| + | P:1.izv. prof. dr. sc. Krunoslav Antoliš
P:2.dr.sc. Damir Delija prof. s.s.
P:3.mr.sc. Marinko Žagar viši predavač
P: Davorka Topolčić
L:dr.sc. Damir Delija prof. s.s.
L: Davorka Topolčić
L: Domagoj Tuličić
L: Mihael Velički
S:dr.sc. Damir Delija prof. s.s.
S: Davorka Topolčić
S: Mihael Velički
S:mr.sc. Marinko Žagar viši predavač | Digital forensics | 30+30 (0+15+15+0) (120) | 6 | 173030 | NO |
| Code WEB/ISVU
| 29537/173030
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Digital forensics
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje tehničkih znanosti 2.09. Računarstvo Stručni predmet (Katedra za računalne mreže i sustave)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. izv. prof. dr. sc. Krunoslav Antoliš
Lectures:2. dr.sc. Damir Delija prof. s.s.
Lectures:3. mr.sc. Marinko Žagar viši predavač
Lectures: Davorka Topolčić
Laboratory exercises:dr.sc. Damir Delija prof. s.s.
Laboratory exercises: Davorka Topolčić
Laboratory exercises: Domagoj Tuličić
Laboratory exercises: Mihael Velički
Seminar exercises:dr.sc. Damir Delija prof. s.s.
Seminar exercises: Davorka Topolčić
Seminar exercises: Mihael Velički
Seminar exercises:mr.sc. Marinko Žagar viši predavač
|
| Course objectives
| Acquisition of basic knowledge about digital forensics and the legal foundations of digital forensics
| | Learning outcomes: | 1.Present the legal basis of digital forensics. Level:6,7
2.Create a report on digital forensic analysis. Level:6,7
3.Categorize digital artefacts. Level:6
4.Identify digital forensic artefacts. Level:6
5.Differentiate types of digital forensics. Level:6
6.Analyze digital forensic artefacts. Level:6
7.Compare digital forensics tools. Level:6,7
| | Methods of carrying out lectures | Ex cathedra teaching
Guest lecturer
Case studies
Questions and answers
| | Methods of carrying out laboratory exercises | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Group problem solving
Interactive problem solving
Workshop
| | Methods of carrying out seminars | Data mining and knowledge discovery on the Web
Essay writing
Discussion, brainstorming
Workshop
| | Course content lectures | 1.Introduction to Digital Forensics, 2h, Learning outcomes:1
2.Processes and digital forensic branches, 2h, Learning outcomes:2
3.Cybercrime, Convention Protocol on Cybercrime, 1h, Learning outcomes:5
4.The European Cybercrime Centre (EUROPOL), 1h, Learning outcomes:4
5.Four Principles of Digital Forensics, 2h, Learning outcomes:3
6.Organization of Digital Forensic Team, 2h, Learning outcomes:4
7.Digital forensic investigation process and phases of the digital forensic process, 2h, Learning outcomes:6
8.The main challenges of the forensic process, examination of evidence and reporting, 2h, Learning outcomes:6
9.Digital forensic investigation models, 2h, Learning outcomes:4
10.Principles of Acquisition and Processing of Digital Forensic Evidence, 2h, Learning outcomes:3
Acquisition and processing of internet evidence, 1h, Learning outcomes:3
Acquisition and processing of evidence on computers, 1h, Learning outcomes:6
11.Machine forensic laboratory equipme, 2h, Learning outcomes:7
12.Digital forensic artefacts, 2h, Learning outcomes:7
13.Digital documents artifacts, 2h, Learning outcomes:3
14.Windows, Linux and MAC OS artifacts, 2h, Learning outcomes:2
15.Antiforensics techniques, 2h, Learning outcomes:1
| | Course content laboratory | 1.Introduction to laboratory exercises and basic digital forensics tools, 1h, Learning outcomes:1
2.Research and analysis of digital forensic artifacts, 2h, Learning outcomes:7
3.The Basics of Using the AmpedFive Tool, 2h, Learning outcomes:2
4.The Basics of Using the EnCase Tool, 2h, Learning outcomes:6
5.Analyze digital records using the AmpedFive tool, 2h, Learning outcomes:7
6.Video analysis using the AmpedFive tool, 2h, Learning outcomes:3,5
7.Analysis of digital records using EnCase, 2h, Learning outcomes:6,7
8.Creating reports on conducted analyzes, 2h, Learning outcomes:5
9.No classes
10.No classes
11.No classes
12.No classes
13.No classes
14.No classes
15.No classes
| | Course content seminars | 1.Defining the topic of seminar, 1h, Learning outcomes:1
2.Creating seminar , 2h, Learning outcomes:2
3.Creating seminar , 2h, Learning outcomes:3
4.Creating seminar , 2h, Learning outcomes:4
5.Creating seminar , 2h, Learning outcomes:5
6.Creating seminar , 2h, Learning outcomes:2
7.Creating seminar , 2h, Learning outcomes:1
8.Creating seminar , 2h, Learning outcomes:1
9.No classes
10.No classes
11.No classes
12.No classes
13.No classes
14.No classes
15.No classes
| | Required materials | Special purpose laboratory
Special purpose computer laboratory
Overhead projector
| | Exam literature | 1. John Sammons: The Basics of Digital Forensics, Syngress, March 2012
2. Fred Cohen, Challenges to Digital Forensic Evidence,ASP Press, 2008
3. Marinko Žagar, Skripta predavanja - Digitalna forenzika, 2016.
4. K. Antoliš poglavlje u knjizi: Internet Forensics and Combating Terrorism u knjizi: „The Dangerous Landscape“, ISBN978-954-92521-6-3, nakladnik: Procon Ltd. 2013.
