440-4128/01 – Cyber Security II (KB II)

Gurantor departmentDepartment of TelecommunicationsCredits5
Subject guarantorprof. Ing. Miroslav Vozňák, Ph.D.Subject version guarantorprof. Ing. Miroslav Vozňák, Ph.D.
Study levelundergraduate or graduateRequirementChoice-compulsory type A
Year1Semestersummer
Study languageCzech
Year of introduction2021/2022Year of cancellation2023/2024
Intended for the facultiesFEIIntended for study typesFollow-up Master
Instruction secured by
LoginNameTuitorTeacher giving lectures
REZ106 Ing. Filip Řezáč, Ph.D.
VOZ29 prof. Ing. Miroslav Vozňák, Ph.D.
Extent of instruction for forms of study
Form of studyWay of compl.Extent
Full-time Graded credit 2+2
Part-time Graded credit 6+12

Subject aims expressed by acquired skills and competences

Learning outcomes are set so that students gain the ability to identify, detect and analyze modern cyber threats in order to create an effective defense against them in the form of their own firewall and the deployment of advanced applications and tools. The student will also gain knowledge in the field of penetration testing of network infrastructures and elements.

Teaching methods

Lectures
Tutorials
Experimental work in labs
Project work

Summary

The course focuses on special and advanced areas of cyber security in the form of a practical introduction of modern attack schemes, their analysis and the creation of effective countermeasures using their own tools or third-party applications. The student will also learn to implement penetration tests in small and medium networks and will also gain knowledge in the field of cryptocurrencies and quantum computers.

Compulsory literature:

[1] Yuri Diogenes, Erdal Ozkaya, Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition, 2019, ASIN: B081SSGKF5.

Recommended literature:

[1] Steve Suehring, Linux Firewalls: Enhancing Security with nftables and Beyond, 2015, ASIN : B00SN5JYTW

Way of continuous check of knowledge in the course of semester

Each student can get a maximum of 100 points during the semester, including: • semestral project 40 points, • realization of the paper 20 points, • laboratory practice, 4x10 points.

E-learning

https://lms.vsb.cz

Other requirements

Advanced knowledge of network protocols and services, advanced knowledge of working in Linux and knowledge of cryptographic techniques, basic knowledge of scripting programming languages.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

1. Methods and tools of penetration on the physical layer - HW hacking, signal hijacking, traffic disruption, social engineering. 2. Methods and tools for scanning and monitoring on network traffic - MiTM, ARP poisoning, EtherCAP, advanced work with Nmap. 3. Methods and tools for Denial of Service and eavesdropping - DOS vs. DDOS, botnet, ionorbitalcannon, Hulk. 4. Methods and tools for password detection - rainbow tables, dictionary vs. brute force attacks, combination and use of modern techniques - CUDA, neural networks. 5. Methods and tools for active penetration - malware, ransomware, locking. 6. Design of secure network infrastructure - element redundancy, high availability, authentication, role management, password policy, perimeter security, monitoring. 7. Design of secure network infrastructure - practical security of protocols and services - HTTPS, SFTP, DNSSEC, secure protocols el. mail, storage encryption. 8. Design of secure network infrastructure - firewall deployment - modes, IPtables, NFtables, advanced configuration - security zones, adaptive filtering, DMZ. 9. Design of secure network infrastructure - passive and active monitoring systems IDS / IPS - possibilities of deployment in topology, principles of detection, creation of rules, possibilities of connection to security elements, practical examples - Suricata. 10. Design of secure network infrastructure - Honeypots and Honeynets - division, principle of operation, deployment options, interaction modes - Tpot, Dianoea, Kippo, cowrie. 11. Penetration testing - vurneability tools for security level evaluation - Nessus, OpenVAS, Metasploit, PerfectStorm - creation of testing scenarios and malware sandboxing. 12. Penetration testing - tools for wireless networks - promiscuous vs. monitoring mode, principles of security modes penetration - PSK, EAP. 13.Practical Security - finance - cryptocurrencies - principles, security, blockchain, darknet and blackmarkets 14. Practical Security - quantum computer - principles, applications, new approaches to cryptography, impacts, current trends

Conditions for subject completion

Part-time form (validity from: 2022/2023 Winter semester, validity until: 2024/2025 Summer semester)
Task nameType of taskMax. number of points
(act. for subtasks)
Min. number of pointsMax. počet pokusů
Graded credit Graded credit 100 (100) 51 3
        Projekt Project 40  0
        Referát/esej Other task type 20  0
        Laboratorní úloha 1 Laboratory work 10  0
        Laboratorní úloha 2 Laboratory work 10  0
        Laboratorní úloha 3 Laboratory work 10  0
        Laboratorní úloha 4 Laboratory work 10  0
Mandatory attendence participation: There is no compulsory participation in the course.

Show history

Conditions for subject completion and attendance at the exercises within ISP: Completion of all mandatory tasks within individually agreed deadlines.

Show history

Occurrence in study plans

Academic yearProgrammeBranch/spec.Spec.ZaměřeníFormStudy language Tut. centreYearWSType of duty
2023/2024 (N0714A060020) Communication and Information Technology MRK P Czech Ostrava 1 Choice-compulsory type A study plan
2023/2024 (N0714A060020) Communication and Information Technology KS P Czech Ostrava 1 Choice-compulsory type A study plan
2023/2024 (N0714A060020) Communication and Information Technology KS K Czech Ostrava 1 Choice-compulsory type A study plan
2023/2024 (N0714A060020) Communication and Information Technology MRK K Czech Ostrava 1 Choice-compulsory type A study plan
2022/2023 (N0714A060020) Communication and Information Technology MRK P Czech Ostrava 1 Choice-compulsory type A study plan
2022/2023 (N0714A060020) Communication and Information Technology KS P Czech Ostrava 1 Choice-compulsory type A study plan
2022/2023 (N0714A060020) Communication and Information Technology KS K Czech Ostrava 1 Choice-compulsory type A study plan
2022/2023 (N0714A060020) Communication and Information Technology MRK K Czech Ostrava 1 Choice-compulsory type A study plan

Occurrence in special blocks

Block nameAcademic yearForm of studyStudy language YearWSType of blockBlock owner

Assessment of instruction



2022/2023 Summer