- Tomáš Čejka (guarantor), Simona Buchovecká
- Tomáš Čejka (guarantor), Simona Buchovecká, Jiří Smítka
- Department of Information Security
The students will gain theoretical and practical knowledge and experience in the area of current security threats in computer networks, specifically about detection and defense. The course explains basic pricipals of security monitoring, packet-based and flow-based analysis, in order to detect anomalies and suspicious network traffic. The course focuses on explanation and practical examples of various mechanisms of securing network infrastructure and detection in real time. The course covers general principals of handling detected security events (i.e. incident handling and incident response).
General knowledge about the functioning of computer networks and systems. Basics from programming.
- Syllabus of lectures:
1. Introduction, Selected Network Protocols and Their Security Weaknesses
2. Network attacks 1 (Introduction)
3. Network attacks 2 ((D)DoS, Scanning, Brute-Force)
4. Network attacks 3 (Covert Channels, MitM, Poisoning, L7 threats)
5. Remote Access
6. Active Defense, Cyber Deception
7. Data mining
8. Statistical methodology for anomaly detection
9. Intrusion Detection Systems
10. Incident response
11. Penetration testing
12. Reserved (Social Engineering)
- Syllabus of tutorials:
1. ARP Man-in-the-Middle (MitM) and Scapy
2. (Distributed) Denial of Service
3. Packet-Based Network Analysis
4. Flow-Based Network Analysis
5. Network Scanning and Vulnerability testing
- Study Objective:
he goal of the course is to teach the students basic security aspects of communication protocols in wired, optical, and wireless networks. Emphasis is put on detection and prevention of attacks on resources and information systems in wired computer networks.
- Study materials:
1. Kaufman, Perlman & Speciner, Network Security, Private Communication in a Public World, 2nd Edition. Prentice Hall, 2002, ISBN: 0130460192.
2. Stallings, Cryptography and Network Security: Principles and Practice', 5th Edition. Prentice Hall, 2010, ISBN: 0-13-869017-0.
3. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley Publishing, 2008, ISBN: 0470068523.
4. Mitnick, Simon, Wozniak, The Art of Deception: Controlling the Human Element of Security, Wiley, 2003, ISBN: 076454280X.
- Further information:
- Time-table for winter semester 2020/2021:
NBFIT PC učebnaroomT9:345
NBFIT BOU ucebnaroomT9:345
NBFIT BOU ucebna
Tue Fri Thu Fri
- Time-table for summer semester 2020/2021:
- Time-table is not available yet
- The course is a part of the following study plans:
- Knowledge Engineering, in Czech, Presented in Czech, Version 2016 and and 2017 (elective course)
- Computer Security, Presented in Czech, Version 2016 to 2019 (compulsory course of the specialization)
- Computer Systems and Networks, Presented in Czech, Version 2016 to 2019 (compulsory course of the specialization)
- Design and Programming of Embedded Systems, in Czech, Version 2016 to 2019 (elective course)
- Specialization Web and Software Engineering, in Czech, Version 2016 to 2019 (elective course)
- Specialization Software Engineering, in Czech, Version 2016 to 2019 (elective course)
- Specialization Web Engineering, Presented in Czech, Version 2016 to 2019 (elective course)
- Master Informatics, Presented in Czech, Version 2016 to 2019 (VO)
- Specialization System Programming, Presented in Czech, Version 2016 to 2019 (elective course)
- Specialization Computer Science, Presented in Czech, Version 2016-2017 (elective course)
- Specialization Computer Science, Presented in Czech, Version 2018 to 2019 (VO)
- Knowledge Engineering, in Czech, Presented in Czech, Version 2018 to 2019 (elective course)