Course - Cyber Intelligence - IMT4214
IMT4214 - Cyber Intelligence
About
Lessons are not given in the academic year 2016/2017
Course content
The intelligence lifecycle (general methodology)
Planning - building a collection plan
Collecting
Processing
Produce
Disseminate
Cyber Intelligence (specific methodology)
Open Source Intelligence
Information sharing (tools, procedures, trust, TAXII/STIXS)
Threat actors (APT, Attribution, diamond model)
Situation Awareness (RCP, products¿)
Cyber SA (Threat awareness, mission awareness, network awareness)
(Cyber Threat landscape)
Learning outcome
Knowledge:
The candidate possesses knowledge of the intelligence lifecycle
The candidate possesses thorough knowledge of cyber intelligence
The candidate possesses through knowledge the following steps: planning, collecting, processing, production and dissemination, related to cyber Intelligence.
The candidate possess thorough knowledge on how to build Cyber Situation Awareness
The candidate possess knowledge of treath actors, in particular APT
The candidate possess thorough knowledge of attribution and campagne analysis, related to cyber domain
Skills:
The candidate is capable of applying malware analysis methodology and technology
The candidate is capable of applying advanced static malware analysis
The candidate is capable of applying advanced dynamic malware analysis
The candidate is able to disassemble binaries and analyzing assembly code
The candidate is able to identify basic and some advanced malware functionality
The candidate is able to identify known anti-reverse engineering techniques
General competence:
The candidate is capable of analyzing relevant professional and research problems in malware analysis
The candidate is capable of applying their knowledge and skills in new fields, in order to accomplish advanced task and projects in malware analysis
The candidate is capable of working independently as a malware analyst and is familiar with terminology.
The candidate is capable of discussing professional problems, analysis and conclusions in the field of malware analysis, both with professionals and with general audience
The candidate has the learning skills to continue acquiring new knowledge and skills in a largely self-directed manner
The candidate is capable of contributing to innovation and innovation processes
Learning methods and activities
Forelesninger|Lab.øvelser|Nettstøttet læring|Obligatoriske oppgaver|Prosjektarbeid
Utfyllende informasjon:
The course will be made accessible for both campus and remote students. Students are free to choose the pedagogic arrangement that is best fitted for their own requirement. The lectures in the course will be given on campus and are recorded.
Obligatoriske arbeidskrav:
Announced in fall 2017.
Further on evaluation
Utfyllende om kontinuasjon:
For the final, written exam: Ordinary re-sit exam in August.
Vurderingsformer:
An overall evaluation based on 100 point scale, where project work counts 40 points, oral presentation counts 20 points, and final, written exam (3 hours) counts 40 points. Conversion from 100 point scale to A-F scale according to recommended conversion table.In specificcircumstances, the course responsible can slightly adjust the limits in the conversion table to enforce compatibility with the qualitative descriptions on the A-F scale.
Specific conditions
Admission to a programme of study is required:
Information Security (MISEB)
Course materials
Books/standards, conference/journal papers and web resources, to be decided
Credit reductions
Course code | Reduction | From | To |
---|---|---|---|
IMT3761 | 2.5 |
No
Version: 1
Credits:
7.5 SP
Study level: Second degree level
No
Language of instruction: English
-
- Information Security
Department with academic responsibility
Department of Information Security and Communication Technology
Examination
- * The location (room) for a written examination is published 3 days before examination date. If more than one room is listed, you will find your room at Studentweb.
For more information regarding registration for examination and examination procedures, see "Innsida - Exams"