Internet is a paradise for cybercriminals. In many cases attacker can break into poorly configured systems without even being noticed. Malware/ransomware, extortion through denial-of-service, and data breaches/theft can cause major havoc. This course looks at the resources that the security engineer and network administrator have available to detect, understand and resolve security incidents. This includes studying threats by performing cyber attacks on lab environments. After analyzing the causes of a successful break-in, solutions will be discussed, both on a design and implementation level.

The course will discuss the following topics in detail:

• Intrusion Detection Systems
• Network Security
• Physical Security
• Database Security
• Application Security
• Web Application Security
• Side Channels and Fault Injection

Students will obtain insight and skills in the subject of practical IT security, further improving reporting and presentation skills.

• Good understanding of TCP/IP and common applications (DNS/Email/Web)
• Basic understanding of Operating Systems and Computer Architecture
• Good understanding of Python/Bash, the GNU/Linux ecosystem and administration

Information about procedures can be found here.

• Two days of two hour lectures and four hours practical lab exercises for the first four weeks.
• The final four weeks will be spent on a Project of the student's choosing in which students demonstrate their insight into offensive technologies.

Lecture notes, online material and books.

The schedule for this course is published on DataNose.

Results of project: report (67%) and presentation (33%).