# Computer Security (1801T042)

Abbreviations

p-sz - obligatory module of common theoretical basis, obligatory for all specialisations,
pv-ob - elective branch module, obligatory for selected branches,
pv-za - elective specialisation module, obligatory for selected specialisations,
p-hu - obligatory humanity module,
p-em - obligatory economical-management module,
p-pr - obligatory project,
pv-hu - elective humanity module,
v - elective module.

 module (abbreviation) dimension completion type of module lecturer recom. year Statistics for Informatics ( MIE-SPI ) 4+1 z,zk p-sz Blažek, Ph.D. 1. Parallel Computer Architectures ( MIE-PAR ) 3+1 z,zk p-sz prof. Tvrdík 1. Systems Theory ( MIE-TES ) 2+1 z,zk p-sz prof. Moos 1. Modern Internet Technologies ( MIE-MTI ) 2+1 z,zk pv-ob Navrátil, CSc. 1. Advanced Cryptology ( MIE-KRY ) 2+1 z,zk pv-ob doc. Lórencz 1. Cybernality ( MIE-KYB ) 2+0 zk p-hu doc. Jirovský 1. Mathematics for Informatics ( MIE-MPI ) 4+1 z,zk p-sz doc. Šolcová 1. Arithmetics and Codes ( MIE-AAK ) 2+1 z,zk pv-ob doc. Pluháček 1. Code Generators ( MIE-GEN ) 2+1 z,zk pv-ob Janoušek, Ph.D. 1. Security and Hardware ( MIE-BHW ) 2+1 z,zk pv-ob Dr.-Ing. Novotný 1. elective module 2+1 z,zk v 1. elective module 2+1 z,zk v 1. Project Management ( MIE-PRM ) 1+2 z p-em Vala 1. Problems and Algorithms ( MIE-PAA ) 3+1 z,zk pv-ob Schmidt, Ph.D. 2. Security and Secure Programming ( MIE-BPR ) 2+1 z,zk pv-ob doc. Lórencz 2. Network Security ( MIE-SIB ) 2+1 z,zk pv-ob Blažek, Ph.D. 2. Master Project( MIE-MPR ) z p-pr 2. elective module 2+1 z,zk v 2. elective module 2+1 z,zk v 2. Information Security ( MIE-IBE ) 2+0 zk p-em Čermák, CSc. 2. elective module 2+1 z,zk v 2. IT Support to Business and CIO Role ( MIE-CIO ) 3+0 zk p-em prof. Dohnal 2. obligatory humanity module zk pv-hu 2. Master Thesis (MIE-DIP) z p-pr 2.

## MIE-AAK - Arithmetics and Codes

### Annotation

Circuits realizing arithmetic operations belong to fundamental components of computers and digital devices in general. In the module, algorithms for basic and advanced arithmetic operations (including elementary mathematical funcions) will be presented that are suitable especially to be implemented using logic circuits. The goal is to present various ways to detect or correct individual errors and burst errors in data stored into memories or transmitted via channels.

### Lectures Program

1. Standard number systems and negative number representations.
2. Nonstandard number systems.
3. Addition, subtraction, and carry acceleration.
4. Multiplication.
5. Division.
6. Floating point.
7. Evaluating elementary functions.
8. Linear codes.
9. Cyclic codes.
10. The RM a BCH codes.
11. Burst error correction.
12. Convolution codes and turbo codes.
13. Error coding for arithmetic.

## MIE-BHW - Security and Hardware

### Annotation

The module introduces students into the area of security of computer systems using hardware and provides knowledge needed for analysis and design of computer system security.

### Lectures Program

1. Security HW modules - cryptographic accelerators, random number generators, DRM support.
2. HW support for authentication and identification - smart cards, tokens, RFID.
3. HW means for physical parameter measurement - biometrics.
4. Side-channels - technology and architecture influence, fault security.
5. System tamper resistance - physical parameter monitors, trusted platforms, secure interconnection.
6. Input and ouput security, storage security.

## MIE-BPR - Security and Secure Programming

### Annotation

The aim of the module is to teach the students to take into account the security aspects already in the design phase of their own software applications and solutions. Students will start with theoretical modeling of security threats, and move on to practical exercises with C programs. They will learn to determine the minimal privileges for a program to run. They will also learn to secure data, data communication, remote procedure calls, and websites.

