URL study guide
https://tue.osiris-student.nl/onderwijscatalogus/extern/cursus?cursuscode=2IMS40&collegejaar=2025&taal=enOmschrijving
The goal of this course is to provide students with a platform to get in-depth, hands-on experience on the building blocks of cyber security monitoring: network-based, host-based and log-based intrusion detection.To do so, the course is not focused on front classes but rather adopts a reverse classroom setup: the course will start by providing students with material covering practical and theoretical elements of security monitoring and additional material and pointers covering all three pillars, and their relationship. The students will then form groups, and will be able to choose one of the building blocks to explore in depth by developing a fully-fledged laboratory activity for the other students of the course to attend. These laboratory activities will be run and coordinated, in class, by the very students developing them. The development and delivery of these lab sessions in class is also the final examination of the course for the group of students handling it, and it is therefore obligatory.
The outcome of this setup is that all students will have developed, by the end of the course, a profound understanding of a technology of their choice, and at the same time get hands-on experience on a multitude of aspects of intrusion detection, through the lab activities developed by the fellow students.
Doelstellingen
- Learn theoretical and practical principles of cyber security monitoring.
- Learn how to derive a threat model from complex attack scenarios.
- Learn how to build detection procedures fitting a given threat model.
- Master practical and technical aspects of state-of-the-art network, host, and log-based intrusion detection systems.
- Learn to structure the acquired knowledge into practical activities for training.
- Develop a capacity to manage and organise the work of small groups.