460-4054/01 – Computer Viruses and Security of Computer Systems (PVBPS)

Gurantor department	Department of Computer Science	Credits	4
Subject guarantor	prof. Ing. Ivan Zelinka, Ph.D.	Subject version guarantor	prof. Ing. Ivan Zelinka, Ph.D.
Study level	undergraduate or graduate	Requirement	Optional
Year	1	Semester	summer
		Study language	Czech
Year of introduction	2011/2012	Year of cancellation	2014/2015
Intended for the faculties	FEI	Intended for study types	Follow-up Master

Instruction secured by
Login	Name	Tuitor	Teacher giving lectures
DUB080	Ing. Patrik Dubec
PLU042	Ing. Jan Plucar, Ph.D.
S1A10	doc. RNDr. Petr Šaloun, Ph.D.
ZAT108	Ing. Filip Zatloukal
ZEL01	prof. Ing. Ivan Zelinka, Ph.D.

Extent of instruction for forms of study
Form of study	Way of compl.	Extent
Full-time	Graded credit	1+2
Part-time	Graded credit	10+0

Subject aims expressed by acquired skills and competences

The aim of this course is to provide students with a comprehensive understanding of computer viruses and malware in general – including their definition, classification, structure, and methods of propagation within computer systems and networks. The course covers both the historical development of malicious software and its modern forms, such as armored viruses, worms, spyware, cyberweapons, and malware utilizing artificial intelligence. Students will engage in practical analysis of real-world malware samples, construction of illustrative virus prototypes, reverse engineering techniques, visualization of binary code using fractal geometry, and behavioral analysis. Special attention is given to the economics of cybercrime, the role of the dark web, and methods of malware distribution through underground digital infrastructure. The course further develops students' capabilities in detecting and responding to contemporary threats using machine learning and AI-based tools. Upon successful completion, students will gain knowledge of technologies used in malware creation, dissemination, and analysis. They will understand its application in espionage and critical infrastructure attacks and will be capable of designing and implementing effective countermeasures to enhance the security of computer systems and networks, including backup strategies and forensic techniques.

Teaching methods

Lectures
Tutorials
Project work

Summary

After completing this course, the student will be able to: Explain the principles of malicious code operation, its historical evolution, and current trends. Identify and classify various types of malware (including viruses, worms, trojans, spyware, ransomware, and armored code). Describe and analyze how malware spreads within computer systems and networks. Work with real malware samples in a controlled environment and understand their structure and behavior. Design and implement illustrative malware prototypes for educational purposes, including hybrid variants using artificial intelligence. Apply fundamental techniques of reverse engineering and behavioral analysis of malicious software. Use visualization techniques (e.g., fractal geometry) for the analysis of binary code. Understand the role of the dark web in the distribution and monetization of malware. Identify security risks and propose appropriate countermeasures to enhance the security of computer systems. Independently complete, present, and defend assignments based on the lecture topics.

Compulsory literature:

1.Peter H. Gregory, Computer Viruses For Dummies, For Dummies, ISBN: 9780764574184 2. Peter Szor, The Art of Computer Virus Research and Defense, Addison-Wesley Professional, ISBN: 0321304543 3. Jon Erickson, Hacking: The Art of Exploitation, 2nd Edition, No Starch Press; 2nd edition, ISBN: 1593271441 4. Ligh, M., Hartstein, B. and Adair, S., 2010. Malware analyst's cookbook and DVD: tools and techniques for fighting malicious code. John Wiley & Sons Inc. 5. Dunham, K., Hartman, S., Quintans, M., Morales, J.A. and Strazzere, T., 2014. Android malware and analysis. CRC Press. 6. Zelinka I., Merhaut F., OPVK_Computer viruses and security, Fakulta elektrotechniky a informatiky VŠB-TU Ostrava, 2018

Recommended literature:

7. Kevin Beaver, Hacking For Dummies, For Dummies; 3 edition, ISBN-10: 9780470550939

Additional study materials

Study supports in the EduDocs system

Way of continuous check of knowledge in the course of semester

Kontrola je založena na vypracovávání protokolů předmětu, pomocí kterých student prokazuje nejen pochopení informací z přednášek, ale i schopnost jejich implementace v daném programovém prostředí. K získání zápočtu je nutno odevzdat cvičícímu všechny požadované protokoly a mít alespoň 80% fyzické účasti na laboratořích. Zápočet je podmínkou NUTNOU k připuštění ke zkoušce. U studentů kombinovaného studia jsou laboratoře nahrazeny vypracováním zadaných protokolů.

