Advanced network security

Major: Security of Information and Communication Systems
Code of subject: 7.125.01.E.029
Credits: 4.00
Department: Information Technology Security
Lecturer: Professor Nyemkova Olena
Semester: 2 семестр
Mode of study: денна
Learning outcomes: KN 20. Knowledge of basic approaches to the organization of standard complexes and means of information protection in information and communication systems. KN 1.2. Analyze the relationships between information processes on remote computing systems. KN 1.3. Provide processes of protection and functioning of information and telecommunication (automated) systems on the basis of practices, skills, and knowledge on structural (structural-logical) schemes, network topology, modern architectures, and models of protection of electronic information resources with the reflection of interconnections and information flows, processes for internal and remote components. KN 1.4. Apply theories and methods of protection to ensure the security of information in information and telecommunications systems. KN 1.5. Ensure the operation of special software to protect information from destructive software influences, destructive codes in information, and telecommunications systems. KN 1.6. Solve problems of protection of information processed in information and telecommunication systems using modern methods and means of cryptographic protection of information.
Required prior and related subjects: • Operating Systems, • Computer networks.
Summary of the subject: Modern cloud services. Security and privacy in cloud networks. Virtualization. Complete virtualization. Para-virtualization. Hardware virtualization. Operating system virtualization. Application virtualization. Network virtualization. Memory virtualization. VPN mode built and implemented on Layer 3 OSI technologies (IPSec, MPLS VPN, GRE, DMVPN, FlexVPN, GET VPN). VPN mode built and implemented on Layer 4 OSI (SSL / TLS) technologies - middleboxes. SDN (Software Configurable Networks) principles. OpenFlow (Process Management Protocol). SDN Security Controller. Intrusion prevention systems for digital imprinting / deep packet checking (Snort / Suricata). Security on OpenStack. Generation Firewall (NGFW). Cloud privacy and integrity: Threats and protection. Availability and responsibility for cloud data: Threats and security. Cloud service privacy.
Assessment methods and criteria: • written reports by laboratory work, oral examination, reference work (45%) • final control (control measure, test): written-oral form (55%)
Recommended books: 1. Cloud Security Alliance (CSA). “Security Guidance for Critical Areas of Focus in Cloud Computing V2.1,” (Released December 17, 2009). 2. P. Mell and T. Grance. The NIST Definition of Cloud Computing (Draft). 3. C. Hoff, “Cloud computing security: From DDoS (distributed denial of service) to EDoS (economic denial of sustainability),” 2008.

Advanced network security (курсова робота)

Major: Security of Information and Communication Systems
Code of subject: 7.125.01.E.031
Credits: 2.00
Department: Information Technology Security
Lecturer: Professor Nyemkova Olena
Semester: 2 семестр
Mode of study: денна
Learning outcomes: 1. Possession of sufficient knowledge in the field of distributed networks and cloud technologies, namely: to know the basic fundamental concepts, key development trends, general concepts of cloud technologies, as well as to be able to critically analyze the security of distributed networks and cloud technologies. 2. Knowledge of modern innovative achievements in cloud technologies, in particular trends in the construction of distributed cloud systems in the field of information technology information and communication systems, information security systems, cybersecurity, and management, including the principles of construction and basic structural elements of cloud systems. 3. Possession of standard approaches and methodologies to the design and modernization of protected objects of information activities in accordance with the regulatory requirements of applicable standards and specifications, including knowledge of ISO / IEC 27037 standards. 4. Ability to substantiate and implement systems for the protection of distributed information resources in information and communication systems, to know the main features of various tools and methods of cloud services, to navigate in virtualization technologies of 3 and 4 levels of OSI. 5. Ability to select the tools needed to implement and configure cryptographic systems, to navigate in methods of preventing and preventing attacks on cloud solutions, to know the security controls of the OSI and network level. 6. Ability to use a variety of methods, including modern information technology, for effective communication at the professional and social levels.
Required prior and related subjects: • Operating Systems, • Computer networks.
Summary of the subject: Approximate topics of course work: Analysis of OAuth applications that pose a risk to distributed systems. Service model for providing cloud cybersecurity services. Personality management and access control in the cloud. Security issues in a cloud environment. Cloud Security Alliance - field of activity. Cloud security management. Cloud architecture security architecture. Risk issues in cloud computing. Analysis of the top risks of cloud technologies in 2019 using the FRAP risk assessment methodology. A neural network approach to detecting attacks on cloud technologies. The statistical approach to detecting attacks on cloud technologies. Method of detecting attacks on cloud technologies "Analysis of state systems".
Assessment methods and criteria: Methods of knowledge diagnostics: Checking the tasks of the course work, the student's report on the defense and his answers to questions. The format of course work defense provides the following options: 1. In the form of presentation of the commission of results of research of the student. 2. In the form of a "round table", which is attended by the entire student group and course leaders. The maximum score is 100 points.
Recommended books: 1. Methodical instructions for course work on the subject "Advanced network security" // Nyemkova O.A. - Lviv: 2021.