5. K. Antoliš: ICT & Identity Theft, Informatologija, 46, 2013., 4, 353-360, UDK:681.3:340:001, ISSN 1330-0067, Zagreb, Hrvatska.
6. David Lilburn Watson Andrew Jones : Digital Forensics Processing and Procedures, 1st Edition Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements, David Lilburn Watson Andrew Jones, 2013
7. Jana Žiljak Vujić, Sigurnosna grafika,TVZ,978-953-7048-33-4,2014
| | Students obligations | Presence at classes
Submitted seminar paper
Laboratory exercises submitted | | Knowledge evaluation during semester | Questions and answers | | Knowledge evaluation after semester | Maximum 100 points | | Student activities: | | Aktivnost | ECTS | | (Classes attendance) | 1 | | (Written exam) | 1 | | (Seminar Work) | 1 | | (Oral exam) | 1 | | (Practical work) | 2 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | mr.sc. Marinko Žagar senior lecturer, 5.6.2018 | |
| + | P:1.Prof. dr. sc. Jana Žiljak Gršić
P:2.dipl.ing. Andrea Ledić , predavač
P:3. Darija Ćutić mag.ing.graph.techn., viši predavač
P:4. Jasna Galeković
L: Darija Ćutić mag.ing.graph.techn., viši predavač
L: Jasna Galeković
L:Prof. dr. sc. Jana Žiljak Gršić
S: Darija Ćutić mag.ing.graph.techn., viši predavač
S: Jasna Galeković
S:Prof. dr. sc. Jana Žiljak Gršić | Digital media, security and protection | 30+30 (0+15+15+0) (120) | 6 | 185429 | NO |
| Code WEB/ISVU
| 29625/185429
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Digital media, security and protection
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje tehničkih znanosti 2.09. Računarstvo Stručni predmet (Katedra za informatički dizajn)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. Prof. dr. sc. Jana Žiljak Gršić
Lectures:2. dipl.ing. Andrea Ledić , predavač
Lectures:3. Darija Ćutić mag.ing.graph.techn., viši predavač
Lectures:4. Jasna Galeković
Laboratory exercises: Darija Ćutić mag.ing.graph.techn., viši predavač
Laboratory exercises: Jasna Galeković
Laboratory exercises:Prof. dr. sc. Jana Žiljak Gršić
Seminar exercises: Darija Ćutić mag.ing.graph.techn., viši predavač
Seminar exercises: Jasna Galeković
Seminar exercises:Prof. dr. sc. Jana Žiljak Gršić
|
| Course objectives
| Train students to recognize document security and security features and use the forensic tool to implement.
| | Learning outcomes: | 1.Compare successful methods and elements of protection. Level:6,7
2.Analyze modern security techniques, the relationship of digital media and security printing. Level:6
3.Analyse design types of documents and securities.. Level:6
4.Critically evaluate the types and reasons for applying security graphic design. Level:7
5.Differentiate methods and technologies of protection and application sequence. Level:6
6.Differentiate various methods and instruments for digital forensics. Level:6
| | Methods of carrying out lectures | Ex cathedra teaching
Guest lecturer
Questions and answers
| | Methods of carrying out laboratory exercises | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Group problem solving
Traditional literature analysis
Data mining and knowledge discovery on the Web
Mind mapping
Computer simulations
Interactive problem solving
Workshop
| | Methods of carrying out seminars | Traditional literature analysis
Data mining and knowledge discovery on the Web
Essay writing
Interactive problem solving
| | Course content lectures | 1.Review the design of securities and documents through history, 2h, Learning outcomes:1
2.Design and analysis of documents and securities, 2h, Learning outcomes:1,2
3.Design of security elements on documents and securities, 2h, Learning outcomes:1,2,3
4.Security of individual security features on documents and securities, 2h, Learning outcomes:2
5.Security features in the security system, 2h, Learning outcomes:3
6.Security line graphics in the protection system, 2h, Learning outcomes:3
7.A modern way of counterfeiting, 2h, Learning outcomes:1
8.Design is visible, IR and UV, 2h, Learning outcomes:6
9. Graphic protection for security and traceability of goods, 2h, Learning outcomes:6
10. Passport protection, 2h, Learning outcomes:1,2,3,4
11. Forensics of works of art, 2h, Learning outcomes:1,2,3
12. Digital media security and reasons for protected graphics, 2h, Learning outcomes:1,2
13.Design for a particular document, 2h, Learning outcomes:1,2,3
14.Security achievements in counterfeiting, 2h, Learning outcomes:1,2,3,4,5
15.Design of documents and securities with a modern protection system, 1h, Learning outcomes:1,2,3,4,5
| | Course content laboratory | 1.Analysis of individual document designs , 1h, Learning outcomes:1
2.Security design protection , 1h, Learning outcomes:1,4
3.Design of specific types of securities , 1h, Learning outcomes:2,6
4.Design of basic elements on documents and banknotes, 1h, Learning outcomes:2
5.Study of visual spectrum characteristics , 1h, Learning outcomes:2
6.Design in the UV part of the spectrum , 1h, Learning outcomes:4
7.new solutions in document and securities protection , 1h, Learning outcomes:5
8.Analysis of counterfeit vs. original banknotes , 1h, Learning outcomes:4
9.Visible authenticity of documents and securities, 1h, Learning outcomes:4
10.Testing performed on Projektina , 1h, Learning outcomes:6
11.Methods of creating counterfeits , 1h, Learning outcomes:3
12.Knowledge about the procedure how to detect counterfeits, 1h, Learning outcomes:3
13.Technology upgrade system , 1h, Learning outcomes:3
14.Documents implementation mode , 1h, Learning outcomes:3
15.World-famous document and securities printing presses and their standards , 1h, Learning outcomes:6
| | Course content seminars | 1.Analysis of design of individual securities , 2h, Learning outcomes:2
2.Design of graphic elements on documents and securities , 2h, Learning outcomes:2
3.Study of legal aspects of design , 2h, Learning outcomes:3
4.Consideration of basic elements on banknotes through, 2h, Learning outcomes:2
