School of Science and Technology

COURSEWORK ASSESSMENT ELEMENT

MODULE CODE : COMP30211
MODULE TITLE : Security Technologies
MODULE LEADER : Dr Xiaoqi Ma
TUTOR(S) : Dr Xiaoqi Ma

COMPONENT : 1 of 1
TITLE : Coursework for Security Technologies
LEARNING OUTCOMES
ASSESSED : 1, 3, 4, 7, 8, 9
WEIGHTING : 100% of the total coursework mark
50% of the overall module mark

DISTRIBUTION
DATE : 21
rd
January 2014
SUBMISSION
DATE : 30
th
April 2014
SUBMISSION
METHOD : Student Information Desk and NOW

NOTE : The usual University penalties apply for late submission
and plagiarism. Please consult your student handbook
for further details.














Copyright 2014
COMP30211: Security Technologies
Coursework for Security Technologies

2

I. Assessment Requirements

To pass the coursework you must demonstrate your understanding of EITHER a
cryptographic algorithm OR virus detection techniques by writing a report. If you
decide to write a report to explain the workings of the cryptographic algorithm,
you should read the algorithm specification carefully before you start your work.
During your work you should also constantly refer to the specification. Your report
should include a very detailed procedure about how the algorithm works. You
should provide some sample input and show how the plaintext is encrypted into
ciphertext step by step as well as how ciphertext is decrypted. Flow charts and
diagrams will help to clarify your ideas. If you decide to write a report about virus
detection techniques, you should make use of the lecture notes as well as search
online by yourself. Your report should at least include virus signature scanning
and heuristic scanning techniques.



II. Assessment Scenario/Problem

You should fulfil either Task 1 or Task 2, but not both.

Task 1: Write a report describing how the Data Encryption Standard (DES)
works.

You are allowed to refer to the standard specification (downloadable from NOW)
but you should fully understand the mechanism and write the report using your
own words. You are encouraged to use diagrams and charts to clarify your ideas.
Your report should be at least 8 pages but not exceed 20 pages, excluding
references and appendix (if any). It is ESSENTIAL to use a concrete sample input
and a sample key to demonstrate how the plaintext is encrypted and then
decrypted.

Bear in mind the scenario: The reader of your report is neither a professional
programmer nor a security expert, but he has some basic understanding on
programming and data structures. So do not use too many technical jargons.
Necessary and unavoidable jargons should be explained clearly and properly when
they appear in your report.

Task 2: Write a report explaining virus detection techniques.

You can read the lecture notes and use search engine to get the information you
need. You should first describe the background of viruses and how they work.
Then you are expected to explain how virus signature scanning and heuristic
scanning techniques work. You should provide concrete examples in your
explanation. Diagrams, programme snippets, sample items in configuration files
may help you clearly express your idea. Other detection techniques (excluding
checksum) are also welcome to be included in your report. Your report should be
at least 8 pages but not exceed 20 pages, excluding references and appendix (if
any).
COMP30211: Security Technologies
Coursework for Security Technologies

3


III. Assessment Criteria

Assessment criteria for Task 1:

Correctness of your description of the algorithm (35%)
Correctness of your sample input/output (15%)
Structure of your report (25%)
Clarity of your presentation (15%)
Easiness to read and follow (10%)

Assessment criteria for Task 2:

Background of viruses and how they work (20%)
Signature scanning techniques (30%)
Heuristic scanning techniques (30%)
Other techniques (10%)
Easiness to read and follow (10%)


Also see the attached grading descriptors.


IV. Feedback Opportunities

Formative (Whilst youre working on the coursework)
You will be given the opportunity to receive informal verbal feedback from your
seminar tutor regarding your coursework development during the seminar
sessions.

Summative (After youve submitted the coursework)
You will receive specific feedback regarding your coursework submission together
with your awarded mark when it is returned to you. Clearly, feedback provided
with your coursework is only for developmental purposes so that you can improve
for the next assessment or subject-related module.
COMP30211: Security Technologies
Coursework for Security Technologies

4


Grading Descriptors


Class Scale General Characteristics
First
(Excellent)
Exceptional 1
st

Exceptional breadth and depth of knowledge and understanding of how an
encryption algorithm or virus detection technique works; evidence of extensive
and appropriate analysis and critical evaluation and of reading/research beyond
the prescribed range, in both breadth and depth, to advance work/direct
arguments. Work may achieve or be close to publishable or commercial standard.
High 1
st

Excellent knowledge and understanding of how an encryption algorithm or virus
detection technique works as the student is typically able to go beyond what has
been taught (particularly for a mid/high 1st); evidence of extensive and
appropriate analysis and critical evaluation and of reading/research beyond the
prescribed range, to advance work/direct arguments; performance deemed
beyond expectation of the level.
Mid 1
st

Low 1
st

Upper
Second
(Very good)
High 2:1
Very good knowledge and understanding of how an encryption algorithm or virus
detection technique works as the student is typically able to relate facts/concepts
together with some ability to apply to known/taught contexts; evidence of
appropriate analysis and critical evaluation of reading/research, some beyond the
prescribed range, may rely on set sources to advance work/direct arguments;
demonstrates autonomy in approach to learning; very good demonstration of
relevant skills.
Mid 2:1
Low 2:1
lower
Second
(good)
High 2:2
Good knowledge and understanding of how an encryption algorithm or virus
detection technique works, balanced towards the descriptive rather than critical or
analytical; evidence of appropriate analysis and critical evaluation of
reading/research, some may be beyond the prescribed range, but generally
reliant on set sources to advance work/direct arguments; good demonstration of
relevant skills, though may be limited in range; communication shows clarity but
structure may not always be coherent.
Mid 2:2
Low 2:2
Third
(Sufficient)
High 3
rd

Knowledge and understanding is sufficient to deal with terminology, basic facts
and concepts but fails to make meaningful synthesis; some ability to analyse and
evaluate reading/research however work may be more generally descriptive;
general reliance on set sources to advance work; arguments may be weak or
poorly constructed; adequate demonstration of relevant skills over a limited
range; communication/presentation is generally competent but with some
weaknesses.
Mid 3
rd

Low 3
rd

Fail
(Insufficient)
Marginal fail
Insufficient knowledge and understanding of how an encryption algorithm or virus
detection technique works; some ability to analyse and evaluate reading/research
however work is more generally descriptive; fails to address some aspects of the
brief; uses set sources to advance work; arguments may be weak/poor or
weakly/poorly constructed; demonstration of relevant skills over a reduced range;
communication shows limited clarity, poor presentation, structure may not be
coherent.
Mid fail
Highly insufficient knowledge or understanding of how an encryption algorithm or
virus detection technique works; understanding is typically at the word level with
facts being reproduced in a disjointed or decontextualised manner; fails to
address the outcomes addressed by the brief; typically ignores important sources
in development of work and data/evidence inappropriately used; weak technical
and practical competence hampers ability to demonstrate/communicate
achievement of outcomes.
Low fail
Zero Zero
Work of no merit OR absent, work not submitted, penalty in some misconduct
cases.