Introduction to Computer Security

Code	Completion	Credits	Range	Language
B4M36BSY	Z,ZK	6	2P+2C	Czech

Relations:

It is not possible to register for the course B4M36BSY if the student is concurrently registered for or has already completed the course BE4M36BSY (mutually exclusive courses).

The requirement for course B4M36BSY can be fulfilled by substitution with the course BE4M36BSY.

It is not possible to register for the course B4M36BSY if the student is concurrently registered for or has previously completed the course BE4M36BSY (mutually exclusive courses).

Course guarantor:

Tomáš Pevný

Lecturer:

Sebastián García, Tomáš Pevný

Tutor:

Lukáš Forst, Sebastián García, Ondřej Lukáš, Tomáš Pevný, Maria Rigaki, Martin Řepa, Muris Sladić, Veronica Valeros

Supervisor:

Department of Computer Science

Synopsis:

This course aims to teach students cybersecurity fundamentals by combining penetration testing with defense strategies. Using an innovative blend of lectures and practical tutorials, students engage in highly interactive classes. Each new concept is immediately reinforced with hands-on exercises, allowing students to apply what they have learned in real-time.

Throughout the semester, the course integrates both attack and defense techniques. In realistic scenarios accessed via a cyber range, students will practice a wide range of skills: reconnaissance, scanning, exploiting vulnerabilities, privilege escalation, lateral movement, exfiltration, malware analysis, network security forensics, binary reversing, log analysis, intrusion detection systems, honeypots, and applications of machine learning and AI in cybersecurity.

Classes are in English. Teachers speak English, Czech, Spanish, Greek, and Bosnian.

Requirements:

• Basic knowledge of how to operate Linux systems. You should be able to complete at least the first half of the Bandit challenge levels (https://overthewire.org/wargames/bandit/).

• Basic knowledge of Internet operations and networking

• Fluent knowledge of how to use SSH (connect, copy files through and from)

What equipment student needs:

• Computer to take the class and participate in the assignments

• A laptop that can connect to the Internet, able to SSH, and install new software

• An SSH client installed

• Wireshark installed (https://www.wireshark.org/download.html)

What Students Will Be Provided With

• Detailed weekly coursebook with all the theory, commands, and tools used in class

• Live video stream and recordings of every class and recordings of previous years

• Access to the class cyber range to conduct the assignments and exercises

• Access to a chat system to ask questions before, during, and after class

Syllabus of lectures:

1. Basic concepts in cybersecurity, an overview of protocols and their properties

2. Network reconnaissance, scanning, and basic network analysis

3. Attacking devices in the network, vulnerabilities, exploits

4. Detection of attacks, hardening user access, host-based IDS

5. Virtualization, sandboxing, honeypots, and threat intelligence

6. Privilege escalation, persistence, side-channel attacks

7. Binary exploitation & secure coding

8. Binary reversing, static & dynamic code analysis

9. Malware, C&C channels, denial of service attacks

10. Malware detection, packet analysis, netflows, ML for cybersecurity

11. Web attacks, browser security, practical aspects of cryptography

12. Security of mobile devices

Syllabus of tutorials:

Tutorials and labs are together.

Study Objective:

After successfully completing the course, students will be prepared for junior penetration testing roles or to continue as cybersecurity researchers with expertise in AI.

Study materials:

• Zalewski, M. (2005) Silence on the wire: a field guide to passive reconnaissance and indirect attacks

• Lyon, G. F. (2008) Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

• Sanders, C. (2020) Intrusion Detection Honeypots: Detection Through Deception. Applied Network Defense.

• Chappel, L. (2012) Wireshark Network Analysis.

• Anderson, R. (2020) Security Engineering: A Guide to Building Dependable Distributed Systems

• Stuttard, D., & Pinto, M. (2011). The web application hacker's handbook: Finding and exploiting security flaws. John Wiley & Sons.

Note:

Further information:

https://cybersecurity.bsy.fel.cvut.cz/

Time-table for winter semester 2024/2025:

	06:00–08:0008:00–10:0010:00–12:0012:00–14:0014:00–16:0016:00–18:0018:00–20:0020:00–22:0022:00–24:00
Mon
Tue
Wed
Thu	roomKN:E-301 Pevný T. García S. 14:30–16:00 (lecture parallel1) Karlovo nám. roomKN:E-301 16:15–17:45 (lecture parallel1 parallel nr.101) Karlovo nám. roomKN:E-107 Pevný T. García S. 14:30–16:00 (lecture parallel1) Karlovo nám. roomKN:E-107 16:15–17:45 (lecture parallel1 parallel nr.101) Karlovo nám. roomKN:E-301 16:15–17:45 (lecture parallel1 parallel nr.102) Karlovo nám. roomKN:E-107 16:15–17:45 (lecture parallel1 parallel nr.102) Karlovo nám.
Fri

Time-table for summer semester 2024/2025:

Time-table is not available yet

The course is a part of the following study plans:

Open Informatics - Cyber Security (compulsory course of the specialization)
Open Informatics - Software Engineering (compulsory course of the specialization)