Chris Johnson

Trends in Information Security

Chris Johnson, University of Glasgow

| Main index | Exams | Advanced Reading Course Guide| Open Assessment Proposal and Presentations | Topic Choices | Presentation Timetable |


(M) COMPSCI5069,
Credits: 10, Level 5 (SCQF level 11),
Typically Offered: Semester 2.
Available to Visiting Students: No


This course introduces a number of Information Security topics via published papers. Cybersecurity is an increasing concern across many industries. The recent Snowdon/Wikileaks revelations raise important quesitons about mass monitoring and the confidentiality of information held on and transmitted via computer networks. There are wider concerns as nation states invest significant resources in the development of offensive techniques following the release of malware, such as Stuxnet. More generally, most companies understand the threat to intellectual property from both insider and external attacks. Other concerns focus on the financial and ethical impact of cybercrime.

There concerns have led to a growing area of research in cyber-threat assessment, in detection and monitoring, in protection and resilience, in forensics, access control and encryption. This course provides a broad overview of this research through a selected number of papers and articles. Students are expected to analyse these reports, identify potential weaknesses in the research methodologies and suggest future areas to increase the resilience of information infrastructures to cyber attacks.


This module encourages student's to apply software and hardware engineering techniques, learnt in other areas of the course, to analyse recent trends in information security. It also encourages students to consider the particular methodological and professional issues that surround the development nad maintenance of critical information infrastructures.


By the end of the course, students should:
  1. understand the professional and social issues involved in the design and testing of 'secure' systems;
  2. recognise the importance of standards and show a clear understanding of recent initiatives in this area;
  3. be able to apply a number of risk/threat analysis techniques;
  4. be able to identify the main characteristics of an appropriate security culture within large organisations;
  5. be able to critically assess recent research from across the cybersecurity domain.


There are no explicit pre-requisites but a course on Software Engineering and Human-Computer Interaction would be an advantage.


This course is worth 10 credits.


This course is assessed through an examination (70%) and through a sustained practical exercise (30%). The coursework cannot be redone as it consists of a presentation to the class on a topic in information security.