### Lectures Program

1. Introduction to secure programming, current security trends.
2. Threat modeling.
3. Security at the memory hierarchy level.
4. Writing secure code in C.
5. Security levels, Access Control Lists (ACL).
6. Running a program with low privileges.
7. Data security and integrity.
8. Data input, canonical representation, and security.
9. Security of databases.
10. Web, internationalization, and security.
11. Security of sockets and RPC.
12. Defence against Denial of Service attacks.
13. Recap of rules for writing secure code.

## MIE-CIO - IT Support to Business and CIO Role

### Annotation

Students are introduced to the trends and challenges of ICT management. The module is focused on ICT support for the company business. Students are introduced to the importance of communication with business that will be illustrated on CRM.

### Lectures Program

1. Introduction. IT trends and business support. CIO and CEO relationship. ICT Management (categorization, management models, services, processes).
2. CIO role, responsibility. CIO Decision Cycle (business goals, innovation, strategy, plan, execution, measurement).
3. The value chain and ICT support. Marketing and selling processes, business cycle.
4. CIO priorities: Team management. Understanding of the business environment. ICT vision. Shape ICT demand and communicate expectations. IT Governance.
5. CIO priorities: Bring business and ICT strategies together. Communication of the ICT value to business. Risk Management.
6. CIO priorities: Creation of a new ICT. Change in the profile of ICT people. ICT competencies (technical, business, behavioral).
7. ICT business cases on workforce (time management, meeting management, delegation).
8. ICT business cases on workforce (appraisal, coaching, mentor, mentee).
9. CRM as an example of ICT support of business processes. CRM and enterprise culture.
10. CRM processes.
11. CRM Technology. CRM innovation and the role of ICT.
12. Specific tasks of ICT management (sourcing, cost cutting).
13. Invited lecturer – CIO of a selected company, discussion.

## MIE-GEN - Code Generators

### Annotation

The aim of the module is to complete the education in the field of compiling and compilers. Basic principles of compiler back-end construction, optimization and generation of code are explained.

### Lectures Program

1. Overview of constructs of programming languages.
2. Basic notions: types, variables, type compatibility and dynamic data structures.
3. Basic notions: activation record, calling conventions.
4. Internal forms.
5. Direct code generation, AST $\to$ DAG $\to$ BB.
6. DAG analysis, BB, dependencies and antidependencies.
7. Register allocation, memory allocation (static, on the stack).
8. Intermediate code optimization.
9. Code generator, instruction selection.
10. Translation of a stack-based language into the native HW, HW dependent optimizations.
11. Modules and separate compilation.
12. Support for debugging.
13. Code generators for object-oriented programming languages.

## MIE-IBE - Information Security

### Annotation

The field of information security governance in modern organizations and companies is of growing importance. The module is to provide students a good overview of methods and standards for informstion security. The aim of the module is to let the students understand the importance of information security governance, to provide them sufficient arguments for the support of ISMS implementation process and for successfull implementation and/or management of ISMS.

### Lectures Program

1. Management, management and governance, IT management.
2. Information security management system, IS/ICT governance, international standards on IS/ICT security, legislation in the Czech Republic.
3. Risk management.
4. Physical security, access control system, information resource valuation, internal and external threats, evaluation of countermeasures,
6. Disaster recovery planning, business continuity management, incident management,
7. IS/IT audits, application security testing, penetration testing, certifications.
8. Certification according ISO 27001, Best practises (ISO 17999),
9. Information security trends.

### Annotation

The goal of this module is to familiarize students with the basics of cryptanalysis and its use in the development of secure applications. Students will also know the latest security trends in the area of applied cryptography.

### Lectures Program

1. Mathematical fundamentals of cryptanalysis of cyphers.
2. Random number generators.
3. Symmetric cryptography (block and stream encryption).
4. Asymmetric cryptography.
5. Unidirectional functions, hash functions.
6. Implementation of individual protocols.
7. Linear cryptanalysis.
8. Differential cryptanalysis.
9. Algebraic cryptanalysis.
10. Eliptic curves and their properties.
11. [2] Algorithms and cryptosystems based on elliptic curves.
12. Quantum computing and cryptography.

## MIE-KYB - Cybernality

### Annotation

The goal of this module is to provide knowledge of cyberspace attacks, systems for their monitoring and analysis, and an overview of a corresponding legislative. It also familiarizes students with principles of network attacks and means how to defend against them at the organization level.

