units
FIT5003
Faculty of Information Technology
This unit entry is for students who completed this unit in 2014 only. For students planning to study the unit, please refer to the unit indexes in the the current edition of the Handbook. If you have any queries contact the managing faculty for your course or area of study.
6 points, SCA Band 2, 0.125 EFTSL
Refer to the specific census and withdrawal dates for the semester(s) in which this unit is offered, or view unit timetables.
| Level | Postgraduate |
| Faculty | Faculty of Information Technology |
| Offered | Caulfield First semester 2014 (Evening) Caulfield Second semester 2014 (Day) |
Synopsis
This unit aims to introduce the secure software development issues including secure software development life cycle, secure software design principles, secure coding practices, threat evaluation models, secure software testing, deployment and maintenance, software development and security policy integration. Students are provided with a range of practical exercises and tasks to reinforce their skills including: identification of security bugs in programs written in different programming languages, design, implementation, and testing of secure concurrent and networked applications, identification of vulnerabilities in networked and mobile/wireless applications. In addition, students will learn input validation techniques to minimise security risks, man-in-the-middle attack techniques to be able to build more secure networked applications, practical secure software testing techniques to be able to test applications for security bugs.
Outcomes
At the completion of this unit students will have an understanding of central issues and concepts involved in secure software development, including:
- importance of security and risk assessment;
- vulnerabilities versus threats;
- common attack techniques (malicious input injection, buffer overflows);
- malware;
- common web application vulnerabilities and design aspects (cross-side scripting, SQL injection, cookies, session management, user authentication);
- operating system security;
- secure development principles and techniques (including principle of least privilege, input validation, tools for writing secure code);
- software testing techniques (including bug discovery techniques, fuzzing),
- software deployment and maintenance issues.
Assessment
Examination (2 hours): 50%; In-semester assessment: 50%
Chief examiner(s)
Workload requirements
Minimum total expected workload equals 12 hours per week comprising:
(a.) Contact hours for on-campus students:
- Two hours of lectures
- One 2-hour tutorial
(b.) Additional requirements (all students):
- A minimum of 8 hours independent study per week for completing lab and project work, private study and revision.
Prerequisites
((FIT5131 or FIT9017) and (FIT5134 or FIT9018) and (FIT5132 or FIT9003 or FIT9019) and (FIT5135 or FIT9020) and (FIT5136 or FIT4037) and (FIT5130 or FIT9030)) or equivalent
Prerequisite knowledge: Programming experience, preferably in C or C++
Additional information on this unit is available from the faculty at:
On our site
Authorised by: Manager, Curriculum and Publications.
Maintained by: Curriculumn and Publications.
Last updated: 18 September 2017.
Copyright © 2024 Monash University. ABN 12 377 614 012 -
Accessibility -
Caution -
Privacy
Monash University CRICOS Provider Number: 00008C, Monash College CRICOS Provider
Number: 01857J
We acknowledge and pay respects to the Elders and Traditional Owners of the land on which our Australian campuses stand. Information for Indigenous Australians