PB177 Cyber Attacks

Faculty of Informatics
Autumn 2024
Extent and Intensity
1/1/1. 3 credit(s) (plus extra credits for completion). Type of Completion: zk (examination).
In-person direct teaching
Teacher(s)
doc. RNDr. Jan Vykopal, Ph.D. (lecturer)
doc. Ing. Pavel Čeleda, Ph.D. (lecturer)
Mgr. Ádám Ruman (assistant)
Bc. Petr Hanák (assistant)
Bc. Michal Krejčíř (assistant)
Guaranteed by
doc. RNDr. Jan Vykopal, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics
Timetable
Tue 24. 9. to Tue 17. 12. Tue 10:00–10:50 A318
  • Timetable of Seminar Groups:
PB177/01: Tue 1. 10. to Tue 10. 12. each even Tuesday 12:00–13:50 A219, P. Čeleda, J. Vykopal
PB177/02: Tue 1. 10. to Tue 10. 12. each even Tuesday 14:00–15:50 A219, P. Čeleda, J. Vykopal
PB177/03: Tue 24. 9. to Tue 17. 12. each odd Tuesday 12:00–13:50 A219, P. Čeleda, J. Vykopal
PB177/04: Tue 24. 9. to Tue 17. 12. each odd Tuesday 14:00–15:50 A219, P. Čeleda, J. Vykopal
Prerequisites (in Czech)
PB156 Computer Networks && PV004 UNIX && ! PV276 Seminar on Cyber Attacks
Course Enrolment Limitations
The course is also offered to the students of the fields other than those the course is directly associated with.
The capacity limit for the course is 60 student(s).
Current registration and enrolment status: enrolled: 73/60, only registered: 7/60, only registered with preference (fields directly associated with the programme): 3/60
fields of study / plans the course is directly associated with
Course objectives
Introduce students to the lifecycle of cyber attacks and typical attack actions within the corporate network environment, including their taxonomies. Practice executing attacks and explore options for their analysis and defense in a secure environment.
Learning outcomes
Upon completion of the course, students should be able to:
  • describe the lifecycle of a cyber attack,
  • understand frameworks and taxonomies of attack actions,
  • practically execute selected actions, analyze them, and defend against them.
  • Syllabus
    • Weakness, vulnerability, threat, event, attack, incident.
    • Lifecycle of cyber attacks, MITRE ATT&CK® framework, and Cyber Kill Chain. Advanced Persistent Threat (APT). MITRE D3FEND™ and MITRE ENGAGE™.
    • Use cases of the MITRE ATT&CK® framework.
    • Typical attack techniques within the MITRE ATT&CK® framework.
    • Demonstration of a simple attack utilizing multiple attack techniques.
    • Analysis of the attack from a defender's perspective and defense possibilities against a simple host-level and network-level attack. Utilization of the MITRE D3FEND™ framework.
    • Attacks and campaigns by organized groups utilizing APT.
    • Demonstration of an APT-style attack./
    • Analysis of the attack from a defender's perspective and defense possibilities against an APT-style attack. Utilization of the MITRE D3FEND™ framework.
    • Penetration testing. Vulnerability management.
    Literature
    • Lockheed Martin. Cyber Kill Chain®. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
    • MITRE ENGAGE™. https://engage.mitre.org.
    • MITRE D3FEND™. https://d3fend.mitre.org.
    • MITRE ATT&CK Matrix for Enterprise. https://attack.mitre.org.
    Teaching methods
    Lecture. Hand-on labs in a virtual environment. Homework assignments.
    Assessment methods
    Quizzes at the beginning of the lab sessions, homework assignments during a semester, and hands-on exam in a virtual environment.
    Language of instruction
    Czech
    Follow-Up Courses
    Further comments (probably available only in Czech)
    Study Materials
    The course is taught annually.
    Listed among pre-requisites of other courses
    Teacher's information
    All course materials and assignments are primarily in English, but the course is taught in Czech.

    • Enrolment Statistics (recent)
    • Permalink: https://is.muni.cz/course/fi/autumn2024/PB177