- HOME
- UNIVERSITY
- STUDIES
- ERASMUS
- SERVICES
- NEWS
- DOCUMENTS
- Statute of KPU
- Internationalisation Strategy
- Mobility Strategy
- Rulebook on Mobility
- Code of Academic Integrity for Students
- Recognition of Foreign HE Documents
- Rulebook on Enrolment
- Rulebook on Scientific Research Projects
- Rulebook on Disciplinary
- Rulebook on Safety & Health
- Rulebook on Student Parliament
- Library Rules and Regulations
- Conferment of Titles of Teachers
|
|
THE UNIVERSITY OF CRIMINAL INVESTIGATION AND POLICE STUDIES |
|||||
|
MASTER ACADEMIC STUDIES INFORMATION TECHNOLOGY |
||||||
|
Course: |
Network Intrusion Detection |
|||||
|
Course Code: 11.162 |
||||||
|
ECTS: 6 |
||||||
|
Course Status: |
Elective |
|||||
|
Number of Effective Classes (Per Week): 2 + 2 + 1 |
||||||
|
Theoretical Education: |
Practical Training: |
Research Study Project: |
||||
|
2 |
2 |
1 |
||||
|
Prerequisite/s: None |
||||||
|
Educational Objective: The objective of this course is to provide a detailed overview of the science and principles of network intrusion detection. The subject includes methodologies, techniques and tools for tracking events in a computer system or network, with the aim of preventing and detecting unwanted process activities, as well as the recovery from malicious behavior directed to the computer network. |
||||||
|
Projected Outcome: Acquiring comprehensive knowledge of the detection of various types of intrusions into the computer network, understanding the current situation in investigating the detection of network intrusions, training for the use of principles and techniques used in the detection of intrusions, and also for technical challenges and basic limitations in this area. In addition to this, the subject has the result in preparation of the student to become capable practitioner or independent researcher in the field of detection of intrusions. |
||||||
|
Course Contents/Structure Theoretical education: Overview of intrusions, history and current state of research in the subject area, Principles and techniques of intrusion detection, including signature-based techniques and detection of anomalies, Types and architecture of the intrusion detection systems, Limitations and open problems in detecting attacks on the network, Continuous advanced threats and defences against malicious intrusions, Case studies of the system for detecting intrusions over real threats and malware. Practical training: Practical introduction to tools for analysis and network environment protection in case of DoS, Windows and Linux operating systems. Work with available tools: Spade, Snort, Tcptrack, Nagios, Prelude and others. |
||||||
|
Teaching Methods: lectures, exercises, laboratory exercises, projects, colloquiums, consultations, seminary papers, examination (practical and theoretical). |
||||||
|
Assessment (Maximum Number of Points: 100) |
||||||
|
Pre-Exam Obligations |
No. of Points |
Final Examination |
No. of Points |
|||
|
Active participation in classes |
10 |
Examination |
50 |
|||
|
Practical teaching |
20 |
|
|
|||
|
Seminary paper |
20 |
|
|
|||
|
Textbook/s |
||||||
|
1. Pleskonjić Dragan (et al.). Sigurnost računarskih sistema i mreža, Beograd: Mikro knjiga, 2007. 2. Kumar, V.; Srivastava, J.; Lazarević, A. eds. Managing Cyber Threats: issues, approaches and challenges, New York: Springer, 2005. 3. SANS Institute: SANS Institute - Intrusion Detection FAQ, http://www.sans.org/resources/idfaq/ 4. McClure, S. ; Scambray, J. ; Kurtz, G.: Hakerske tajne : zaštita mrežnih sistema, Beograd : Mikro knjiga, 2006. 5. Mitnick, K.D.; Simon, W.L.: Umeće provale : istinite priče o poduhvatima hakera, uljeza i prevaranta, Beograd : Mikro knjiga, 2005. 6. Carter, Earl; Hogue, Jonathan: Intrusion prevention fundamentals, Indianapolis, IN : Cisco Press, 2006. |
||||||
