BSY – Introduction to Security

The class website with the most current class information is here

This course teaches students cybersecurity fundamentals by combining penetration testing with defense strategies. Using an innovative blend of lectures and practical tutorials, students engage in highly interactive classes. Each new concept is immediately reinforced with hands-on exercises, allowing students to apply what they have learned in real time.

Throughout the semester, the course integrates both attack and defense techniques. In realistic scenarios accessed via a cyber range, students will practice a wide range of skills: reconnaissance, scanning, exploiting vulnerabilities, privilege escalation, lateral movement, exfiltration, malware analysis, network security forensics, binary reversing, log analysis, intrusion detection systems, honeypots, and applications of machine learning and AI in cybersecurity.

Classes are conducted in English

Course contents

  • Basic concepts in cybersecurity, an overview of protocols and their properties
  • Network reconnaissance, scanning, and basic network analysis
  • Attacking devices in the network, vulnerabilities, exploits
  • Detection of attacks, hardening user access, host-based IDS
  • Virtualization, sandboxing, honeypots, and threat intelligence
  • Privilege escalation, persistence, side-channel attacks
  • Binary exploitation & secure coding
  • Binary reversing, static & dynamic code analysis
  • Malware, C&C channels, denial of service attacks
  • Malware detection, packet analysis, netflows, ML for cybersecurity
  • Web attacks, browser security, practical aspects of cryptography
  • Security of mobile devices

Course Syllabus

  • 25.09.2025 - Introduction to the Class, Security, and Networking
  • 02.10.2025 - Finding Computers, Scanning and Basic Network Analysis
  • 09.10.2025 - Getting Access. From People to Vulnerabilities
  • 16.10.2025 - Detecting Intruders in Your Server
  • 23.10.2025 - A Game of Deception
  • 30.10.2025 - Privilege Escalation, Persistence, Side-Channel Attacks
  • 06.11.2025 - Virtualization and Threat Intelligence
  • 13.11.2025 - Binary Exploitation and Fuzzing
  • 20.11.2025 - Reverse Engineering
  • 27.11.2025 - Automating Attacks with Malwaresteganography.
  • 04.12.2025 - Manual and Automatic Detection of C&C Channels
  • 11.12.2025 - Web Attacks
  • 18.12.2025 - Advanced Web Attacks
  • 08.01.2026 - Special class, Recap, and The NOC Talk

Communication channels

In case you need to contact the teachers, there are two options:

  • Send an email to ALL teachers via 13136-bsy [at] fel.cvut.cz (this way, any of them can answer), and always reply to all
  • Contact us via the class Matrix platform (You need to be enrolled first, and credentials are sent a few days before the class start)

—-

Assignments, grades and exams

The assignments, grading, exams modality, and requirements to pass the class are described on our website here

Source materials
  • Zalewski, M. (2005) Silence on the wire: a field guide to passive reconnaissance and indirect attacks
  • Lyon, G. F. (2008) Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • Sanders, C. (2020) Intrusion Detection Honeypots: Detection Through Deception. Applied Network Defense.
  • Chappel, L. (2012) Wireshark Network Analysis.
  • Anderson, R. (2020) Security Engineering: A Guide to Building Dependable Distributed Systems
  • Stuttard, D., & Pinto, M. (2011). The web application hacker's handbook: Finding and exploiting security flaws. John Wiley & Sons.
courses/bsy/start.txt · Last modified: 2025/09/17 20:33 by valerver