| Course Unit Code | 460-2040/03 |
|---|
| Number of ECTS Credits Allocated | 4 ECTS credits |
|---|
| Type of Course Unit * | Compulsory |
|---|
| Level of Course Unit * | First Cycle |
|---|
| Year of Study * | Third Year |
|---|
| Semester when the Course Unit is delivered | Summer Semester |
|---|
| Mode of Delivery | Face-to-face |
|---|
| Language of Instruction | Czech |
|---|
| Prerequisites and Co-Requisites | |
|---|
| Prerequisities | Course Unit Code | Course Unit Title |
|---|
| 460-2006 | Computer Networks |
| 460-2010 | Programming Languages I |
| 460-2012 | Programming Languages II |
| 460-2016 | Operating Systems |
| Name of Lecturer(s) | Personal ID | Name |
|---|
| OH140 | RNDr. Eliška Ochodková, Ph.D. |
| MOR03 | Ing. Pavel Moravec, Ph.D. |
| KRU13 | Mgr. Ing. Michal Krumnikl, Ph.D. |
| Summary |
|---|
| The aim of this subject is to is to familiarize students with the basic principles of computer security, vulnerabilities, attacks and defence against them. The topics cover the security of operating systems and their vulnerabilities, security applications (web, databases), malicious software, etc. Great emphasis is placed on the practical coverage of individual topics. |
| Learning Outcomes of the Course Unit |
|---|
Familiarize students with the basic principles of computer security.
After completing the course the student will be able to:
- identify and recognize different attacks
- discern typical errors that are exploitable by an attacker and avoid them when creating software components
- use intrusion detection and prevention techniques
- identify and use a known block and stream ciphers
- implement secure applications and write safe code |
| Course Contents |
|---|
Lectures
1. Basic concepts and principles of security (security vs usability, security functions and mechanisms, attack types, threats, vulnerabilities, risks, backup mechanisms, ...).
2. Detection, prevention and mitigation of the effects of individual attacks on the service (load balancers, proxy, honeypot).
3. Cryptography: Block and stream ciphers, implementation of a secure channel, data encapsulation of serializable objects, public key infrastructure.
4. Security of Internet application protocols.
5. Development of safe applications (general principles, the most common vulnerabilities, database security, security of web applications).
6. Security of mobile platforms (data transfer and storage, security features of mobile OS, application distribution and signatures).
7. Hardware security features (cards, chips, reverse engineering).
8. Introduction to Digital Forensics (collection of information from systems, analysis, evaluation)
9. Creating secure code (static code analysis, obfuscation, buffer overflow, boundary conditions).
10. Malware (viruses, spyware, infection, detection of malware, social engineering)
Computer labs
Labs follow the issues discussed in the lectures. Their main aim is the practical demonstration and evaluation of individual topics as well as the analysis, administration, configuration and testing of security mechanisms.
1. Introduction to penetration testing.
2. Honeypot and load balancer configuration, attack simulation, detection techniques.
3. Application of block ciphers in network protocols.
4. Implementation of cryptographic schemes.
5. In-depth protocol analysis with packet analyzer, analysis of encrypted communication
6. Demonstration of known vulnerabilities: XSS, SQL injection, buffer overflow, …
7. Attacks on application layer protocols, including HTTP.
8. Attacks on mobile devices and platforms.
9. Usage of modern computation technologies for implementation of attacks against wireless networks.
10. Log analysis and forensic analysis of recorded attack.
|
| Recommended or Required Reading |
|---|
| Required Reading: |
|---|
1. Stallings, W.:Cryptography and Network Security: Principles and Practice, Prentice Hall 5th edition 2010, ISBN: 0136097049
2. Seacord, R. C.: Secure Coding in C and C++, Addison-Wesley 2005, ISBN 0321335724 |
1. Stallings, W.:Cryptography and Network Security: Principles and Practice, Prentice Hall 5th edition 2010, ISBN: 0136097049
2. Seacord, R. C.: Secure Coding in C and C++, Addison-Wesley 2005, ISBN 0321335724 |
| Recommended Reading: |
|---|
1. Tanenbaum, A.S.: Computer Networks, Prentice Hall 5th edition 2010, ISBN: 0132126958
2. Menezes, A. J., Van Oorschot, P. C., Vanstone, S. A.: Handbook of Applied Cryptography, CRC Press, 1997, ISBN: 9780849385230
3. Scarfone, K. and Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS), NIST 2007, http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf |
1. Tanenbaum, A.S.: Computer Networks, Prentice Hall 5th edition 2010, ISBN: 0132126958
2. Menezes, A. J., Van Oorschot, P. C., Vanstone, S. A.: Handbook of Applied Cryptography, CRC Press, 1997, ISBN: 9780849385230
3. Scarfone, K. and Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS), NIST 2007, http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf |
| Planned learning activities and teaching methods |
|---|
| Lectures, Tutorials, Experimental work in labs, Project work, Other activities |
| Assesment methods and criteria |
|---|
| Task Title | Task Type | Maximum Number of Points
(Act. for Subtasks) | Minimum Number of Points for Task Passing |
|---|
| Credit and Examination | Credit and Examination | 100 (100) | 51 |
| Credit | Credit | 45 (45) | 22 |
| Lab assignments | Laboratory work | 15 | 5 |
| Laboratorní úlohy - honeypot, síťové protokoly | Laboratory work | 15 | 5 |
| Laboratorní úlohy - kryptografie, zranitelnosti | Laboratory work | 15 | 5 |
| Examination | Examination | 55 | 22 |