CPS1011 - Programming Principles (in C)
This unit is intended as a first programming course and takes the student step by step through a number of fundamental concepts including basic language constructs (assignment, branching and loops) and data types, abstract data types, dynamic memory management, preprocessor directives, debugging and library linking.
Topics:
- 1. Programming principles. Reading: [Text] chapters 1,2. Supplementary: [1].[notes]
- 2. Data flow. Reading: [Text] chapters 3-5. Supplementary: [2].[notes]
- 3. Control flow and standard I/O. Reading: [Text] chapter 6-8. Supplementary: [2].
[notes]
- 4. Modularity and an introduction to pointers. Reading: [Text] chapter 9. Supplementary: [2].[notes]
- 5. Compound data types. Reading: [Text] chapters 10,11,14. Supplementary: [2].[notes]
- 6. File I/O. Reading: [Text] chapter 13. Supplementary: [2].[notes]
- 7. Storage classes, allocated memory and dynamic arrays. Reading: [Text] chapter 12. Supplementary: [1].[notes]
- 8. Abstract data types, libraries and linking. Reading: [Text] chapter 17, [2] chapter 6. Supplementary: [1].[notes]
Textbook:
- [Text] C Primer Plus (6th edition). Stephen Prata. Addison-Wesley, 2013. ISBN 978-0321928429
References:
- [1] Expert C Programming: Deep C Secrets. Peter van der Linden. Prentice Hall, 1994. ISBN 978-0131774292
- [2] The C Programming Language. BW Kernighan, DM Ritchie. Prentice-Hall, 1988. ISBN 0-13-110362-8
CPS2004 - Object Oriented Programming
This study-unit provides an in-depth view of the object-oriented paradigm with special emphasis on the differences between representative technologies within the paradigm. In particular the study-unit focuses on Java and C++ as two major implementations of the paradigm. Design techniques for OO systems will also be discussed and demonstrated. Students will also gain familiarity with different OO styles, such as Prototype-based programming. Students will be exposed to OO programming tools and practices used in industry today. This course prepares each attendee to undertake programming jobs in industry using Object Oriented programming languages.
Topics:
- 1. Object-Oriented Programming (OOP): Concepts and tools. Classes, objects, hierarchies and composition. Messaging. Abstraction, Polymorphism, Ineheritance, Encapsulation. Class anatomy, Multiple inheritance, Object assignment, Exceptions. Toolset: UML, VS Code IDE on Linux/WSL2/MacOS, C++ toolchain: CMake, gcc/clang, Java toolchain: Maven, JDK, sdkman. Reading: [Text-OO] chapters 1-4.[notes]
- 2. C++: An introduction and OO language features. Language overview in terms of a C superset Basic language syntax and features. Working with data and memory. OOP language support: from structs to classes
Access labels, constructors, destructors, member qualifiers. Single inheritance, implementation inheritance. Reading: [Text-C++] chapters 1-2, 3. (Classes, inheritance).[notes]
- 3. OOP in C++: Class hiearchies and composition. Inheritance through subclassing. Method overloading . Multiple inheritance. Polymorphism, virtual functions and dynamic binding. Composition with a first look at the STL container classes. Reading: [Text-C++] chapter 3. (Multiple inheritance, polymorphism, composition).[notes]
- 4. C++: Language essentials. Operator overloading. Runtime safety - Copy and move semantics. The Rules of 3/5/0. Smart pointers. Further safety provisions: Safe type casting, protected inheritance and immutable classes. Generic programming. Generic programming with templates. The STL container classes. Reading: [Text-C++] chapters 3. (Operator overloading), 5-6. [notes]
- 5. Java: An introduction & OO language features. The Java ecosystem. Basic syntax. Classes and objects. Encapsulation, Inheritance, Interfaces. Overloading, overriding and hiding. Polymorphism. Abstract classes. Memory management and Garbage Collection. Reading: [Text-Java] chapters 1, 2, 9 (Garbage collection, Java Memory Model). [notes]
- 6. Java: Further OO language features. Support for interfaces but not for multiple inheritance. Class java.lang.Object. Primitive and reference types. Type conversion. Reading: [Text-Java] chapters 3, 6. [notes]
- 7. Java: Language essentials. Runtime safety with Exception handling and Immutable classes. I/O streams. Application packaging with Java Archive (JAR) files. Speeding up Java applications with native code. The Java Native Interface (JNI) and its uses. Native methods, static blocks, JNIEnv* and jobject. JNI types, passing primitive and reference types as arguments. Calling back into Java. Building and executing. Reading: [Text-Java] chapters 4, 5, 9. Reference: [1]. [notes]
- 8. OO Design. Designing for code maintenance and reuse. Avoiding dependencies and highly-coupled classes. SOLID principes. An introduction to Design Patterns. Creational design patterns. Reading: [Text-OO] chapters 10-12. [Text-patterns] chapter 3.[notes]
- 9. Structural design patterns. Reading: [Text-patterns] chapter 4. Reference: [5]. [notes]
- 10. Further OOP: Portable Object Persistence, Distributed Object and OO Scripting. Portable object persistence with protocol buffers in C++ and Java, polyglot. Distributed OOP covering RPC, OO RPC, gRPC in C++ and Java, polyglot. Javascript, Dynamic typing, Duck typing, prototype-based OO, JSON Object serialization. Reference: [2], [3], [4].[notes]
Main texts:
- [Text-OO] Weisfeld, M. (2019). The Object-Oriented Thought Process (Developer's library), 5th edition. Addison-Wesley. ISBN-10: 0135181968, ISBN-13: 978-0135181966.
