Course modules


DEVELOPMENT TEAMS

1. Course module “Adv. Network & Cloud security”

  • Igor Ushakov (course module leader)/  SUT, Russia
  • Oleksa Skorokhoda/ LPU, Ukraine
  • Igor Kotenko/ SPIIRAS, Russia
  • Andrey Krasov/ SUT, Russia

Purpose of the course
The purpose of the course is to provide knowledge in modern methods of protecting networks and cloud systems. The students will obtain practical skills in deep packet inspection systems,firewalls, access control methods of protection, software- defined networks, cloud security principles, IT service management.

Relevance of the course
The course is aimed to provide students with the skills of how to protect against network attacks such as man-in-the-middle, port scanning, spoofing, DDOS attacks.

 

2. Course module “Wireless & Mobile security”

  • Artom Marchuk (course module leader)/ KHNURE, Ukraine
  • Daniil Kirillov/ SUT, Russia

Purpose of the course

The purpose of the course is to provide knowledge in security architecture of wireless communication systems, information threats, vulnerabilities and protection abilities in wireless networks. The students will obtain practical skills in penetration testing of wireless networks and using various protection methods.

Relevance of the course
The course is aimed to provide students with the skills of information threats analysis and information security improving in wireless networks. Students are able to use state-of-the-art technologies and protocols of wireless network security; to identify and investigate both early and contemporary threats to mobile and wireless networks security; to apply proactive and defensive measures to deter and repel potential threats, attacks and intrusions; to develop an understanding of security architecture issues towards 4G.

 

3. Course module “Secure software development”

  • Ievgen Duravkin (course module leader)/ KHNURE, Ukraine
  • Tomasz Surmacz/ WrUT, Poland
  • Alexander Lukyanov/ YSU, Russia

Purpose of the course
The purpose of the course is to teach students about the process of developing software which is secure, reliable and easy to maintain. The whole System/Software Development Life Cycle process will be described in detail with special attention given to security issues of software development process. Common programming errors and typical vulnerabilities will be discussed as well as testing techniques. Highlevel approach will be also included,
focusing on various stages of SDLC, such as software specification, development, testing and maintenance. Labs accompanying the lectures will give students opportunity to test their newly gained knowledge in practice. The course is addressed to students who may become programmers/system developers in future, as well as those, who will not develop the software by themselves, but rather manage the process as team leaders or managers.

Relevance of the course
The computer software developed currently becomes more and more networked and accessible through different hardware platforms. The shift from a selfcontained programs to a clientserver model or a webbased queryresponse programming requires even more strict standards for proper programming techniques to maintain the required level of reliability and security of the final result. This applies not only to software related to security issues, but also to commonly used applications. Inadequate programmer experience or lack of foresight in some seemingly unrelated simple functions may have major consequences to the overall system security by making the application vulnerable to various kinds of network attacks and exploit scripts.

4. Course module “Malware”

  • Alexander Adamov (course module leader)/ KHNURE, Ukraine
  • Volodymyr Obrizan/ KHNURE, Ukraine
  • Dmitry Komashinskiy/ SPIIRAS, Russia
  • Katja-Verena Koenncke/ BKA, Germany

Purpose of the course
The purpose of the course is to provide knowledge in malware analysis for Windows, Android and iOS platforms. The students will obtain practical skills in reverse engineering as well, as in static and dynamic analysis of malicious applications designed for both: ARM and x86 architectures.

Relevance of the course
The course is aimed to provide students with the skills of real-world threats analysis as the majority of modern cyber attacks are performed using malware or, so called, “cyber weapon”. Nowadays, an analysis of such threats requires a special type of education, practically oriented in malware and antivirus technologies.

5. Course module “Web security”

  • Victor Petrikin (course module leader)/ KSTU, Russia
  • Yuriy Lakh/ LPU, Ukraine
  • Farit Muzipov/ PEIS, Russia
  • Iryna Sokolianska/ BTH, Sweden

Purpose of the course

The purpose of the course is to provide knowledge in Web security. The students will obtain practical skills in architecture of web applications protocols, vulnerability databasessecurity aspects of PHP, JavaScripts, SQL languages, web authentication mechanisms and techniques for authentication bypass, attacks modeling and risks evaluation, IDS and IPS systems.

Relevance of the course
Modern web-resources have become an integral part of the information assets of the absolute majority of today’s organizations, regardless of what they do. Web applications more other assets susceptible to security threats because available from the Internet at the same time users and hackers. The relevance of protecting Web applications only growing because develop and improve methods and techniques for hacking attacks. Ensuring an adequate level of protection of web-based systems requires highly skilled developers in the field of information security.

6. Course module “Pentest and ethical hacking”

  • Alexander Dorofeev (course module leader)/ TCE, Russia
  • Andrian Piskozub/ LPU, Ukraine

Purpose of the course
Ethical hacking or penetration testing is a process of attempting to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.
This course should go in-depth into the techniques used by malicious, black hat hackers with attention getting lectures and hands-on lab exercises. While these hacking skills can be used for malicious purposes, this class should teach students how to use the same hacking techniques and tools to perform an ethical hacking for any organization.
The purpose of this course is to help students master a repeatable, documentable penetration testing methodology that can be used in an ethical penetration testing

 

7. Course module “Digital forensic”

  • Benjamin Dorsch (course module leader)/ BKA, Germany
  • Andrey Chechulin/ SPIIRAS, Russia
  • Andreas Kuehn/ BKA, Germany
  • Cemil Yesil/ PP Westhessen, Germany
  • Victor Völzow/ Policeacademie Hessen, Germany
  • Dr. Martin Mink/ Policeacademie Hessen, Germany

Purpose of the course
The purpose of the course is to provide knowledge in digital forensic. The students will obtain practical skills in general evidence collection process and forensic tools usage. Also, during this course the students will apply and enhance their knowledge of the operation systems, network interactions, hardware, etc.

Relevance of the course
The course is aimed to provide students with the skills of real-world cases investigation by various aspects of digital forensic. Nowadays an analysis of such cases requires a special knowledge in both theoretical and practical areas of operation systems architecture, security software, network services, hardware analysis, etc. The presence of such kind of experience will help the students in their future life not only if they work in digital forensic area, but for preventing the traces from unpremeditated damage for their further analysis by forensic specialists.

8. Course module for teachers “Remote security Lab”

  • Leo Truksans (course module leader)/ UOL, Latvia
  • Kaspars Krampis/ UOL, Latvia
  • Liubov Demchenko/ KHNURE, Ukraine
  • Vida Ahmadi/ BTH, Sweden

Purpose of the course

The purpose of the course is to provide knowledge in Cloud based Remote Security Labs.  During this course the teachers and students have a remotely accessible laboratory supporting advanced security exercises and training. In the laboratory, students will be able to experiment with insecure protocols, software vulnerabilities and other harmful software, e.g. viruses, in a safe and isolated environment.

Relevance of the course

The course is aimed to provide students training material to educate future generation of Cyber security experts. The ReSeLa takes advantage of recent advancements in distributed computing, e.g., Cloud Computing, such as Open Stack. Earlier examples include Emulab, Planet-lab, and GENI. The course bases of Software Defined Network technologies and principles to create objects and Virtual Machines (VMs) to simulate OS or Services.