5.Design for IR and UV light sources, 2h, Learning outcomes:3
6.Design in the IR part of the spectrum , 2h, Learning outcomes:4
7.Design in accordance with new technologies in document and securities protection , 2h, Learning outcomes:5
8.Security of documents and securities, 2h, Learning outcomes:4
9.Counterfeit analysis and quality assessment , 2h, Learning outcomes:4
10.Methods of recording counterfeits, 2h, Learning outcomes:6
11.Process of creating documents and securities , 2h, Learning outcomes:3
12.Process of informing about counterfeits , 2h, Learning outcomes:6
13.Contemporary documents at borders , 2h, Learning outcomes:5
14.Authorization of document producers , 2h, Learning outcomes:3
15. Equipment and methods for realization and forensics , 2h, Learning outcomes:6
| | Required materials | Basic: classroom, blackboard, chalk...
Whiteboard with markers
Overhead projector
| | Exam literature | 1. Jana Žiljak Vujić, Sigurnosna grafika, Tehničko veleučilište u Zagrebu, Informatičko - računarski odjel,978-953-7048-33-4, 2014
2. Gordan Mršić, Jasna Galeković, Andrea Ledić, Andrijana Ristović, Nevenka Škavić, Forenzika dokumenata, novca i rukopisa, Hrvatska Sveučilišna Naklada, 978-953-169-286-1, 2014 | | Students obligations | Elaboration of seminars and exercises is mandatory for all students and a requirement for a signature.
Equipment:
- Software for the design of protective elements and vector graphics Adobe
- Projektina
- UV lamps
- Cameras with IR filter
| | Knowledge evaluation during semester | • Laboratory exercises and seminar
• If a student does not pass the colloquium, she/he does not have the opportunity to attend the oral exam.
• Total maximum 100 points
0-49 – inadequate
50-61 – sufficient
62-74 – good
75-86 – very good
87-100 – excellent
| | Knowledge evaluation after semester | exam | | Student activities: | | Aktivnost | ECTS | | (Classes attendance) | 1 | | (Constantly tested knowledge) | 3 | | (Practical work) | 2 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | Prof. dr. sc. Jana Žiljak Gršić, 8.6.2018 | |
| + | P:1.mr.sc. Marinko Žagar viši predavač
L: Marin Rak
L: Domagoj Tuličić
S: Marin Rak
S:mr.sc. Marinko Žagar viši predavač | Information Security | 30+30 (0+15+15+0) (120) | 6 | 173027 | NO |
| Code WEB/ISVU
| 29535/173027
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Information Security
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje tehničkih znanosti 2.09. Računarstvo Stručni predmet (Katedra za računalne mreže i sustave)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. mr.sc. Marinko Žagar viši predavač
Laboratory exercises: Marin Rak
Laboratory exercises: Domagoj Tuličić
Seminar exercises: Marin Rak
Seminar exercises:mr.sc. Marinko Žagar viši predavač
|
| Course objectives
| Introducing students with concepts, standards, risks and general issues of Information Security.
| | Learning outcomes: | 1.Present the concept of security. Level:6,7
2.Critically evaluate implemented security standards. Level:7
3.present standards and security policies. Level:6,7
4.Evaluate security threats and vulnerabilities. Level:6,7
5.Analyze malware and malware protection. Level:6
6.Estimate the security of cloud applications. Level:6,7
7.Evaluate implemented security standards. Level:7
| | Methods of carrying out lectures | Ex cathedra teaching
Guest lecturer
Case studies
Discussion
Questions and answers
| | Methods of carrying out laboratory exercises | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Discussion, brainstorming
Workshop
| | Methods of carrying out seminars | Traditional literature analysis
Data mining and knowledge discovery on the Web
Essay writing
Workshop
| | Course content lectures | 1.Introduction to Information Security, 1h, Learning outcomes:4
2.Cyber security, 1h, Learning outcomes:6
3.Threats to information systems, 1h, Learning outcomes:4,5,6
Identity theft, 1h, Learning outcomes:5
Forms and measures of protection, 1h, Learning outcomes:7
4.Legislative framework for electronic business, 2h, Learning outcomes:3
Information security Act, 1h, Learning outcomes:3
5.ISO standard Information Security, 2h, Learning outcomes:3
6.Information security management system, 2h, Learning outcomes:1,3,7
7.Public key Infrastructure, 2h, Learning outcomes:2
8.Computer crime, 2h, Learning outcomes:4,5
9.Malicious programs, 2h, Learning outcomes:5
10.Protection against malware, 2h, Learning outcomes:5
11.Web application architecture, 2h, Learning outcomes:4
12.Types of attacks on wireless networks, 2h, Learning outcomes:4
13.Methods of protecting wireless networks, 2h, Learning outcomes:1,4
14.Security problems and risks of cloud computing, 2h, Learning outcomes:6
15.CSA cloud computing security recommendations, 2h, Learning outcomes:6
| | Course content laboratory | 1.Information security management system, 3h, Learning outcomes:2,7
2.Legal compliance, 2h, Learning outcomes:3
3.Compliance with standard ISO 27001: 2013, 2h, Learning outcomes:2,3,7
4.Security policy, 2h, Learning outcomes:2,7
5.Security analysis of iinformation system , 2h, Learning outcomes:4,6,7
6.Analysis of compliance with ISO 9001: 2000 , 2h, Learning outcomes:3,7
7.Use the Vulnerability and IDS tools, 2h, Learning outcomes:4,5
8.No classes
9.No classes
10.No classes
11.No classes
12.No classes
13.No classes
14.No classes
15.No classes
| | Course content seminars | 1.Defining the task of seminar work, 3h, Learning outcomes:1,2,3,4,5,6,7
2.Work on developing seminar work, 2h
3.Work on developing seminar work, 2h
4.Work on developing seminar work, 2h
5.Work on developing seminar work, 2h
6.Work on developing seminar work, 2h
7.Work on developing seminar work, 2h
8.No classes
9.No classes
10.No classes
11.No classes
12.No classes
13.No classes
14.No classes
15.No classes, 2h
| | Required materials | Basic: classroom, blackboard, chalk...
