13M111ZRM - Advanced Network and System Security
Course specification | ||||
---|---|---|---|---|
Course title | Advanced Network and System Security | |||
Acronym | 13M111ZRM | |||
Study programme | Electrical Engineering and Computing | |||
Module | ||||
Type of study | master academic studies | |||
Lecturer (for classes) | ||||
Lecturer/Associate (for practice) | ||||
Lecturer/Associate (for OTC) | ||||
ESPB | 6.0 | Status | elective | |
Condition | Computer Security, Operating Systems, Computer Networks | |||
The goal | Introducing students to the field of computer system and network intrusion and attack detection and prevention. Teaching students for the work in the field of computer system and network security. Ethical hacking and penetration testing. Understanding key threats and attack vectors on computer and software systems. Practical work on multiple contemporary tools for attack detection and analysis. | |||
The outcome | Students who complete this course will be able to: * understand the methodology of the attacks and intrusions to computer systems and networks * know various types of attack on computer systems and networks * actively use tools for the detection and analysis of the threats and attacks * perform ethical intrusions into the computer systems and networks as a way to analyse system vulnerability | |||
Contents | ||||
URL to the subject page | https://rti.etf.bg.ac.rs/rti/ms1zrm/ | |||
Contents of lectures | Attacks on computer systems and networks: methodology and phases. Reconnaissance, scanning, enumeration of the computer system and network data. Social engineering. IP, ARP, DNS, BGP attacks, DoS and botnets. Malware, password guessing, SQLi, XSS, OS vulnerability. Tools for system protection: ACL, firewalls, IDS/IPS, honeypot. Anonymity, Tor. Mobile device security. Web frauds. Ethical hacking. | |||
Contents of exercises | Computer system and network reconnaisance, packet and communication session analysis. Network attacks (ARP spoofing, DNS spoofing and other). Computer systems attack (SQL injection, cross site scripting, Eternal Blue, and other). Network security (packet filters, firewalls, honeypot). Log analysis and SIEM. DoS protection. Penetration testing and ethical hacking. | |||
Literature | ||||
| ||||
Number of hours per week during the semester/trimester/year | ||||
Lectures | Exercises | OTC | Study and Research | Other classes |
2 | 2 | 1 | ||
Methods of teaching | Lectures, excersises with demos in computer lab, lab excersises, seminars | |||
Knowledge score (maximum points 100) | ||||
Pre obligations | Points | Final exam | Points | |
Activites during lectures | Test paper | 40 | ||
Practical lessons | 40 | Oral examination | ||
Projects | ||||
Colloquia | ||||
Seminars | 20 |