### Lectures Program

1. Basic leslative norms relevant for operation of computer systems and networks, basic notions.
2. Classification of attacks.
3. Systems for computer network operation monitoring.
4. Cybernetic attacks, psychologic and social aspects of a cybernetic attack, life cycle of exploiting the system weaknesses.
5. Hackers - hacker comunity, types and motivations of the hacker behaviour.
6. Cyberterorism, its demonstration and methods.
7. Principles of infoware, the role of intelligent agents, strategic information warfare.
8. Principles of attacks on the web, trends of attacks and attackers, phases of an attack, coordination and management of an attack.
9. Basic types of attacks - DoS, forged node, manipulation with address sequences.

## MIE-MPI - Mathematics for Informatics

### Annotation

Mathematics as a language for description of the world is a key discipline for an informatics engineer. The aim of this module is introduce students to the relevant parts of modern mathematics that form the theoretical background of many informatics disciplines.

### Lectures Program

1. [2] Universal algebra: groups, finite groups, Cayley tables, group types, permutation, alternating, cyclic, and symmetry groups, normal subgroups.
2. Finite fields, prime order of field, rings and their properties, integral domain, ideal. Lattices.
3. Introduction to category theory, classes of objects, classes of morphisms and its properties, examples of categories: grupoid, category of all lattices, category of all commutative groups, category of all integral domains, category of all relations. Homomorphisms.
4. Selected problems of graph theory, types of Hamiltonian problems. Algebraic solutions of combinatorial problems, Polya enumeration theorem.
5. Algebra and algorithms (Algorithms for calculations of polynom roots - Newton' method, Lehmer-Schur's method, etc.).
6. Convex sets, convex hull, pure convex set, theorem on partition of convex sets, Minkowski theorem on projection.
7. Selected problems of number theory, quadratic congruence, Gauss algorithms. Special primes - factorial, palindromic, cyclic, Gauss', Eisenstein's primes. Examples of applications.
8. Properties of Fermat primes, Little Fermat Theorem, primality tests, Pépin test, number theory and geometry, constructability of polygons.
9. Selected numerical methods, Lagrange and Hermite interpolation, numerical integration, numerical solution of ordinary differential equations, calculating of eigenvalues of matrices, methods of solving of linear equations systems.
10. Fast algorithms: multiplication, numerical searching of square roots, Fourier transformation, Fermat transformation.
11. Axiomatic systems and their properties, recursive functions, proofs in the axiomatic system, examples of axiomatic systems, Peano's arithmetics, von Neumann's model of numbers.
12. Special logics, multi-valued logics, modal logics, fuzzy logics.

## MIE-MTI - Modern Internet Technologies

### Annotation

The aim is to familiarize students with the principles, architectures, and technologies of modern communication and interconnection networks, computer network administration, and usage of important Internet applications. The module focusses on the issues of network design, optimal selection or setting of parameters for achieving maximum performance with respect to quantitative and qualitative requirements on data transfers. Attention is paid to the problems of real-time data transfers (multimedia communication, VoIP).

### Lectures Program

1. Drawbacks of the today's internet.
2. Optical networks: Basic technology and communication media characteristics, protocols, modulation methods for achieving higher rates (40, 100 Gbps).
3. Network virtualisation: MPLS, VLAN, tunnels, private networks, IPv4/IPv6 intersection.
4. Network management I: Network traffic monitoring.
5. Network management II: Security and access control, authorization, encryption.
6. Throughput and performance measurement methods.
7. Tools for traffic security analysis as a prevention against viruses spreading and other attacks.
8. Traffic management, traffic taxonomies, traffic policy in large networks, congestion control, scheduling algorithms, bandwidth reservation methods
9. VoIP and applications: H323, SIP, codecs, clients, software exchanges.
10. Multimedia transfers: video, IPTV, multicast, the RTP and RSV protocols, HDTV tranfers, 4K.
11. Experimental Networks and applications for Future Internet.
12. Context-oriented networks, multilayer application networks, access federalization.
13. Interconnects with low start-up latencies for grid applications and highly parallel systems. Solutions on the basis of TCP, Myrinet and Infiniband technologies.