Special purpose computer laboratory
Whiteboard with markers
Overhead projector
| | Exam literature | 1. K. Antoliš et all.: Sigurnost informacijskih sustava, Algebra d.o.o., Zagreb ožujak, 2016
2. Vlada Republike Hrvatske, Nacionalna strategija kibernetičke sigurnosti i akcijski plan za provedbu Nacionalne strategije kibernetičke sigurnosti, NN 150/11 i 119/14, 2015.
3. Hrvatski Sabor, Zakona o zaštiti osobnih podataka sa izmjenama i dopunama, NN 103/03; 118/06, 41/08, 130/11, 2012.
4. Hrvatski Sabor, Zakona o Informacijskoj sigurnosti, NN 79/2007, 2007.
5. Hrvatski Sabor, Zakona o elektroničkom potpisu, NN 10/2002, 2002.
6. Marinko Žagar, Skripta predavanja - Informacijska sigurnost , 2016 | | Students obligations | Submitted results of laboratory exercises
Submitted seminar paper
Attendance attendance min, 80% | | Knowledge evaluation during semester | Laboratory exercises or seminar up to 50 points | | Knowledge evaluation after semester | Written exam
Oral exam | | Student activities: | | Aktivnost | ECTS | | (Written exam) | 1 | | (Seminar Work) | 1 | | (Oral exam) | 1 | | (Experimental work) | 1 | | (Activity in class) | 1 | | (Constantly tested knowledge) | 1 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | mr.sc. Marinko Žagar senior lecturer, 4.6.2018 | |
| + | P:1. Goran Sirovatka dipl. ing., viši predavač
P:dr.sc. Vlatko Mićković prof.
L: Goran Sirovatka dipl. ing., viši predavač
L: Domagoj Tuličić
S: Goran Sirovatka dipl. ing., viši predavač
S: Domagoj Tuličić | Mathematical models of security | 30+30 (0+15+15+0) (120) | 6 | 173028 | NO |
| Code WEB/ISVU
| 29536/173028
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Mathematical models of security
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje prirodnih znanosti 1.01. Matematika Stručni predmet (Katedra za zajedničke predmete, katedra za matematiku)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. Goran Sirovatka dipl. ing., viši predavač
Lectures:dr.sc. Vlatko Mićković prof.
Laboratory exercises: Goran Sirovatka dipl. ing., viši predavač
Laboratory exercises: Domagoj Tuličić
Seminar exercises: Goran Sirovatka dipl. ing., viši predavač
Seminar exercises: Domagoj Tuličić
|
| Course objectives
| The program encompasses a variety of topics related to the mathematical definition of basic concepts and discrete mathematics operations used in information theory and information security The program covers the topics of mathematics and mathematical programming as a platform for the adoption of security information and computer forensics The aim of the course is to enable graduate students to apply mathematical tools to further monitor the development of new information security models and to apply them. Students are expected to be able to understand and develop algorithms based on acquired knowledge. Independent work is required of students.