- [Text-C++] Grigoryan, V. and Wu, S. (2020). Expert C++: Become a proficient programmer by learning coding best practices with C++17 and C++20's latest features. Packt Publishing. ISBN-10: 1838552650, ISBN-13: 978-1838552657.
- [Text-Java] Samoylov, N. (2022). Learn Java 17 Programming: Learn the fundamentals of Java Programming with this updated guide with the latest features, 2nd Edition. Packt Publishing. ISBN-10: 1803241438, ISBN-13: 978-1803241432.
- [Text-Patterns] Wengner, M. and Souza, B. (2023). Practical Design Patterns for Java Developers: Hone your software design skills by implementing popular design patterns in Java. Packt Publishing. ISBN-10: 180461467X, ISBN-13: 978-1804614679.
References:
- [1] Guide to JNI (Java Native Interface) - https://www.baeldung.com/jni
- [2] Svekis, L.L., et al.. (2021) JavaScript from Beginner to Professional. Packt Publishing. ISBN-10: 1800562527, ISBN-13: 978-1800562523.
- [3] Protocol Buffers Documentation - https://protobuf.dev
- [4] gRPC Documentation - https://grpc.io/docs
- [5] Spring Boot Tutorial – Bootstrap a Simple Application - https://www.baeldung.com/spring-boot-start
CPS3232 - Applied Cryptography
This study-unit is aimed at providing students with the capability of designing secure systems based on cryptographic principles. Cryptography-based mechanisms are nowadays found at the heart of various security-critical applications ranging from 'traditional' environments such as government, military and banking applications, to 'Internet-age' applications including web and email clients/servers, e-commerce, e-voting, e-gaming and smart phone applications amongst others. Knowledge and practical experience acquired from this study-unit prepares students with the ability to design and implement such applications. Based on the most rigorous type of security mechanisms, these applications inherit the security guarantees associated with the employed cryptographic primitives and protocols.
Topics:
- 1. Overview of Applied Cryptography, Classic Ciphers, Introduction to Cryptanalysis, Randomness and cipher security. Reading: [Text] chapter 1. Supplementary: [1,3].[notes]
- 2. The One-Time Pad and Perfect secrecy, Cryptographically Strong Pseudo Random Stream Generators, Stream Ciphers, LFSRs, Trivium. Reading: [Text] chapter 2. Supplementary: [1,4,5].[notes]
- 3. Pseudo Random Functions/Permutations, Block Ciphers, S-boxes, DES. Reading: [Text] chapter 3. Supplementary: [1,4,5].[notes]
- 4. Secure/lightweight DES alternatives, Algebraic S-box design, AES, Block Cipher Modes. [Text] chapters 3, 4, 5.1, 5.3. Supplementary: [1,3,4,5].[notes]
- 5. The need for Public Key Cryptography and Cryptographic Hash Functions to complement Symmetric Ciphers. [Text] chapters 6.1, 6.2, 11.1, 11.2, 12.1, 12.2, 10.1. [notes]
- 6. Trapdoor one-way permutations based on computational number theory foundations: The Extended Euclidean Algorithm, Fermat's little theorem and Euler's phi. [Text] chapter 6. Supplementary: [1,3,4,5].[notes]
- 7. The RSA problem, the RSA cipher, Ancillary algorithms for RSA implementation, Attacks on RSA implementations. [Text] chapter 7. Supplementary: [1,3,4,5].[notes]
- 8. The Discrete Logarithm Problem and Group Theory pre-requisites, The Diffie-Hellman Key Exchange, El-Gamal encryption. [Text] chapter 8.1-8.5. Supplementary: [1,3,4,5].[notes]
- 9. Public Key Infrastructures and Secure Key Establishment Protocols. [Text] chapter 13. Supplementary: [2,4].[notes]
Textbook:
- [Text] Understanding Cryptography: A Textbook for Students and Practitioners: Christof Paar and Jan Pelzl. Publisher: Springer, 1st Edition, 2010, ISBN-10: 3642041000, ISBN-13: 978-3642041006.
