Introduction

You can view our project demo of ECDSA Signature Malleability

Module Overview

CS440 introduces you to a lot of Cybersecurity concepts. From encryption to network security, you will learn a lot. Many things here are tested for interviews.

This is a 4xx mod, meaning it is taken by Y2-Y4s, mostly Y3/Y4s. Expect to meet peers who have been programming for 1-2 years. It is not content heavy, but the concepts are difficult to understand.

This module took about 5-10h a week. Not alot of content, project I had a good group with everyone pulling their own weight and things moved fast.

Component Breakdown

  1. Quizzes + Class Part (10%)
  2. Finals (40%)
  3. Midterms (30%)
  4. Project (20%)

Grade Breakdown

If you are aiming for A/A+, you will need to score well on all components. I scored well on all components.

If you are aiming for B+/A-, focus on Finals and Midterms. Scoring well for finals will most likely determine most yor grade. Project just do the average deliverables.

General Strategy

Classes consist of in-class lecture + 30mins of labs. Listening to the lectures and asking questions are very impt. The labs just get it done. It is quite short.

For RSA encryption, try to understand the mathematical proof behind it. Work it out. It is difficult but it helps in understanding.

Things to note:

  1. XSS topics, diff between reflected and DOM XSS was the most confusing for the class.
  2. Pros and Cons of Digital Sig, HMAC, RSA and AES Encryption you must know
  3. Second half is really much more content than pre-midterm topics.

Quizzes + Class Part Strategy

Your Class Part should automatically score well because there are really too many questions to ask. Every chapter, although not content heavy, opens a lot of holes for questions. Just ask them during class because the concepts are quite confusing.

Quizzes are 2.5% each for 2 quizzes. Don’t need to try too hard for them, but use them as revision for your mids and finals. Create flashcards and use Memory techniques. Check our my post on Memory Techniques to use. I used only these for the quizzes and score 9/10 and 10/10 respectively. Quizzes should be MCQ.

Finals + Midterms Strategy

Grouping this together because they are similar. To study for them, I used mostly Memory Techniques. Midterms would be 100% on topics between wk1-6 ish. Finals would be 20% Wk1-6, 80% wk7-13. Ask your prof on the breakdown. They will usually inform.

Finals usually are scenario based. Questions won’t outright ask you things like “Pros and Cons of Digital Sig vs HMAC”, but instead “give a scenario and create a solution to ensure Information Integrity”. You will need to discuss why you chose that solution. The ans is the same as choosing between Dig Sig vs HMAC, but phrased in a different way. Hence you must know your concepts straight and recognise things like Key Distribution Issue with HMAC, non-repudiation with Dig Sig etc.

I separated my flashcard deck into 2 decks. 1 for wk1-6 content, another for wk 7-13.

For mids, I spent 1-2 days building flashcards, 1-2 days going through the flascards. 1-2 going through practice papers.

For finals it was slightly different. I spent 1-3 days building flashcard deck number 2. Finals content is much more than midterms. Then I spent 1-4 days practicing a mix of midterm flashcard deck and finals flashcard deck. the midterm flashcard deck should be easy to go through because you would still be able to remember many of the concepts.

Also, ask around for past/prev year practice papers. The profs release only 1, but they should be a few floating around. During my revision, I usually have a list of questions that I am unsure of. Compile this list and either ask the prof or your friends. I like to send my list of questions to my friends so we can all discuss. I find this discussion very useful for my own learning.

Project Strategy

The class will be given a list of about 20 topics and each group to choose 1. Demo is optional but everyone will do a demo, so just do it. Pre-record the demo and voiceover (ask your prof if you can do that) just in case of any hiccups.

The strategy for project is just to have a nice slide deck with a solid Demo and to know your topic well. There will be a Qna section from prof and it is usually quite challenging.

There will be a project rubrics, and go through each and every point of the project rubrics. Ensure that you have hit each and every point because that is how you will be graded on.

Prepare well for the qna, and ensure that everyone researches heaviliy on their part.

My standard project flow is always:

  1. Create Google Docs and Brainstorm. Everyone research before meeting and decide on what to build for the project.
  2. Split work, each person takes 1 part and gets it done
  3. Each person does the slides for their parts. 1-2 people help to cleanup.
  4. All to write scripts, this is v impt.
  5. 2-3 rehearsals before actual day.

You can view my project on Bitcoin Transaction Malleability. There is nothing much except the code, and I might create a separate post on this. Was a very interesting project and I learnt a lot.

This was what we covered: Project Summary

Conclusion

This mod is not very content heavy, but definite needs some work in understanding the concepts. The curve is very steep because everyone scores well.

This is my top 5 most useful mods so I highly recommend taking. This covers lot of fundamental tech concepts that many interviewers ask. Finals and Mids involve a few days of study, and generally every week is chill. Project is chill and the hardest part is just the demo. No report etc, just present and done.

All the best. Study hard and live life.