| | Learning outcomes: | 1.1. Apply discrete mathematical structures in the analysis of information security. Level:6,7
2.2. Apply algorithms of graph theory on forensics of social networks. Level:6,7
3.3. Understands and applies regular expressions to apply them in digital forensics. Level:6,7
4.4. Understand models for flow control information. Level:6,7
5.5. Apply logical models to proof of correctness of the program. Level:6,7
6.6. Organize mathematical information security models. Level:6,7
| | Methods of carrying out lectures | Ex cathedra teaching
Guest lecturer
Case studies
Simulations
Discussion
| | Methods of carrying out laboratory exercises | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Group problem solving
Discussion, brainstorming
Computer simulations
Workshop
| | Methods of carrying out seminars | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Essay writing
Computer simulations
Workshop
| | Course content lectures | 1.1. Basic Full-Number Operation, Exits: 1, 2h, Learning outcomes:1
2.2. Boolean Algebra, Exits: 1, 2h, Learning outcomes:1
3.3. Induction and Reaction, Outcomes: 1.5, 2h, Learning outcomes:1,5
4.4. Cryptography and Number Theory, Outcomes: 1, 2h, Learning outcomes:1
5.5. HASH function, Exits: 1, 2h, Learning outcomes:1
6.6. Graphs and Tree, Exits: 2, 2h, Learning outcomes:2
7.7. Theory of Matching and Coloring, Outcomes: 2, 2h, Learning outcomes:2
8.8. Formal Languages, Exits: 1, 3, 2h, Learning outcomes:1,3
9.9. Regular meetings and expressions, Outcomes: 3, 2h, Learning outcomes:3
10.10. Automatic, Exits: 3, 2h, Learning outcomes:3
11.11. Randomization Algorithms, Outcomes: 4, 2h, Learning outcomes:4
12.12. Programming code validation algorithms Output 4, 2h, Learning outcomes:4
13.13. Probability, Outcome: 4, 2h, Learning outcomes:4
14.14. Logical Proofs and Evidence, Outcomes: 5, 2h, Learning outcomes:5
15.15. Deployment and generalization of the security model, ¸ Exits: 5, 6, 2h, Learning outcomes:4,5
| | Course content laboratory | 1.1. Number theory exercises, Outcomes: 1, 1h, Learning outcomes:1
2.Exercises from mathematical logic, Exercises: 1 and 5, 1h, Learning outcomes:1,5
3.convert recursive algorithm to linear , 1h, Learning outcomes:1
4.Prime numbers, 1h, Learning outcomes:1,4
5.5. Exercises to Create Cryptographic Algorithms, Exits: 1, 1h, Learning outcomes:1
6.6. Exercises to create a hash algorithm and its validation, Exits: 1, 1h, Learning outcomes:1
7.7. Exercises from graph theory and NP problem solving, Outcomes: 2, 1h, Learning outcomes:2
8.8. Exercises - regular expressions in digital forensics, Exercises: 3, 1h, Learning outcomes:3
9.Exercises - Final automata, Outcomes: 3, 1h, Learning outcomes:3
10.Exercises - logical operations in digital forensics, Exercises: 4, 1h, Learning outcomes:4
11.Exercises Creating and Validating pseudo randomization algorithms Exit 4, 1h, Learning outcomes:4
12.12. Security Information System Modeling Exercises, Outcomes: 5, 1h, Learning outcomes:5
13.Complex logic expression exercises Exercise 5, 1h, Learning outcomes:5
14.Exercises Mathematical Evidence Implementation Exit 5, 1h, Learning outcomes:5
15.15. Exercises to Create an Information Security Model, Exits: 5, 6, 1h, Learning outcomes:5,6
| | Course content seminars | 1.1. Number theory exercises, Outcomes: 1, 1h, Learning outcomes:1
2.Exercises from mathematical logic, Exercises: 1 and 5, 1h, Learning outcomes:1,5
3.convert recursive algorithm to linear , 1h, Learning outcomes:1
4.prime numbers and exercises to Create Cryptographic Algorithms, Exits: 1, 1h, Learning outcomes:1
5.6. Exercises to create a hash algorithm and its validation, Exits: 1, 1h, Learning outcomes:1
6.1st colloquium, 1h
7.7. Exercises from graph theory and NP problem solving, Outcomes: 2, 1h, Learning outcomes:2
8.8. Exercises - regular expressions in digital forensics, Exercises: 3, 1h, Learning outcomes:2
9.Exercises - Final Machines, Outcomes: 3, 1h, Learning outcomes:3
10.Exercises - logical operations in digital forensics, Exercises: 4, 1h, Learning outcomes:4
11.Exercises Creating and Validating pseudo randomization algorithms Exit 4, 1h, Learning outcomes:4
12.12. Security Information System Modeling Exercises, Outcomes: 5, 1h, Learning outcomes:5
13.Complex logic expression exercises Exercise 5, 1h, Learning outcomes:5
14.Exercises Mathematical Evidence Implementation & Exercises to Create an Information Security Model,, 1h, Learning outcomes:4,5
15.2. kolokvij, 1h
| | Required materials | Basic: classroom, blackboard, chalk...
General purpose computer laboratory
Whiteboard with markers
Overhead projector
| | Exam literature | 1. Dujela, Diskretna matematika, skripta
2. Haggard & all, Dicrete mathematics for Computer Science, Thompson, ISBN 0-534-49501-X
3. Kenneth Rosen, Discrete mathematics and its Application, McGraw Hill, ISBN 978-0-07-338309-5
1. Ćirić, Diskretna matematika OSNOVE KOMBINATORIKE I TEORIJE GRAFOVA, skripta 2007
2. EC-Council Press,Computer Forensics: Investigating File and Operating Systems, Wireless Networks and Storage, EC-Council Press, 9781305883482, 2016
3. S. Geetha,Combating Security Breaches and Criminal Activity in the Digital Sphere ,IGI Global,978-1522501930, 2016
4. Dr. Philip Polstra,Windows Forensics,Pentester Academy, 2016
| | Students obligations | Making seminars and exercises is mandatory for all students and a requirement for signing
| | Knowledge evaluation during semester | • Laboratory exercises or seminars up to 50 points
• Two colloquia by 25 points (Every colloquium is repaired)
| | Knowledge evaluation after semester | • If a student does not have a colloquy, he / she has the opportunity to go to the oral exam.
