COMP7904A - Information security: attacks and defense

Semester 2, 2024-25

Professor
S.M. Yiu
Syllabus This is an ethical hacking course. In this course, we will teach students how to conduct ethical hacking so as to better protect a computer system in a company. Topics include physical security, password cracking, network hacking, operating system hacking, and application hacking. The course will also discuss R&D problems related to hacking and defense. The course will try to strike a balance between theory and practice so that students can understand the theories behind the hacking process as well as get enough hands-on exercises to perform ethical hacking and defense.

Prerequisites: Students are expected to have knowledge in university level mathematics and systems plus experience in programming.
Introduction by Professor This is one of the very important core courses for cyber security stream students. Through this course, students can understand the basics of how hacking can be done in order to learn how to better protect a computer system. This is not an easy course. Students are expected to have basic knowledge in networks, OS, and programming in order to benefit the most from the course.
Learning Outcomes
Course Learning Outcomes Relevant Programme Learning Outcomes
CLO1. Able to master the key techniques and theories behind various hacking activities and provide solutions on how to protect a computer system against these attacks PLO.5, 6, 7, 8, 9, 13, 16
CLO2. Able to analyze and propose similar attack and defence methodologies PLO.4, 6, 7, 8, 9, 10, 11, 12, 14, 15
COL3. Able to acquire and self-learn the latest hacking and defence technologies and try to develop new ideas PLO.8, 9, 10, 11
View Programme Learning Outcomes
Pre-requisites Students are expected to have knowledge in university level mathematics and systems plus experience in programming.
Compatibility Nil
Topics covered
Course Content No. of Hours Course Learning Outcomes
1. Introduction to ethical hacking 3 CLO1
2. Brief introduction on social engineering and physical security 3 CLO1,CLO2
3. Password cracking 3 CLO1,CLO2
4. Network hacking 6 CLO1,CLO2
5. Operating system hacking 6 CLO1,CLO2
6. Application hacking 6 CLO1,CLO2
7. Advanced topics 3 CLO3
 
Assessment
Description Type Weighting * Examination Period ^ Course Learning Outcomes
Laboratory 1 Continuous Assessment 10% - CLO1,CLO2
Laboratory 2 Continuous Assessment 15% - CLO1,CLO2
Laboratory 3 Continuous Assessment 15% - CLO1,CLO2
Written exam covers all taught content in the course Written Examination 60% 8 - 27 May 2025  CLO1,CLO2,CLO3
* The weighting of coursework and examination marks is subject to approval
^ The exact examination date uses to be released when all enrolments are confirmed after add/drop period by the Examinations Office.  Students are obliged to follow the examination schedule.  Students should NOT enrol in the course if they are not certain that they will be in Hong Kong during the examination period.  Absent from examination may result in failure in the course. There is no supplementary examination for all MSc curriculums in the Faculty of Engineering.
Course materials Lecture Notes & Lab Instructions:
  • Available from the course web page
Recommended readings:
  • Georgia Weidman, “Penetration Testing, A Hands-on Introduction to Hacking”, 2014.
Session dates
Date Time Venue Remark
Session 1 10 Feb 2025 (Mon) 7:00pm - 10:00pm Zoom  
Session 2 17 Feb 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 3 (Cancelled) 24 Feb 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 3 3 Mar 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 4 10 Mar 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 5 17 Mar 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 6 (Cancelled) 24 Mar 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 6 31 Mar 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 7 5 Apr 2025 (Sat) 5:30pm - 8:30pm CB-A  
Session 8 7 Apr 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 9 14 Apr 2025 (Mon) 7:00pm - 10:00pm CB-A  
Session 10 28 Apr 2025 (Mon) 7:00pm - 10:00pm CB-A  
CB - Chow Yei Ching Building
Add/drop 20 January, 2025 - 17 February, 2025
Maximum class size 126
Back