Educational Objective: The primary objective of the subject is to define and explain concepts from the domain of detection in computer infrastructure, security, various forms of threats and attacks on computer network. The secondary objective of the course is to help in understanding intrusion detection systems, various technologies in design, implementation, configuration, network monitoring and maintenance of these systems. The course includes methodologies, techniques and tools for tracking events in a computer system, or network, in order to prevent and detect unwanted process activities, as well as to recover from malicious behavior aimed at the computer network. The implementation of intrusion detection systems in the protection of the telecommunication infrastructure of the police.
|
Course Contents/Structure
Theoretical education: Intrusion detection systems - definition, role, categorization, architecture, application in different network topologies. Implementation of adequate tools. Licensed and open source tools. Limitations and open problems in the detection of attacks on the network. Permanent advanced threats and defenses against malicious intrusions. Case studies of the intrusion detection system over real threats and malware. Police information systems.
Practical training: Practical introduction with tools for performance analysis and network environment protection for different operating systems. Work with available tools: Spade, Snort, Tcptrack, Nagios, Prelude and others.
|
1. Edited by Vipin Kumar, Jaideep Srivastava, Aleksandar Lazarević: Managing Cyber Threats : issues, approaches and challenges, New York : Springer, 2011.
2. Pleskonjić, D. [et al.]: Sigurnost računarskih sistema i mreža, Beograd : Mikro knjiga, 2007.
3. James F. Kurose, Keith W. Ross: Umrežavanje računara : od vrha ka dnu, Beograd : Računarski fakultet :CET, 2014.
4. K. Scarfone; P. Mell: NIST Special Publication 800-94 : Guide to Intrusion Detection and Prevention Systems (IDPS), Recommendations of the National Institute of Standards and Technology, Gaithersburg : Computer Security Division, National Institute of Standards and Technology, 2007.
5. F. Gong: Deciphering detection techniques : Part II. Anomaly – based intrusion detection, Mcafee Network Security Tehnologies Group, 2003.
|