• Total maximum 100 points
0-49 - inadequate
50-61 - sufficient
62-74 - good
75-86 - very good
87-100 - excellent
| | Student activities: | | Aktivnost | ECTS | | (Classes attendance) | 1 | | (Constantly tested knowledge) | 1 | | (Essay) | 1 | | (Written exam) | 2 | | (Research) | 1 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | Goran Sirovatka , 6.6.2018 | |
| + | P:1. Sanja Kraljević , dipl.ing., v. pred.
P:2.doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing.
L: Krunoslav Bilić mag.inf.
L: Sanja Kraljević , dipl.ing., v. pred.
L:doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing.
L: Mihael Velički
S: Sanja Kraljević , dipl.ing., v. pred.
S:doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing. | Web application security | 30+30 (0+15+15+0) (120) | 6 | 173031 | NO |
| Code WEB/ISVU
| 29538/173031
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Web application security
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje tehničkih znanosti 2.09. Računarstvo Stručni predmet (Katedra za programsko inženjerstvo)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. Sanja Kraljević , dipl.ing., v. pred.
Lectures:2. doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing.
Laboratory exercises: Krunoslav Bilić mag.inf.
Laboratory exercises: Sanja Kraljević , dipl.ing., v. pred.
Laboratory exercises:doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing.
Laboratory exercises: Mihael Velički
Seminar exercises: Sanja Kraljević , dipl.ing., v. pred.
Seminar exercises:doc.dr.sc. Aleksander Radovan , prof. struč. stud., dipl.ing.
|
| Course objectives
| Student training for designing and building secure applications and identifying vulnerabilities and threats to existing applications. Evaluation and installation of database management systems with regard to information security.
| | Learning outcomes: | 1.web application secuirty. Level:7
2.implemented security standards. Level:7
3.attacks on web applications. Level:6,7
4.secure software in accordance with threats in the form of an attack on the software. Level:6,7
5.the quality of implementation of security solutions for information systems. Level:7
6.solution for the database management system and their safe installation. Level:6,7
7.tools for detecting application vulnerability. Level:6,7
| | Methods of carrying out lectures | Ex cathedra teaching
Case studies
Simulations
Discussion
Seminar, students presentation and discussion
| | Methods of carrying out laboratory exercises | Laboratory exercises, computer simulations
Discussion, brainstorming
Computer simulations
| | Methods of carrying out seminars | Traditional literature analysis
Data mining and knowledge discovery on the Web
Essay writing
Workshop
| | Course content lectures | 1.Web application architecture and security protocols, 2h, Learning outcomes:1
2.Secure development, 2h, Learning outcomes:2,4,5
3.Attacks related to authentication and authorization, 2h, Learning outcomes:3,4
4.Attacks related to commands execution, 2h, Learning outcomes:3,4
5.The disclosure of confidential information and logical attacks, 2h, Learning outcomes:4
6.Database security - privileges and data integrity, 2h, Learning outcomes:6
7.Database security - data access control, 2h, Learning outcomes:6
8.First midterm exam, 2h, Learning outcomes:6
9.Security threats, SQL injection, locking problem, 2h, Learning outcomes:5
10.Data encryption, 2h, Learning outcomes:6
11.Storing encrypted data, 2h, Learning outcomes:5,7
12.Vulnerability testing, 2h, Learning outcomes:7
13.Application security tools, 2h
14.Application security tools, 2h
15.Second midterm exam, 2h
| | Course content laboratory | 1.Web application architecture and security protocols, 2h, Learning outcomes:2
2.Secure development, 2h, Learning outcomes:4
3.Attacks related to authentication and authorization, 2h, Learning outcomes:3
4.Attacks related to commands execution, disclosure of confidential information, logical attacks, 2h, Learning outcomes:1,3
5.Database security - privileges, data integrity, data access control, 2h, Learning outcomes:6
6.Security threats, SQL injection, data locks, data encryption, 2h, Learning outcomes:2,4,6
7.Vulnerability testing, application security tools, 2h, Learning outcomes:7
8.No classes (seminar)
9.No classes (seminar)
10.No classes (seminar)
11.No classes (seminar)
12.No classes (seminar)
13.No classes (seminar)
14.No classes (seminar)
15.No classes (seminar)
| | Course content seminars | 1.No classes (laboratory exercises)
2.No classes (laboratory exercises)
3.No classes (laboratory exercises)
4.No classes (laboratory exercises)
5.No classes (laboratory exercises)
6.No classes (laboratory exercises)
7.No classes (laboratory exercises)
8.Web application architecture and security protocols, 2h, Learning outcomes:2
9.Secure development, 2h, Learning outcomes:4
10.Attacks related to authentication and authorization, 2h, Learning outcomes:3
11.Attacks related to commands execution, disclosure of confidential information, logical attacks, 2h, Learning outcomes:1,3
12.Database security - privileges, data integrity, data access control, 2h, Learning outcomes:6
13.Security threats, SQL injection, data locks, data encryption, 2h, Learning outcomes:2,4,6
14.Vulnerability testing, application security tools, 2h, Learning outcomes:7
15.Presentations of seminars / projects, 2h, Learning outcomes:1,2,3,4,5,6,7
| | Required materials | Basic: classroom, blackboard, chalk...
