Hacking is the task of finding vulnerabilities in a computer system, break into it and take control of the system or cause it to crash. To thwart malicious hackers from breaking into computer systems and data networks, white hat hackers are employed by companies to identify vulnerabilities and weaknesses in existing systems or data networks and propose measures to address them; this is also known as ethical hacking. Our cyber security and hacking program is intended for law enforcement and IT professionals to gain an in-depth overview of attack techniques in a hands-on approach. It provides insights into security mechanisms and attack techniques. It equips participants with the skills and knowledge needed to manage and address computer security within organisations.
1- Identify the likely targets of security threats
2- Explain the motivation behind security threats
3- Detail the types of security threats
4- Explain what information is useful to help police and other authorities arrest cyber criminals
5- Plan how to respond and manage security risks and attacks
6- Establish industry acceptable digital forensics standards with current best practices and policies
Course 1: Introduction to Hacking
This course introduces the fundamentals of hacking, how malicious hackers penetrate a computer system or network and what is the cost and impact of a successful attack on individuals, organisations and governments. It looks at how this becomes a career choice and what are the skills that must be acquired to become a successful hacker. This course will also introduce the participants to hacking techniques that are most commonly used by attackers and security engineers. These include: Port Scanning; ICMP Sweep/Scanning; Tools for ICMP Echo- fping, gping, nmap for UNIX, Pinger Software- Rhino9, Ping Sweep for Windows; Netbios Hacking; Internet Application Security and Vulnerability; and Common flaws. The course will also introduce various classes of attacks and attack techniques, such as insider attack, close-in attack, phishing attack, hijack attack, spoof attack, buffer overflow, exploit attack, password attack.
Course 2: Protecting Online Identity
This course gives a practical guide on protecting user’s identity in the cyber world such as social media, profiles, privacy settings, password setting best practice, phishing emails and online scams. The course gives practical guidance on reducing risk of identity theft, secure web communication protocols such as Secure Socket Layer (SSL), security digital certificate, data encryption, credit card info-storage and use and actions to reduce identity theft. This course also covers phishing attacks and anti-phishing defence mechanisms. Participants will study Instant messaging, Trojan hosts, link manipulation, key loggers, session hacking, system reconfiguration, content injection, phishing through search engines, phone phishing, malware phishing. Finally, participants study approaches to anti-phishing-steps to protect computer using firewalls, anti-virus software, Secure Socket Layer (SSL), etc.
Course 3: Introduction to Computer-Security & Cybercrime
This course focuses on criminal activities in the digital world such as data theft, cyber bullying, denial of service attacks, espionage, financial fraud, malware-based attacks, ransomware, spoofing, unauthorised access, salami slicing and unauthorised access. This course aims to equip participants with the tools to protect computer systems, networks and applications from unauthorised access and data modification accidentally or maliciously. It illustrates the importance of cyber security measures in governmental departments, businesses, financial institutions and public services. Participants will learn about the types of attacks including spoofing, web spoofing, session hijacking, man-in-the-browser attacks, DOS, Buffer over Flow Attacks and password attack (e.g., Brute Force, Dictionary Attack, Keylogger attack).
Course 4: Data Mining for Computer & Cyber Security
This course gives an introduction to data mining techniques and their use in analysing data from different standpoints turning them into useful information. It looks into how data mining can deliver information recovery through finding relevant data such as network traffic and web crawler. Participants will learn how data mining can be employed for threat analysis to deliver data privacy, predict online criminal behaviours such as breaking into smart phones to perform person profiling.
Course 5: Spamming
This course gives an introduction to online spamming techniques such as sending unsolicited electronic junk mail and illegitimate advertising (e.g., adware). Learners will look at various types of spam emails, social media spam and registration spam. The course will also look at techniques to counter spamming attacks such as the use of anti-spam software, websites Captcha, silent Java script, disabling links, run comment messages through spam filter, limiting comments, validation of emails through confirmation link or number, etc.
Course 6: Cyber Terrorism
This course gives an introduction to cyber terrorism and information warfare. Through looking at historical politically motivated cyberattacks that targeted personal computer system, social media users (e.g., fake news), software or data and other forms of planned actions that may result in destruction of systems. This security course help prepare participants with how to deal with cyber terrorism security threats. It focuses on how to deliver and follow a well-practiced plan to minimise loss of life and injury as well as property damage.
Course 7: Digital Forensics
This course is designed to train cybercrime and fraud investigators on electronic discovery and advanced investigation techniques. This course is vital to law enforcement encountering digital evidence while conducting an investigation. Participants will learn the methodology for conducting a computer forensic examination using forensically sound investigative techniques to evaluate the scene, collect and document all relevant information, interview appropriate people, maintain chain-of-custody and write a findings report. The course is particularly important to organisations, individuals, government offices, and law enforcement agencies involved in following litigation, proof of guilt, or corrective action based on digital evidence.
Course 8: Final Project
This capstone course will cement skills and knowledge learned throughout the Cybersecurity program: core cybersecurity technical skills, understanding of the societal factors that impact the cybersecurity domain and how cybersecurity issues impact humans, and professional skills such as problem-solving, communication, influencing, collaboration, and group management – to prepare students for success in the field. The centre piece is an individual project in which student propose and select a complex cybersecurity issue and apply multi-faceted analysis and problem-solving to identify, assess, and manage risk and deliver impact.