|
Lecturer(s)
|
-
Kincl Jan, Ing.
-
Korbel Jiří, Ing. Ph.D.
-
Králík Lukáš, Ing. Ph.D.
-
Malaník David, Ing. Ph.D.
|
|
Course content
|
Topics: 1. Artificial intelligence and artificial life, self-replicating structures (game of life, Fredkin's self-replicating structures). Artificial life and virtual universe (Tierra, biomorphs, SBEAT, SBART, EDEN, SWIMBOOT). Artificial life and complex systems. 2. Self-replicating structures, finite automata and Turing machines. Virus definition, common and different features with biological virus. Classification of malicious code (viruses, adware, spyware, worms,) and its spread of code. HOAX. 3. Malicious code and its dependence on the runtime environment. 4. Methods of infection. File infections (com, exe, API, MBR, DBR), infection techniques (transcribing viruses, joining viruses, cavity viruses, secret point). Memory infections, interrupt usage, swap viruses. 5. Basic defense strategies of viruses. In-memory scanning, tracing, debug protection, armored viruses, retroviruses, defense against heuristic analysis, emulation and disassembly, use of undocumented functions. 6. Creation and generation of viruses. Virus code, encoded viruses (decryptors, nonlinear decoding, W95 / phono, W95 / Mad2736), oligomorphic viruses, polymorphic viruses, metamorphic viruses. Virus generators. 7. Repetition of basics of computer networks. Eavesdropping on the network. Web server security. Port scanning. 8. Computer networks and attacks on them. Network research, autonomous systems, network services. Wireless networks and attacks. Firewall. 9. Google Hacking. Buffer overflow - stack overflow. Security of MS Windows accounts. 10. Spam and antispam. Spam, definitions and history. Spam protection tools. Antispam strategies and tools for Windows and Linux. Bayesian classifier and SpamAssassin. Mail client and filters. 11. Phishing. Phishing as a subcategory of spam. False identity, redirection and false identity. Phishing and Malware. Cracking. Program protection. Anti-debugging and anti-disassembly programs. Program protection. 12. Hacking I. Collection of information, scanning and overview of scanning programs, network services and their research. Operating systems and attacks on them: Mac OSX, Windows and Linux. 13. Code attacks, web attacks. Incident prevention. Implementation of security policy and procedures. Search procedures and computer investigation. Data tracing and network surveillance. 14. Web attacks, hacker tools. Computer viruses, antiviruses and artificial intelligence
|
|
Learning activities and teaching methods
|
Lecturing, Demonstration, Exercises on PC, E-learning
- Participation in classes
- 42 hours per semester
- Home preparation for classes
- 40 hours per semester
- Preparation for course credit
- 26 hours per semester
|
| prerequisite |
|---|
| Knowledge |
|---|
| Knowledge of MS Windows and Linux operating systems. Basic knowledge of the function of LAN / WAN networks. |
| Knowledge of MS Windows and Linux operating systems. Basic knowledge of the function of LAN / WAN networks. |
| learning outcomes |
|---|
| Describe the basic orientation in the field of Cybersecurity. |
| Describe the basic orientation in the field of Cybersecurity. |
| Explain current threats in cyberspace. |
| Explain current threats in cyberspace. |
| List the types of attacks in cyberspace. |
| List the types of attacks in cyberspace. |
| Describe the rationale for implementing security policies. |
| Describe the rationale for implementing security policies. |
| Explain the use of infrastructure penetration testing. |
| Explain the use of infrastructure penetration testing. |
| Skills |
|---|
| Apply tools to identify vulnerabilities in the infrastructure. |
| Apply tools to identify vulnerabilities in the infrastructure. |
| Verify the security of a server or web application. |
| Verify the security of a server or web application. |
| Evaluate server security. |
| Evaluate server security. |
| Evaluate desktop security. |
| Evaluate desktop security. |
| Design and conduct an infrastructure penetration test. |
| Design and conduct an infrastructure penetration test. |
| teaching methods |
|---|
| Knowledge |
|---|
| Demonstration |
| E-learning |
| Lecturing |
| Lecturing |
| Demonstration |
| Exercises on PC |
| Exercises on PC |
| E-learning |
| assessment methods |
|---|
| Written examination |
| Analysis of seminar paper |
| Analysis of seminar paper |
| Written examination |
| Analysis of educational material |
| Analysis of educational material |
|
Recommended literature
|
-
Jan Kolouch. CyberCrime. Praha, 2016. ISBN 9788088168157.
-
Jan Kolouch. CyberSecurity. Praha, 2019. ISBN 978-80-88168-34-8.
-
Jon Erickson. Hacking: umění exploitace. Brno, 2009. ISBN 978-80-7413-022-9.
-
Misha Glenny. Temný trh: kyberzloději, kyberpolicisté a vy. Brno. ISBN 9788073635220.
-
Peter Szor. Počítačové viry: analýza útoku a obrana.. 2006. ISBN 8086815048.
-
Petr Szor. Art of Computer Virus Research and Defense. Symantec Press, 2005. ISBN 0321304543.
|