## MIE-PAA - Problems and Algorithms

### Annotation

Many practical tasks are computationally infeasible. Students will learn to distinguish tasks where the complexity grows too fast with the task size from those which are undecidable independently of size. They will learn fast algorithms for exact and, primarily, approximate solution. Some of the more advanced ones are inspired by processes in nature and sometimes referred to as softcomputing. A series of homeworks will lead students from very simple tasks to applications of advanced heuristics on a practical problem.

### Lectures Program

1. Discrete optimization, examples of practical tasks. Combinatorial problems. Algorithm complexity, problem complexity.
2. State, state space, search space. Basic exact search methods.
3. Decidable problems. models of computation. The classes P and NP. Polynomial hierarchy. The classes PO and NPO.
4. The notion of completeness. Complexity comparison techniques. The classes NP-complete and NP-hard. The structure of NP and NPO.
5. Deterministic approximation algorithms. Classification of approximative problems. Pseudopolynomial algorithms. Randomization and randomized algorithms.
6. Practical deployment of heuristic and exact algorithms. Experimental evaluation.
7. Simple local heuristics in state space and search space.
8. Simulated annealing.
9. Simulated evolution: taxonomy, genetic algorithms.
10. Advanced genetic algorithms: competent GA, fast messy GA, the selfish gene method. Applications to multicriterial optimization.
11. Stochastic optimization: models and applications. Bayesian optimization.
12. Tabu search.
13. Global methods, taxonomy of decomposition-based methods. Exact and heuristic global methods, the Davis-Putnam procedure seen as a global method.

## MIE-PAR - Parallel Algorithms and Systems

### Annotation

The aim of the course is to provide students with the theoretical background for parallel algorithmization that lets them design and implement algorithms for parallel systems, from multicore systems and systems-on-chip to clusters, understand their behavior and estimate performance characteristics.

### Lectures Program

1. Performance characteristics of parallel computations.
2. Models of parallel systems with shared memory.
3. Interconnection networks of parallel computers.
4. Embeddings and simulations of interconnection networks.
5. Models for interprocessor communication and routing.
6. Collective communication algorithms.
7. Fundamental parallel algorithmics.
8. Parallel sorting algorithms.
9. Parallel algorithms for linear algebra.
10. Parallel combinatorial space search.

## MIE-PRM - Project Management

### Annotation

Project management and project thinking became an integral part of management of projects of all kinds (research, development, finances, engineering, etc.). Knowledge of this field takes an important places in the process of recruitment. The aim of this subject is to acquaint student with all of the aspects of project management, refer to the relatated areas, introduce most important methodologies of PM and prepade students for the basic certification of theoretical knowledge of PM (e.g., IPMA – D grade). The most common and important software tools used in project management will also be introduced.

### Lectures Program

1. Project management, project, process. Definition of project participants, aims, metrics, quantification, planning, budget.
2. Role of the project manager (presentation, levels of communication, duties). Life cycle and stages of a project.
4. Preparation and realization stages of a project. Operation and closure of a project.
5. Stabilization of a project, feedback, control mechanisms (methodical, contractual, or matter-of-fact supervision), risk management.
6. Contractual arrangement of a project, business negotations, quality of delivery (SLA, security), warranty.
7. Demand, definition of services, evaluation of proposals, the act of public contracts, evaluation criteria.
8. Financial control.
9. Project team management - human resources (roles, CIO, conducting a meeting, written records, tasks).
10. Management of large projects (by area, by volume). Multiproject enviroment (reporting, coordination).
11. Principles of methodology of poject management – Prince2, PMI. Quality management of project according to norms ISO 10006, ISO 9001.
12. Setting up project management to company (linear x project management, process management).
13. Particularities of project management of IS development.

## MIE-SIB - Network Security

### Annotation

The goal of the course is to teach the students basic security aspects of communication protocols in wired, optical, and wireless networks. Emphasis is put on detection and prevention of attacks on resources and informations systems in wired computer networks.

### Lectures Program

1. : Selected network protocols and their security aspects.
2. Basic cryptography for protection of communication protocols.
3. Technical and sociological methods of attacks on information networks and systems.
4. Technologies and systems for detection and prevention of network intrusions.
5. Monitoring of network traffic in high-speed networks.
6. Basic probabilistic aspects of modeling large-scale high-speed networks.
7. Realistic simulations of information networks.
8. Statistical methods for detection of network intrusions.

