FI:PV280 Network Forensics - Course Information
PV280 Network Forensics
Faculty of InformaticsSpring 2023
- Extent and Intensity
- 1/1/0. 2 credit(s) (plus extra credits for completion). Type of Completion: zk (examination).
- Teacher(s)
- RNDr. Milan Čermák, Ph.D. (lecturer), prof. RNDr. Tomáš Pitner, Ph.D. (deputy)
RNDr. Petr Velan, Ph.D. (lecturer) - Guaranteed by
- prof. RNDr. Tomáš Pitner, Ph.D.
Department of Computer Systems and Communications – Faculty of Informatics
Supplier department: Department of Computer Systems and Communications – Faculty of Informatics - Timetable
- Thu 16. 2. to Thu 11. 5. Thu 12:00–13:50 S108
- Prerequisites (in Czech)
- ! J012 Digital Forensics && PB156 Computer Networks && PV004 UNIX
- Course Enrolment Limitations
- The course is offered to students of any study field.
The capacity limit for the course is 24 student(s).
Current registration and enrolment status: enrolled: 1/24, only registered: 0/24, only registered with preference (fields directly associated with the programme): 0/24 - Course objectives
- The course teaches students to monitor network traffic using raw packet capture and network flows. Students will be able to analyze obtained data to detect malicious behavior and network attacks. They will learn how to explore unknown networks and their services and assess their vulnerabilities.
- Learning outcomes
- At the end of the course, the students will be able to:
• capture and analyze network traffic,
• understand network flow monitoring and be able to deploy it on a network,
• analyze flow records and extract information related to events and incidents in the monitored network,
• understand network attacks and their detection in traffic,
• analyze unknown network infrastructure and gain information about potential vulnerabilities. - Syllabus
- Introduction to network forensics;
- Host-side artifacts;
- Packet capture and analysis;
- Network flow capture and analysis;
- Encrypted and tunneled traffic;
- Network attacks and anomalies;
- Intrusion detection systems;
- Firewall and application logs;
- Network scanning;
- Advanced network data analysis.
- Literature
- MESSIER, Ric. Network forensics. Indianapolis, IN: Wiley, 2017, xxiv, 331. ISBN 9781119328285. info
- SANDERS, Chris. Practical packet analysis : using Wireshark to solve real-world network problems. 3rd edition. San Francisco: No Starch Press, 2017, xxi, 345. ISBN 9781593278021. info
- COLLINS, Michael. Network security through data analysis : from data to action. Second edition. Beijing: O'Reilly Media, 2017, xxii, 401. ISBN 9781491962848. info
- Teaching methods
- Hands-on seminars and homework assignments.
- Assessment methods
- Homework assignments during the semester (at least 60 % of all points is required).
Examination: practical assignment and follow-up discussion. - Language of instruction
- English
- Further Comments
- Study Materials
The course is taught annually.
- Enrolment Statistics (Spring 2023, recent)
- Permalink: https://is.muni.cz/course/fi/spring2023/PV280