E-learning

Other requirements

It is required the ability to create programs in arbitrary programming language and apply lecture knowledge into algorithms. Additional requirements are not defined.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

Lectures: 1. Umělá intelligence and artificial life, Self-replicated structure (the game of life, Fredkin's self-replicated structures, von Neumann and the theory of self-replicated automata). Artificial life and virtual universe (tierra biomorf, SBEAT, SBART, Eden SWIMBOOT). Artificial Life and Complex Systems. 2. Self-replicated structure, finite automata and Turing machines. Virus definitions, common and different features of biological virus. Classification of malicious code (viruses, adware, spyware, worms ,...) and its spreading code. HOAX. Generators viruses. 3. Malicious code and its dependence on the environment (eg OS, file format, processor architecture, compilers, ...) 4. Methods of infection. Infections files (COM, EXE, API, MBR, DBR, infection ...), art (overwriting viruses, connecting viruses, hollow viruses hidden point ...). Infection of memory, using suspension, swap viruses. 5. Basic defensive strategy of viruses. Scanning the memory trace, anti-debugging, armored viruses, retroviruses, defense against heuristic analysis, emulation and reversing disassembled, use undocumented functions. 6. Creation and generation of viruses. Code of the virus encoded by viruses (decryptor, nonlinear decoding W95/fono, W95/Mad2736) oligomorphic viruses, polymorphic viruses, metamorphic viruses. Generators viruses. 7. Basics of computer networks. Network Eavesdropping.Security Web site. Scanning ports. 8.Google Hacking. Buffer overflow - buffer overflows. Windows Security accounts. 9. Spam and antispam. Spam definitions and history. Tools for fighting spam. Anti-spam strategies and tools for Windows and Linux. Bayesian classifier and SpamAssassin. Mail client and filters. 10. Phishing. Phishing subcategories as spam. Right, phishing and spyware.False identity and false redirects identity. Phishing and Malware. Cracking. Protection Program. Anti - debug and anti - disasembler programs. 11. Hacking gathering, scanning and survey scanning programs, network services and research. Operating systems and attack them. Mac OS X, Windows and Linux. 12. Computer networks and attacks on them. Survey networks, autonomous systems, network services. Wireless and network attacks.Firewall. 13. Attacks on the code, runs on the web. Preventing the incident.implementation of security policies and procedures. Investigation procedures and computer investigations. Trace data and network control. 14. Investigation of the OS, Windows, Unix, Web attacks, hacker tools.Computer viruses, antivirus and Artificial Intelligence Exercise in PC classrooms - Basics of penetration testing - Mapping of vulnerability of computer systems - SQL injection - Cross Site Scripting (XSS) - Forgering Cross Site Request and Session Hijacking (CSFR) - Denial of service (DoS) - Remote shell command execution - Password cracking (Brutal force and dictionary attack) - Testing the vulnerability of WEP and WPA / WPA2 - Use Matasploit framework for penetration testing - Computer viruses - the basic structure - Computer viruses - Advanced Techniques

Conditions for subject completion

Full-time form (validity from: 2011/2012 Summer semester, validity until: 2014/2015 Summer semester)

Task name	Type of task	Max. number of points (act. for subtasks)	Min. number of points	Max. počet pokusů
Graded exercises evaluation	Graded credit	100	51	3

Mandatory attendence participation:

Show history

Conditions for subject completion and attendance at the exercises within ISP:

Show history

Occurrence in study plans

Academic year	Programme	Branch/spec.	Form	Study language	Tut. centre	Year	Type of duty
2014/2015	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	P	Czech	Ostrava	1	Optional	study plan
2014/2015	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	K	Czech	Ostrava	1	Optional	study plan
2013/2014	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	P	Czech	Ostrava	1	Optional	study plan
2013/2014	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	K	Czech	Ostrava	1	Optional	study plan
2012/2013	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	P	Czech	Ostrava	1	Optional	study plan
2012/2013	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	K	Czech	Ostrava	1	Optional	study plan
2011/2012	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	P	Czech	Ostrava	1	Optional	study plan
2011/2012	(N2647) Information and Communication Technology	(2612T025) Computer Science and Technology	K	Czech	Ostrava	1	Optional	study plan

Occurrence in special blocks

Block name	Academic year	Form of study	Study language	Year	W	S	Type of block	Block owner

Assessment of instruction