Terminated in academic year 2022/2023
Computer Attacks and Defence
| Type of study | Follow-up Master |
|---|---|
| Language of instruction | Czech |
| Code | 460-4122/05 |
| Abbreviation | POU |
| Course title | Computer Attacks and Defence |
| Credits | 4 |
| Coordinating department | Department of Computer Science |
| Course coordinator | prof. Ing. Ivan Zelinka, Ph.D. |
Subject syllabus
Lectures:
1. Introduction
2. Comparison of operating systems and well-known vulnerabilities
3. Types of cyber attacks
4. Evolution of ransomware and defense against ransomware attacks (CryptoLocker, CryptoWall, CTB Locker, etc.)
5. Botnets and denial of service attacks (DOS, DDOS)
6. Analysis of virus source code, debugging methods and tools
7. Basic techniques for reducing the chances of virus detection
8. Antivirus and immunization methods
9. Abusing software bugs
10. Software penetration testing
11. User identity, analysis of behavior and social networks analysis
12. Forensic techniques 1: analyze seized equipment
13. Forensic techniques 2: reconstruction of user activities on seized equipment
Laboratories:
1. File inclusion: Introducing web attacks and getting familiar with the DVWA application that we will use in the next few exercises.
2. SQL Injection: Students will extract user passwords from database alongside with another useful information such as DB structure, name and version.
3. Password cracking: Cracking passwords using a brute force or dictionary attack algorithms.
4. XSS and Session hijacking: Exercise showing an interesting web attack - stealing a foreign session.
Try to steal a session of a user who visits a guestbook page in the DVWA application.
5. Drive-by download: Combination of malicious code delivery and its activation through JavaScript.
Windows script host usage and possibilities of remote communication and access to the power shell from JavaScript.
6. Denial of service: Students will perform denial of service attack on the prepared web servers.
Wireshark network analysis tool will be used to compare legitimate and malicious traffic.
7. Google hacking: Introduction to information gathering using available tools such as google search engine.
8. Hacking: Practical test of simple hacking. Learn basic hacking techniques using the www.hackthissite.org project.
9. Exploitation, Metasploit framework: Vulnerability exploitation using Metasploit framework.
Use the Metasploit framework to prepare the attack environment to allow the attacker to exploit through vulnerability in Adobe Flash Player.
10. Penetration testing: A final exercise where students recapitulate the acquired knowledge.
A fictitious company asked you to perform a security audit or penetration testing. On a theoretical level, simulate and write down the procedures and tools used.
11. Student presentations
Course will include individual assignments (presentations or projects). Their review and presentation will be part of lectures.
1. Introduction
2. Comparison of operating systems and well-known vulnerabilities
3. Types of cyber attacks
4. Evolution of ransomware and defense against ransomware attacks (CryptoLocker, CryptoWall, CTB Locker, etc.)
5. Botnets and denial of service attacks (DOS, DDOS)
6. Analysis of virus source code, debugging methods and tools
7. Basic techniques for reducing the chances of virus detection
8. Antivirus and immunization methods
9. Abusing software bugs
10. Software penetration testing
11. User identity, analysis of behavior and social networks analysis
12. Forensic techniques 1: analyze seized equipment
13. Forensic techniques 2: reconstruction of user activities on seized equipment
Laboratories:
1. File inclusion: Introducing web attacks and getting familiar with the DVWA application that we will use in the next few exercises.
2. SQL Injection: Students will extract user passwords from database alongside with another useful information such as DB structure, name and version.
3. Password cracking: Cracking passwords using a brute force or dictionary attack algorithms.
4. XSS and Session hijacking: Exercise showing an interesting web attack - stealing a foreign session.
Try to steal a session of a user who visits a guestbook page in the DVWA application.
5. Drive-by download: Combination of malicious code delivery and its activation through JavaScript.
Windows script host usage and possibilities of remote communication and access to the power shell from JavaScript.
6. Denial of service: Students will perform denial of service attack on the prepared web servers.
Wireshark network analysis tool will be used to compare legitimate and malicious traffic.
7. Google hacking: Introduction to information gathering using available tools such as google search engine.
8. Hacking: Practical test of simple hacking. Learn basic hacking techniques using the www.hackthissite.org project.
9. Exploitation, Metasploit framework: Vulnerability exploitation using Metasploit framework.
Use the Metasploit framework to prepare the attack environment to allow the attacker to exploit through vulnerability in Adobe Flash Player.
10. Penetration testing: A final exercise where students recapitulate the acquired knowledge.
A fictitious company asked you to perform a security audit or penetration testing. On a theoretical level, simulate and write down the procedures and tools used.
11. Student presentations
Course will include individual assignments (presentations or projects). Their review and presentation will be part of lectures.
Literature
Advised literature
[1] Velu V. K., Beggs R., Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux, Packt Publishing, 2019, ISBN 978-1789340563
[2] Anson S., Applied Incident Response, Wiley, 2020, ISBN 978-1119560265
[3] Roberts J. S., Brown R., Intelligence-Driven Incident Response: Outwitting the Adversary, O'Reilly Media, 2017, ISBN 978-1491934944
[2] Anson S., Applied Incident Response, Wiley, 2020, ISBN 978-1119560265
[3] Roberts J. S., Brown R., Intelligence-Driven Incident Response: Outwitting the Adversary, O'Reilly Media, 2017, ISBN 978-1491934944