Unit name | Security Behaviours (Teaching Unit) |
---|---|
Unit code | COMS30038 |
Credit points | 0 |
Level of study | H/6 |
Teaching block(s) |
Teaching Block 1 (weeks 1 - 12) |
Unit director | Dr. Edwards |
Open unit status | Not open |
Units you must take before you take this one (pre-requisite units) |
Ability to write basic scripts in a commonly-used programming language, e.g. Python. |
Units you must take alongside this one (co-requisite units) |
EITHER Assessment Units COMS30036 Security Behaviours (Exam assessment, 10 credits). OR COMS30078 Security Behaviours (Examination and Coursework assessment, 20 credits). Please note: COMS30038 is the Teaching Unit for the Security Behaviours option. Single Honours Computer Science and Mathematics and Computer Science students can choose to be assessed by either examination (10 credits, COMS30036) or examination and coursework (20 credits, COMS30078) by selecting the appropriate co-requisite assessment unit. Any other students that are permitted to take the Security Beahaviours option are assessed by examination (10 credits) and should be enrolled on the co-requisite exam assessment unit (COMS30036). |
Units you may not take alongside this one |
None. |
School/department | School of Computer Science |
Faculty | Faculty of Engineering |
Why is this unit important?
The security of complex socio-technical systems relies on the behaviour of human agents as much as it relies on the correctness of technical controls. Poor choices made in the design, development and deployment of security controls can provoke legitimate users into errors, creating or exacerbating vulnerabilities in a system. Similarly, security controls cannot be effectively designed without an understanding of the adversary being defended against - their capabilities, motivations and typical behaviours.
How does this unit fit into your programme of study
This is an optional unit that can be taken in Year 3.
An overview of content
This unit explores the human factors underlying cybersecurity from two complementary perspectives. Firstly, we will study the role of human behaviours in creating and undermining security, covering:
Secondly, we will study the behaviour of adversarial actors, and how we can translate our understanding of these attackers into defences, including:
How will students, personally, be different as a result of the unit
As well as having engaged with academic material relating forms of human behaviour to cybersecurity, students will have gained hands-on experience in planning and carrying out attacks, using tools and techniques commonly adopted by cyber-attackers. This will enable a deeper understanding of attack methods, translating into insights for protecting systems. Students will also have experience in researching and debating cybersecurity topics, exposing them to a variety of opinion on modern socio-technical challenges as well as preparing them for independent research.
Learning Outcomes
On successful completion of this unit, students will be able to:
1. Recognise cognitive biases and their implications for security
2. Explain the methods by which social engineering attackers operate
3. Judge where culpability lies in a security incident
4. Discuss the relevance of criminological and economic theory to cybercrime
5. Synthesise evidence about a cyberattack to describe the adversary
6. Identify at a high level the appropriate countermeasures for a given threat
When the unit is taken with the associated 20 credit option that includes coursework, students will also be able to:
1. Engage deeply and independently with academic and other literature in producing an original, critical essay on a cybersecurity topic of their choice.
This unit is unlike some other COMS units in that many of the concepts you need to grasp are not strictly computational or mathematical in nature. We support this with an emphasis on discussion, both in parts of the lab exercises and in the weekly review lectures. The weekly reading and video lectures allow you to come prepared for these discussions, but taking part in the conversation is valuable beyond just reviewing the week’s material – it sharpens your understanding and your ability to query, argue about and explain the core concepts from the unit. If taken with coursework, the unit also provides weekly coursework support sessions.
Tasks which help you learn and prepare you for summative tasks (formative):
Teaching will take place over Weeks 1-7, with coursework support in weeks 9-11 and for students assessed by examination, consolidation and revision sessions in Weeks 12.
Students will be given reading exercises, video lectures, in-person review lectures and substantial lab exercises each week, with support from lecturers and Teaching Assistants. To support students preparing for essaybased assessments, formative assessments will be made available that closely reflect the summative assessments, with detailed feedback opportunities.
Tasks which count towards your unit mark (summative):
2 hour exam (10 credits: COMS30036 - 100%; COMS30078 – 50%)
In addition, students taking COMS30078 will also take a coursework in weeks 9-11 (50%, equiv. to 10 credits).
When assessment does not go to plan
Students will retake relevant assessments in a like-for-like fashion in accordance with the University rules and regulations.
If this unit has a Resource List, you will normally find a link to it in the Blackboard area for the unit. Sometimes there will be a separate link for each weekly topic.
If you are unable to access a list through Blackboard, you can also find it via the Resource Lists homepage. Search for the list by the unit name or code (e.g. COMS30038).
How much time the unit requires
Each credit equates to 10 hours of total student input. For example a 20 credit unit will take you 200 hours
of study to complete. Your total learning time is made up of contact time, directed learning tasks,
independent learning and assessment activity.
See the University Workload statement relating to this unit for more information.
Assessment
The Board of Examiners will consider all cases where students have failed or not completed the assessments required for credit.
The Board considers each student's outcomes across all the units which contribute to each year's programme of study. For appropriate assessments, if you have self-certificated your absence, you will normally be required to complete it the next time it runs (for assessments at the end of TB1 and TB2 this is usually in the next re-assessment period).
The Board of Examiners will take into account any exceptional circumstances and operates
within the Regulations and Code of Practice for Taught Programmes.