General purpose computer laboratory
Special purpose computer laboratory
Whiteboard with markers
Overhead projector
| | Exam literature | Kraljević, S., Skripte s predavanja - Sigurnost web aplikacija | | Students obligations | Completed laboratory exercises or seminar paper (project) | | Knowledge evaluation during semester | - 50% - laboratory exercises or seminar paper (project)
- 25% - first midterm exam
- 25% - second midterm exam
| | Knowledge evaluation after semester | - 50% - laboratory exercises or seminar paper (project)
- 50% - exam
| | Student activities: | | Aktivnost | ECTS | | (Written exam) | 2 | | (Project) | 2 | | (Constantly tested knowledge) | 2 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | M.Sc. Sanja Kraljević | |
| + | P:1.izv. prof. dr. sc. Krunoslav Antoliš
L:izv. prof. dr. sc. Krunoslav Antoliš
S:izv. prof. dr. sc. Krunoslav Antoliš | Legal Aspects of Digital Forensics | 30+30 (0+15+15+0) (120) | 6 | 185428 | NO |
| Code WEB/ISVU
| 29624/185428
| ECTS
| 6
| Academic year
| 2023/2024
|
| Name
| Legal Aspects of Digital Forensics
|
| Status
| 1st semester - Graduate Professional Study in Information Security and Digital Forensics (Izvanredni diplomski informacijska sigurnost i digitalna forenzika) - obligatory course
|
| Department
| Područje tehničkih znanosti 2.16. Interdisciplinarne tehničke znanosti Opći predmet (Katedra za aplikativne sustave)
|
| Teaching mode
| Lectures + exercises (auditory + laboratory + seminar + metodology + construction)
work at home
| 30+30 (0+15+15+0)
120
|
| Teachers
| Lectures:1. izv. prof. dr. sc. Krunoslav Antoliš
Laboratory exercises:izv. prof. dr. sc. Krunoslav Antoliš
Seminar exercises:izv. prof. dr. sc. Krunoslav Antoliš
|
| Course objectives
| Adopt knowledge on the legal basis and legitimate treatment in the domain of digital forensics
| | Learning outcomes: | 1. Students will learn to legitimately handle the process of collecting, processing and analyzing digital evidence, creating digital forensic investigation reports, handling stored and stored digital evidence, and also being trained to make expert judgments about digital forensic materials in accordance with normative acts. Level:6
2.Students will be able to consolidate and link the results of a digital forensic investigation into the function of reconstruction, and to establish its founding on conventions, laws and regulations in order to conclude on the legality of the conduct and validity of evidence. Level:6
3.Students will be able to choose and use appropriate legal standards in preventative and curative protection against information attacks, and will also be trained in selection and use, appropriate PKI encryption and cryptographic protection concepts, and digital signatures and digital certificates. Level:6
4. Students will master the knowledge of legal regulations related to business cooperation security and be able to expertly assist in the process of obtaining a business security certificate and concluding contracts that contain classified information and information. Level:6
5.Students will be trained to identify threats and risk analysis as well as ways to conclude the consequences that may arise from the realization of these threats, especially when it comes to classified information. Level:6
6. Students will know, in accordance with EU directives, the protection of fundamental rights and freedoms of the individual with regard to data processing and how the free flow of personal data between Member States is ensured.. Level:6
7. Students will be able to understand the importance and know the role of legal regulation and will be able to evaluate and interpret work with digital data and information generated by digital forensic analysis in accordance with normative acts. Level:6
| | Methods of carrying out lectures | Ex cathedra teaching
Guest lecturer
Case studies
Demonstration
Simulations
Modelling
Discussion
Questions and answers
Seminar, students presentation and discussion
Homework presentation
| | Methods of carrying out laboratory exercises | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Group problem solving
Traditional literature analysis
Data mining and knowledge discovery on the Web
Essay writing
Discussion, brainstorming
Mind mapping
Computer simulations
Interactive problem solving
Workshop
| | Methods of carrying out seminars | Laboratory exercises on laboratory equipment
Laboratory exercises, computer simulations
Group problem solving
Traditional literature analysis
Data mining and knowledge discovery on the Web
Essay writing
Discussion, brainstorming
Mind mapping
Computer simulations
Interactive problem solving
Workshop
Other
UFED | | Course content lectures | 1.International and national, strategic and legal framework, 1h, Learning outcomes:1
Convention on cybercrime,, 1h, Learning outcomes:1,4,5,6
2.Convention on the Prevention of Terrorism, 1h, Learning outcomes:1,3,4,6
Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, 1h, Learning outcomes:1,2
3.Law on Personal Data Protection, 2h, Learning outcomes:1,2,5
4.Author and related law in a virtual environment, 2h, Learning outcomes:2
5.Privacy Act, 2h, Learning outcomes:3
6.Rulebook on the Privacy of Data Processing, 1h, Learning outcomes:3
National Cyber Security Strategies,, 1h, Learning outcomes:3
7.National Strategy for the Prevention and Suppression of Terrorism, 1h, Learning outcomes:3
