460-4122/01 – Computer Attacks and Defence (POU)

Gurantor department	Department of Computer Science	Credits	4
Subject guarantor	prof. Ing. Ivan Zelinka, Ph.D.	Subject version guarantor	prof. Ing. Ivan Zelinka, Ph.D.
Study level	undergraduate or graduate	Requirement	Compulsory
Year	1	Semester	summer
		Study language	Czech
Year of introduction	2016/2017	Year of cancellation	2017/2018
Intended for the faculties	FEI	Intended for study types	Follow-up Master

Instruction secured by
Login	Name	Tuitor	Teacher giving lectures
PLU042	Ing. Jan Plucar, Ph.D.
ZAT108	Ing. Filip Zatloukal

Extent of instruction for forms of study
Form of study	Way of compl.	Extent
Full-time	Credit and Examination	2+2

Subject aims expressed by acquired skills and competences

The course is divided into several blocks, which are thematically focused on the following areas: theoretical introduction, which will explain the basic concepts and vocabulary of cyber security, the comparison of operating systems and explanation of the way how to exploit mistakes in such systems, a description of the behavior of specific attacks and their modifications (course focuses on 2 specific types of attacks- ransomware and denial of Service), creatinon of a network of Internet robots (botnet) and defence against attacks from these networks, the method for analyzing the behavior and structure of the virus, explaining the process of developing the virus and the antivirus, recommended user behavior when using the internet, which will be supplemented by real world use cases, forensic techniques.

Teaching methods

Lectures
Tutorials
Project work

Summary

The course will cover a wider range of defense techniques and attacks on computer systems. There will be mentioned both historically classic techniques and modern processes and algorithms. The course will include targeted (hacking) and spyware attacks, botnets, and so on. Part of the course will also be the basics of digital forensic analysis and penetration testing. After completing the course, the student should have a thorough knowledge of the above-mentioned areas, including the possibility of applying countermeasures and enhancing the security of computer systems. Part of the course will include separate assignments from lectures (or exercises). Their review and presentation will be part of lectures. Course will include individual assignments (presentations or projects). Their review and presentation will be part of lectures.

Compulsory literature:

1. Diogenes Y., Ozkaya E., Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, Packt Publishing, 2019, ISBN 978-1838827793

Recommended literature:

[1] Velu V. K., Beggs R., Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux, Packt Publishing, 2019, ISBN 978-1789340563 [2] Anson S., Applied Incident Response, Wiley, 2020, ISBN 978-1119560265 [3] Roberts J. S., Brown R., Intelligence-Driven Incident Response: Outwitting the Adversary, O'Reilly Media, 2017, ISBN 978-1491934944

Way of continuous check of knowledge in the course of semester

Kontrola je založena na vypracovávání protokolů předmětu, pomocí kterých student prokazuje nejen pochopení informací z přednášek, ale i schopnost jejich implementace v daném programovém prostředí. K získání zápočtu je nutno odevzdat cvičícímu všechny požadované protokoly a mít alespoň 80% fyzické účasti na laboratořích. Zápočet je podmínkou NUTNOU k připuštění ke zkoušce.

E-learning

Other requirements

It is required the ability to create programs in arbitrary programming language and apply lecture knowledge into algorithms. Additional requirements are not defined.

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

Lectures: 1. Introduction 2. Comparison of operating systems and well-known vulnerabilities 3. Types of cyber attacks 4. Evolution of ransomware and defense against ransomware attacks (CryptoLocker, CryptoWall, CTB Locker, etc.) 5. Botnets and denial of service attacks (DOS, DDOS) 6. Analysis of virus source code, debugging methods and tools 7. Basic techniques for reducing the chances of virus detection 8. Antivirus and immunization methods 9. Abusing software bugs 10. Software penetration testing 11. User identity, analysis of behavior and social networks analysis 12. Forensic techniques 1: analyze seized equipment 13. Forensic techniques 2: reconstruction of user activities on seized equipment

Conditions for subject completion

Full-time form (validity from: 2016/2017 Winter semester, validity until: 2017/2018 Summer semester)

Task name	Type of task	Max. number of points (act. for subtasks)	Min. number of points	Max. počet pokusů
Credit and Examination	Credit and Examination	100 (100)	51
Credit	Credit	45	15
Examination	Examination	55	35	3

Mandatory attendence participation:

Show history

Conditions for subject completion and attendance at the exercises within ISP:

Show history

Occurrence in study plans

Academic year	Programme	Branch/spec.	Spec.	Zaměření	Form	Study language	Tut. centre	Year	W	S	Type of duty
2017/2018	(N2647) Information and Communication Technology	(1801T064) Information and Communication Security			P	Czech	Ostrava	1			Compulsory	study plan
2016/2017	(N2647) Information and Communication Technology	(1801T064) Information and Communication Security			P	Czech	Ostrava	1			Compulsory	study plan

Occurrence in special blocks

Block name	Academic year	Form of study	Study language	Year	W	S	Type of block	Block owner

Assessment of instruction

2017/2018 Summer

2016/2017 Summer