meeting this requirement are encouraged to discuss this matter with the relevant Subject Coordinator and the Disability Liaison Unit: http://www.services.unimelb.edu.au/disability/

Last updated: 31 January 2024

Assessment

DescriptionTimingPercentage

One programming‐based assignment in 2 parts (30‐40 hours). Due in two parts, week 5 and 8.

  • 30 hours (of work required)
Hurdle requirement: Students must get a combined mark of 50% in the projects.		From Week 5 to Week 825%

One individual written report, consisting of approximately 1200‐1500 words (25‐35 hours).

  • 1200 words
Hurdle requirement: Students must get a combined mark of at least 50% in the assignments.		Week 1225%

One 2 hour written examination.

  • 2 hours
Hurdle requirement: Students must achieve a mark of at least 25/50 on the exam.		During the examination period50%

Last updated: 31 January 2024

Dates & times

  • Semester 2
    Principal coordinatorToby Murray
    Mode of deliveryOn Campus (Parkville)
    Contact hours36 hours, comprising two 1-hour lectures and one 1-hour tutorial per week
    Total time commitment200 hours
    Teaching period22 July 2024 to 20 October 2024
    Last self-enrol date 2 August 2024
    Census date 2 September 2024
    Last date to withdraw without fail20 September 2024
    Assessment period ends15 November 2024

    Semester 2 contact information

    Email: toby.murray@unimelb.edu.au

Time commitment details

200

What do these dates mean

Visit this webpage to find out about these key dates, including how they impact on:

  • Your tuition fees, academic transcript and statements.
  • And for Commonwealth Supported students, your:
    - Student Learning Entitlement. This applies to all students enrolled in a Commonwealth Supported Place (CSP).

    Subjects withdrawn after the census date (including up to the ‘last day to withdraw without fail’) count toward the Student Learning Entitlement.

Additional delivery details

IMPORTANT: ONLY students in their final semester of the Master of Information Technology (Cyber Security) are allowed to enrol into this subject for Semester 1.

ALL other students must enrol in Semester 2. We will withdraw you from the subject if you are enrolled in Semester 1 and it is not your final semester.

Last updated: 31 January 2024

Further information

  • Texts

    Prescribed texts

    There are no specifically prescribed or recommended texts for this subject.

  • Available through the Community Access Program

    About the Community Access Program (CAP)

    This subject is available through the Community Access Program (also called Single Subject Studies) which allows you to enrol in single subjects offered by the University of Melbourne, without the commitment required to complete a whole degree.

    Entry requirements including prerequisites may apply. Please refer to the CAP applications page for further information.

  • Available to Study Abroad and/or Study Exchange Students

    This subject is available to students studying at the University from eligible overseas institutions on exchange and study abroad. Students are required to satisfy any listed requirements, such as pre- and co-requisites, for enrolment in the subject.

Last updated: 31 January 2024