Introductory description

Understanding the steps and common attack patterns associated with cyber is essential to detecting, identifying, mitigating and responding to cyber-attacks.

Working on this module you will develop knowledge of these core concepts. You will also gain insight into how adversaries move from initially probing and performing reconnaissance of targets, to implementing a way to persist and maintain access to a device/network once compromised.

Several frameworks and attack modelling techniques exist to help better understand and conceptualize how adversaries move through the stages of a cyber-attack have come to the forefront of the cyber security industry. These include: attack graphs, attack trees, fault trees, MITRE ATT&CK, Cyber Kill Chain. Some of these techniques enable practitioners to model a cyber-attack using visual methods.

This module equips students to better understand the stages and concepts of a cyber-attack. Additionally, the module will equip and allow students to develop a practical understanding, as well as applying a range of tools, techniques and procedures utilized by adversaries and attackers during each phase of a cyber-attack in a manner that is both legal and ethical.

Module aims

Outline syllabus

This is an indicative module outline only to give an indication of the sort of topics that may be covered. Actual sessions held may differ.

The Cyber Security Landscape. The CIA and AAA of cyber security

Attack modelling

• Common cyber-attack modelling systems including: attack graphs, attack trees, fault trees, MITRE ATT&CK, Cyber Kill Chain

Understanding cyber threats, vulnerabilities, and malware

Understanding risks and risk management

Understanding the importance of security awareness and other strategies for dealing with the insider threat.

Cyber crime, adversaries, and adversarial behaviour.

Legal and Ethical considerations

Learning outcomes

By the end of the module, students should be able to:

• Identify tools, techniques and procedures which are associated with common attacks within the context of cyber-space, using a given framework,
• Compare and contrast the effectiveness of the relevant tools, techniques and procedures of a given cyber-attack framework when employed against a given target system.
• Demonstrate the application of the tools, techniques and procedures of a given cyber-attack framework which may be used by cyber adversaries against a simulated target system.
• Demonstrate the ability to communicate complex cyber-attack primitives to lay audiences concisely, clearly, and professionally

Subject specific skills

• Select and apply appropriate tools, techniques and procedures related to specific parts of the Cyber Kill Chain.
• Identify tools, techniques and procedures that could be used to mitigate and remediate the actions of an adversary.
• Respond appropriately to situations that challenge legal, ethical and reputational values.

Transferable skills

Problem solving, critical thinking, creativity, analytical and ethical reasoning