## MIE-SPI - Statistics for Informatics

### Annotation

The aim of the module is to provide an introduction to probability, information theory and stochastic processes. Furthermore, the module brings knowledge needed for data analysis and processing. It provides students with knowledge of computational methods and gets them acquainted with the use of statistical software.

### Lectures Program

1. Basics of Probability Theory: Probability Space, Definitions, Properties, Sigma-continuity, etc.
2. Basics of Probability Theory: Conditional Probability, Independence, Commented Examples
3. Basics of Probability Theory: Random Variables, Cumulative Distribution Function, Probability Density Function, Dependence, Random Vectors, Marginal and Joint Distribution
4. Basics of Probability Theory: Conditional Distribution, Conditional Expectation, Characteristics of Random Variables, Selected Examples of Probability Distributions
5. Basics of Probability Theory: Poisson Process, Simulation Methods, Generating Functions
6. Basics of Probability Theory: Strong Law of Large Numbers (SLLN), Central Limit Theorem (CLT), Large Deviations, Entropy
7. Discrete-time Markov Chains with Finite State Space: Basic Concepts, Irreducibility and Periodicity of States, Absorption Probability, Stopping Times
8. Discrete-time Markov Chains: Examples: Generalized Random Walk, Random Walk on a Graph, Gambler's Ruin, Coupon Collector
9. Discrete-time Markov Chains: Asymptotic Stationarity, Uniqueness and Existence of Stationary Distributions, Convergence
10. Discrete-time Markov Chains: Branching Processes, Birth & Death processes
11. Monte Carlo Methods: Markov Chain Monte Carlo (MCMC) – Basic Concepts and Examples
12. Monte Carlo Methods: Fast convergence of MCMC, Propp-Wilson Algorithm, Sandwiching, Simulated Annealing
13. Monte Carlo Methods: Monte Carlo Estimates, Monte Carlo Tests, Reduction of Variance
14. Stochastic Processes: Definition, Distribution Function, Characteristics of Stochastic Processes
15. Stochastic Processes: Characteristics and Classification of Stochastic Processes, Examples
16. Basics of Queueing Theory: Elements of Queueing Systems, Request Arrival Process, Queueing Policy, Service Policy, Kendall Notation
17. Stochastic Processes: Application of the Poisson Process to Model Arrivals in Queueing Systems
18. Stochastic Processes: Application of the Poisson Process in Queueing Theory
19. Stochastic Processes: Non-homogeneous Poisson Process, Spatial Poisson Process, M/G/infinity Queue
20. Continuous-time Markov Chains: Jump Rates, Timing Jumps by Poisson Process Arrivals, Kolmogorov Equations
21. Basics of Queueing Theory: M/M/m Queues, Queueing Systems
22. Basics of Queueing Theory: Open and Closed Queueing Systems
23. Bootstrap Methods: Properties of Bootstrap Approximations, Bootstrap Correction of Estimation Bias
24. Bootstrap Methods: Bootstrap Confidence Intervals, Permutation Bootstrap
25. Bootstrap Methods: Bootstrap Confidence Intervals for Parameters in Linear Regression
26. Estimation of Probability Density Functions: Histogram, Kernel Estimates, Maximum Likelihood Estimation, Estimation by the Method of Moments

## MIE-TES - Systems Theory

### Annotation

We are surrounded by phenomena and things that are too complex to be completely and in detail described, understood, and analyzed. However, it turns out that many of them, even though of various nature, show similar properties and behaviors: for example, the number of wolfs hunted down in Canada has similar time characteristics as the oscillations of an electronic relaxation oscillator. The structure of a system, i.e., the way how it is assembled from components, often plays substantial role. Students learn to work with these general rules of law both for the analysis of behavior of such systems and for their construction.

### Lectures Program

1. System definition. Structural and functional concept of a system.
2. Compositional and dynamic systems. Hard and soft systems.
3. Identification of a system.
4. Structural tasks of the system analysis. Paths and feedbacks.
5. Tasks of decomposition and composition of a system and tasks of system goals.
6. System behavior, behavior models, the notion of a process.
7. Formalisms for the analysis of model behavior: Petri nets, decision tables.
8. Bulk analysis and other methods of system analysis.
9. Soft systems, methods of their analysis.
10. Selected methodologies of system design, the SSADM method.
11. System synthesis with discrete time.
12. Decision and decision processes.
13. Information in a system and in its neighborhood, system regularity, system viability.