The Law on the Security Intelligence System of the Republic of Croatia,, 1h, Learning outcomes:3,5,7
8.Law on Information Security, 2h, Learning outcomes:3,5,7
9.The role and tasks of UVNS, ZSIS, National CERT in the information security system of the Republic of Croatia,, 2h, Learning outcomes:3,7
10.Security Policy and Information Risk Management, 1h, Learning outcomes:3
Criminal process framework, 1h, Learning outcomes:3,5,6,7
11.Criminal Code - Chapter 25, 1h, Learning outcomes:3,5,7
Criminal Procedure Act,, 1h, Learning outcomes:3,5,7
12.Ordinance on the Implementation of Special Evidence Projects, 1h, Learning outcomes:7
Recognizing and acting on the exclusion of digital evidence, 1h, Learning outcomes:7
13.Transmission and Preservation of Digital Evidence, 1h, Learning outcomes:7
Search for Digital Evidence Holders, 1h, Learning outcomes:7
14.Reconstruction based on digital evidence, 1h, Learning outcomes:6,7
The structure, content and layout of reports generated by digital forensic analysis, 1h, Learning outcomes:7
15.Expert judgment of materials created by digital forensics, 1h, Learning outcomes:7
Expertise and Digital Forensics, 1h, Learning outcomes:3,5,7
| | Course content laboratory | 1.Methods and techniques of digital forensics, 1h, Learning outcomes:1,7
2.Information threats and risk analysis, 1h, Learning outcomes:3
3.Security of Public Key Infrastructure, 1h, Learning outcomes:5
4.Techniques and methods of encryption, 1h, Learning outcomes:5
5.Digital Signature, Digital Certificates,, 1h, Learning outcomes:5
6.Collecting digital evidence,, 1h, Learning outcomes:7
7.Processing and analysis of digital evidence,, 1h, Learning outcomes:7
8.Creating Digital Forensic Investigations Report, 1h, Learning outcomes:7
9.Procedures in storage and storage of digital evidence, 1h, Learning outcomes:7
10.Digital forensics and reconstruction of events, 1h, Learning outcomes:6
11.Methodology of Conclusion on Legality of Treatment in Digital Forensic Investigation, 1h, Learning outcomes:6
12.Information threats and ways to protect classified information, 1h, Learning outcomes:3
13.Procedures when applying for security business cooperation,, 1h, Learning outcomes:4
14. 65/5000 Concluding contracts that contain classified information and information, 1h, Learning outcomes:4
15.Application of EU directives to protect fundamental rights and freedoms of individuals,, 1h, Learning outcomes:2
| | Course content seminars | 1.Information security, 1h, Learning outcomes:1
2.Computer security, 1h, Learning outcomes:1
3.Digital forensics legal basis, 1h, Learning outcomes:2
4.Digital Forensics Technical Aspects, 1h, Learning outcomes:3
5.Computer threats, 1h, Learning outcomes:5
6.Risk analysis, 1h, Learning outcomes:4
7.Measures and standards of information security, 1h, Learning outcomes:6
8.Data security, 1h, Learning outcomes:7
9.Security of information systems, 1h, Learning outcomes:7
10.Abuse gadget, 1h, Learning outcomes:4
11.Unauthorized access, 1h, Learning outcomes:6
12.Hacking the computer system, 1h, Learning outcomes:3
13.Damage to computer data, 1h, Learning outcomes:5
14.Computer Counterfeiting, 1h, Learning outcomes:7
15.Computer fraud, 1h, Learning outcomes:6
| | Required materials | Basic: classroom, blackboard, chalk...
Special purpose laboratory
General purpose computer laboratory
Special purpose computer laboratory
Whiteboard with markers
Overhead projector
Portable overhead projector
Video equipment
Maquette
Tools
Operating supplies
Special equipment
UFED | | Exam literature | 1. K. Antoliš et all.: Sigurnost informacijskih sustava, ISBN 978-953-7390-92-1, nakladnik: Algebra d.o.o., Zagreb ožujak, 2016.
2. Dujella A., Maretić M.: Kriptografija, Element, Zagreb, 2007.
3. K. Antoliš et all.: Sigurnost računalnih mreža, ISBN 978-953-322-170-0, priručnik, nakladnik: Algebra d.o.o., Zagreb srpanj, 2014.
4.K. Antoliš et all.: Sigurnost elektroničkog poslovanja, ISBN 978-953-322-155-7, priručnik, nakladnik: Algebra d.o.o., Zagreb srpanj, 2013
5.K. Antoliš poglavlje u knjizi:“The Darknet as a Safe Haven for Violent Extremists“, str. 77.-87. U knjizi “ Violent Extremism and Radicalzation Procesesses as Driving Factors to Terrorism Threats“,CIP: 323.285(082), ISBN 978-961-94011-1-8, Institut for Corporative Security Studies, May 2018, Ljubljana, Slovenija,
6.K. Antoliš, P. Mišević, A. Miličević: „VULNERABILITIES OF NEW TECHNOLOGIES AND THE PROTECTION OF CNI“, Media, culture and public relations, ISSN 1333-6371, Vol. 6. No.1, INFO-84, 1, UDK: 004.521.39:004.7:001, Authors Review/ Pregledni rad, 6, 2015, Zagreb,
7.K. Antoliš: ICT & Identity Theft, Informatologija, 46, 2013., 4, 353-360, UDK:681.3:340:001, Authors Review/Pregledni rad, ISSN 1330-0067, Zagreb, Hrvatska.
| | Students obligations | • Seminar je obvezan i sastoji se od eseja, prezentacija i javnih obrana do 30 bodova
• Opcionalni bodovi za zalaganje 15 bodova | | Knowledge evaluation during semester | Dva kolokvija po 20 bodova
Ukoliko student ne položi kolokvije ima obvezu izlaska na pisani ispit. | | Knowledge evaluation after semester | • Grades:
0-49 - inadequate
50-61 - sufficient
62-74 - good
75-86 - very good
87-100 - excellent | | Student activities: | | Aktivnost | ECTS | | (Essay) | 1 | | (Oral exam) | 2 | | (Classes attendance) | 1 | | (Seminar Work) | 1 | | (Written exam) | 1 |
| | Remark | This course can be used for final thesis theme | | Proposal made by | Assoc. Prof. Krunoslav Antoliš,PHD, 8 June 2018 | |