Study

Computing

Computer Security

  • Class 45
  • Practice 5
  • Independent work 70
Total 120

Course title

Computer Security

Lecture type

Obligatory

Course code

183503

Semester

6

ECTS

4

Lecturers and associates

Course objectives

Confidentiality, integrity, and availability (CIA); Concepts of risk, threats, vulnerabilities, and attack vectors.
Authentication and authorization, access control (mandatory vs. discretionary); Concept of trust and trustworthiness.
Attacker goals, capabilities, and motivations (e.g., underground economy, digital espionage, cyberwarfare, insider threats, hacktivism, advanced persistent threats); Examples of malware (e.g., viruses, worms, spyware, botnets, Trojan horses or rootkits); Denial of Service (DoS) and Distributed Denial of Service (DDoS).
Control hijacking attacks; Injection attacks; Social engineering (e.g., phishing).
Attacks on privacy and anonymity; Malware/unwanted communication such as covert channels and steganography.
Perfect secrecy and one-time pad; Basic Cryptography Terminology covering notions pertaining to the different (communication) partners, secure/unsecure channel, attackers and their capabilities, encryption, decryption, keys and their characteristics, signatures; Cipher types (e.g., Caesar cipher, affine cipher) together with typical attack methods such as frequency analysis; Block ciphers and modes of operation.
Message integrity and hashing; Public Key Infrastructure support for digital signature and encryption and its challenges; Authenticated key exchange protocols, e.g., TLS.
Midterm exam.
Protection of computers and networks; Types of threats and attacks (e.g., denial of service, spoofing, sniffing and traffic redirection, man-in-the-middle, message integrity attacks, routing attacks, and traffic analysis), levels of defense; Case studies focused on vulnerabilities of Internet protocols and applications; Protection methods on the network layer; TCP/IP protocol stack security: network and transport layer; Protocol vulnerabilities and attacks.
Firewall: traffic filtering; Firewall architectures; Network address translation (NAT); Techniques and tools for vulnerability scaning; Intrusion detection systems; Host-based, network-based approaches, and hybrid approaches; Virtual private networks (VPNs): security protocols, design, and advantages and disadvantages of various models.
Defense mechanisms and countermeasures (e.g., network monitoring, intrusion detection, firewalls, spoofing and DoS protection, honeypots, tracebacks); Input validation and data sanitization.
Choice of programming language and type-safe languages; Examples of input validation and data sanitization errors (Buffer overflow, integer errors, SQL injection, XSS).
Operating system support (e.g., address space randomization, canaries).
Basic principles and methodologies for digital forensics.
Final exam.

Required reading

(.), L. Budin, M. Golub, D. Jakobović, L. Jelenković. Operacijski sustavi. Izdavač Element. Prvo izdanje 2010, drugo izdanje 2011, treće izdanje 2013. ISBN 978-953-197-610-7.,
(.), Hal Tipton, Mickie Krause, Consulting Editors, Information Security Management Handbook, CRC Press LLC, ISBN: 0849374952, 6. izdanje 2007.,

Minimal learning outcomes

  • Explain basic terms and concepts in computer security
  • Describe types of security threats and attacks and most common defense mechanisms
  • Describe the properties of most common cryptographic primitives
  • Explain the role of the public key infrastructure and the TLS protocol
  • Apply basic concepts of defensive programming
  • Describe basic principles of digital forensics
  • Implement an simple exploit of a vulnerable system
SHARE : Facebook Twitter