460-4122/02 – Computer Attacks and Defence (POU)
Gurantor department | Department of Computer Science | Credits | 4 |
Subject guarantor | prof. Ing. Ivan Zelinka, Ph.D. | Subject version guarantor | prof. Ing. Ivan Zelinka, Ph.D. |
Study level | undergraduate or graduate | Requirement | Compulsory |
Year | 1 | Semester | summer |
| | Study language | English |
Year of introduction | 2016/2017 | Year of cancellation | 2017/2018 |
Intended for the faculties | FEI | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
The course is divided into several blocks, which are thematically focused on the following areas: theoretical introduction, which will explain the basic concepts and vocabulary of cyber security, the comparison of operating systems and explanation of the way how to exploit mistakes in such systems, a description of the behavior of specific attacks and their modifications (course focuses on 2 specific types of attacks- ransomware and denial of Service), creatinon of a network of Internet robots (botnet) and defence against attacks from these networks, the method for analyzing the behavior and structure of the virus, explaining the process of developing the virus and the antivirus, recommended user behavior when using the internet, which will be supplemented by real world use cases, forensic techniques.
Teaching methods
Lectures
Tutorials
Project work
Summary
The course will cover a wider range of defense techniques and attacks on computer systems. There will be mentioned both historically classic techniques and modern processes and algorithms. The course will include targeted (hacking) and spyware attacks, botnets, and so on. Part of the course will also be the basics of digital forensic analysis and penetration testing. After completing the course, the student should have a thorough knowledge of the above-mentioned areas, including the possibility of applying countermeasures and enhancing the security of computer systems. Part of the course will include separate assignments from lectures (or exercises). Their review and presentation will be part of lectures.
Course will include individual assignments (presentations or projects). Their review and presentation will be part of lectures.
Compulsory literature:
Recommended literature:
Way of continuous check of knowledge in the course of semester
Kontrola je založena na vypracovávání protokolů předmětu, pomocí kterých student prokazuje nejen pochopení informací z přednášek, ale i schopnost jejich implementace v daném programovém prostředí. K získání zápočtu je nutno odevzdat cvičícímu všechny požadované protokoly a mít alespoň 80% fyzické účasti na laboratořích. Zápočet je podmínkou NUTNOU k připuštění ke zkoušce.
E-learning
Other requirements
It is required the ability to create programs in arbitrary programming language and apply lecture knowledge into algorithms.
Additional requirements are not defined.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
Lectures:
1. Introduction
2. Comparison of operating systems and well-known vulnerabilities
3. Types of cyber attacks
4. Evolution of ransomware and defense against ransomware attacks (CryptoLocker, CryptoWall, CTB Locker, etc.)
5. Botnets and denial of service attacks (DOS, DDOS)
6. Analysis of virus source code, debugging methods and tools
7. Basic techniques for reducing the chances of virus detection
8. Antivirus and immunization methods
9. Abusing software bugs
10. Software penetration testing
11. User identity, analysis of behavior and social networks analysis
12. Forensic techniques 1: analyze seized equipment
13. Forensic techniques 2: reconstruction of user activities on seized equipment
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction