Navigation

13M111ZRM - Advanced Network and System Security

Course specification
Course title Advanced Network and System Security
Acronym 13M111ZRM
Study programme Electrical Engineering and Computing
Module
Type of study master academic studies
Lecturer (for classes)
Lecturer/Associate (for practice)
Lecturer/Associate (for OTC)
ESPB 6.0 Status elective
Condition Computer Security, Operating Systems, Computer Networks
The goal Introducing students to the field of computer system and network intrusion and attack detection and prevention. Teaching students for the work in the field of computer system and network security. Ethical hacking and penetration testing. Understanding key threats and attack vectors on computer and software systems. Practical work on multiple contemporary tools for attack detection and analysis.
The outcome Students who complete this course will be able to: * understand the methodology of the attacks and intrusions to computer systems and networks * know various types of attack on computer systems and networks * actively use tools for the detection and analysis of the threats and attacks * perform ethical intrusions into the computer systems and networks as a way to analyse system vulnerability
Contents
URL to the subject page https://rti.etf.bg.ac.rs/rti/ms1zrm/
Contents of lectures Attacks on computer systems and networks: methodology and phases. Reconnaissance, scanning, enumeration of the computer system and network data. Social engineering. IP, ARP, DNS, BGP attacks, DoS and botnets. Malware, password guessing, SQLi, XSS, OS vulnerability. Tools for system protection: ACL, firewalls, IDS/IPS, honeypot. Anonymity, Tor. Mobile device security. Web frauds. Ethical hacking.
Contents of exercises Computer system and network reconnaisance, packet and communication session analysis. Network attacks (ARP spoofing, DNS spoofing and other). Computer systems attack (SQL injection, cross site scripting, Eternal Blue, and other). Network security (packet filters, firewalls, honeypot). Log analysis and SIEM. DoS protection. Penetration testing and ethical hacking.
Literature
  1. CEH v10: EC-Council Certified Ethical Hacker Complete Training Guide, Independently published (May 26, 2018) (Original title)
  2. Kim P., The Hacker Playbook: Practical Guide To Penetration Testing, CreateSpace Independent Publishing Platform, 2014 (Original title)
  3. Diogenes Y., Cybersecurity – Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics, Packt Publishing (January 30, 2018) (Original title)
Number of hours per week during the semester/trimester/year
Lectures Exercises OTC Study and Research Other classes
2 2 1
Methods of teaching Lectures, excersises with demos in computer lab, lab excersises, seminars
Knowledge score (maximum points 100)
Pre obligations Points Final exam Points
Activites during lectures Test paper 40
Practical lessons 40 Oral examination
Projects
Colloquia
Seminars 20