References:
- [1] Applied Cryptography. Bruce Schneier. Publisher: Wiley, 2nd Edition, 1996, ISBN-10: 0471117099, ISBN-13: 978-0471117094
- [2] Cryptographic security protocols: SSL and TLS. https://www.ibm.com/docs/en/ibm-mq/7.5?topic=ssl-overview-tls-handshake
- [3] Discrete and combinatorial Mathematics: An Applied Introduction. Ralph P Grimaldi. Publisher: Addison Wesley, 5th Edition, 2003, ISBN-10: 0201726343, ISBN-13: 978-020172634
- [4] Handbook of Applied Cryptography. Alfred Menezes, Paul van Oorschot, and Scott Vanstone. Publisher: CRC Press, 1996, ISBN-10: 0849385237, ISBN-13: 978-0849385230
- [5] Introduction to Modern Cryptography, 2nd Edition. Publisher: Chapman and Hall/CRC Press, 2014, ISBN-10: 1466570261 ISBN-13: 978-1466570269.
CPS5123 - Systems Security
This study-unit takes a technical approach to computer security, specifically focusing on understanding the adversaries targeting system software in the form of exploits, malware and their launchers. Knowledge of the inner workings of these malicious artifacts is fundamental to understand the limitations of operating system security controls, and to configure intrusion detection systems to prevent and/or detect future security violations, as well as in recovering from past successful ones. This study-unit touches on aspects of systems/low-level programming and debugging, reverse engineering and digital forensics, and therefore an aptitude to carry out practical tasks using these techniques is a must. Given their current popularity and the opportunities provided to attackers to reach their malicious intent, this study-unit currently focuses on Microsoft Windows workstations, Linux application servers and Android smartphones.
Topics:
- 1. Operating Systems: Security controls. Readings: [1] - Chapter 9; [3] - Chapter 1; [7] - Metasploit fundamentals, Post exploitation module reference. [notes]
- 2. Windows (Workstation) security. Readings: [1] - Chapter 11; [3] - Chapters 4,5. [notes]
- 3. Windows (Workstation) adversarial tactics. Readings: [3] - Chapter 6,8,10,12; [5]; [6]; [7] - Post exploitation module reference; [8]; [9]; [10];[notes]
- 4. Linux (Application Server) in/security. Readings: [1] - Chapter 10.1-7; [4] - Chapters 1-4; [notes]
- 5. Android (Smartphone) in/security. Readings: Chapter 10.8; [2] - Chapters 1-3; [notes]
Main references (books):
- [1] Andrew S Tanenbaum and Herber Bos. “Modern Operating Systems, Fourth Edition”, Pearson Eduction, 2014. ISBN-13: 978-1292061429.
- [2] Elenkov, N. "Android security internals: An in-depth guide to Android's security architecture", No Starch Press, 2014. ISBN-13: 978-1593275815.
- [3] Kleymenov, A and Thabet A. "Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks". Packt Publishing, 2019. ISBN-13 : 978-1789610789.
- [4] Ryan O’Neill, “Learning Linux Binary Analysis”, Packt publishing, 2016. ISBN-13 : 978-1782167105.
Main references (misc resources):
- [5] Cox, R. (2007). Regular expression matching can be simple and fast (but is slow in java, perl, php, python, ruby,...). Available online at http://swtch. com/rsc/regexp/regexp1.html
- [6] Kolosnjaji, B., Zarras, A., Webster, G., & Eckert, C. (2016, December). Deep learning for classification of malware system call sequences. In Australasian Joint Conference on Artificial Intelligence (pp. 137149). Springer, Cham.
- [7] Offensive Security. “Metasploit Unleashed”. Available online at https://www.offensive-security.com/metasploit-unleashed/
- [8] Raff, E., Barker, J., Sylvester, J., Brandon, R., Catanzaro, B., & Nicholas, C. K. (2018, June). Malware detection by eating a whole exe. In Workshops at the ThirtySecond AAAI Conference on Artificial Intelligence.
- [9] Regéciová, D., Kolář, D., & Milkovič, M. (2021). Pattern Matching in YARA: Improved AhoCorasick Algorithm. IEEE Access, 9, 6285762866.
- [10] yara. “Writing YARA rules”. Available online at https://yara.readthedocs.io/en/stable/writingrules.html
CIS3111 - Cloud Computing
Unit segment- Container orchestration for secure cloud-native applications. [notes]
CPS5130 - Research Topics in Computer Science
Systems security and diagnostics areas. [research area overview]
CPS5400 - DLT Implementation and Internals
Unit segment- Cryptographic hash functions for DLT. [notes]