Security Group TU/e

User Tools

Site Tools

Trace:
lab

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
lab [2020/04/20 14:10] ggankhuyaglab [2020/04/20 14:22] ggankhuyag
Line 11: Line 11:
   * In 2IMS20 (Cyberattacks, Crime and Defences course), students, as analysts, are assigned to detect and analyze suspicious events or attacks from the network traffic by reconstructing the evidence.  The attacks were prepared in advance of the class. During the class, we inject the attacks to the monitored infrastructure of the SOC. This raises alerts along with other normal network traffic events. Students must reconstruct potential attacks by finding attack events from alerts. Furthermore, associated information of the attacks, such as victim and attacker IP addresses, has to be discovered by the students.    * In 2IMS20 (Cyberattacks, Crime and Defences course), students, as analysts, are assigned to detect and analyze suspicious events or attacks from the network traffic by reconstructing the evidence.  The attacks were prepared in advance of the class. During the class, we inject the attacks to the monitored infrastructure of the SOC. This raises alerts along with other normal network traffic events. Students must reconstruct potential attacks by finding attack events from alerts. Furthermore, associated information of the attacks, such as victim and attacker IP addresses, has to be discovered by the students. 
  
-{{ :labs:soc-overview.png?nolink&500 |}}+{{ :labs:student_doing_experiment_with_soc_-_2.jpg}} {{ :labs:student_doing_experiment_with_soc_-_1.jpg}} 
  
   * Pen-testing   * Pen-testing
lab.txt · Last modified: 2023/06/01 16:56 by ggankhuyag