There are no pre-requisites for this module to be added

The aim of the module is to develop a deep understanding of advanced areas related to security and live/network forensics, with a strong focus on virtualised and Cloud-based environments that will allow graduates to act professionally within incident response and in malware/threat analysis. An outline of the main areas includes:• Threat Analysis. This involves an in-depth analysis of a range of current threats, such as DDoS, Botnets, trojans, and so on.• System Architectures, Services and Devices. Networked infrastructures (Servers/Firewall/IDS/ Syslog). • Network Forensics. Advanced Network Protocol Analysis, Advanced Trace Analysis, IDS Signature Detection, and Security Threat Network Traces.• Live Forensics. Code Analysis, Host/Network Analysis, Reverse Engineering. Mobile/x86 architecture, Machine Code Analysis, Vulnerability Analysis, Sandboxed Analysis.• Log Capture/Analysis, and Time-lining. Creating large-scale data infrastructure and analysis methods such as Big Data, SIEM and cross-log analysis (such as Splunk).• Malware Analysis. Static/Dynamic Analysis. Disassembly. Obfuscation. Behaviour Analysis. Encoding methods.• Data Hiding and Data Loss Detection/Prevention. Data hiding methods, detection methods, tunnelling, and disk encryption.• Host Investigation Evidence Gathering: Windows, Linux, Android and Mac OS.• Current Related Research.

Upon completion of this module you will be able to

LO1: Develop an advanced knowledge of key security/digital forensic principles and methods related to incident response and malware analysis.

LO2: Develop analytical skills related to the key academic principles and practical skills required to understand data hiding/loss within a virtualised networked infrastructure.

LO3: Research, design, implement, evaluate and critically analyse an advanced system to a given set of security and/or digital forensic requirements, with a focus on virtualised environments.