Internet Security VU

Homepage
People
Research
Teaching
About
Blog
Twitter
Abstract
Topics
Prerequisites
Location
Dates and Times
Slides
Challenges
Hall of Ultra Fame
Ratings
Standings
Environment
Examination
InetSec 2
History

188.366 Internet Security
Vorlesung mit Uebung (3.0 ECTS)

This lecture is held in cooperation with the Information and Software Engineering Group (188/1) for the following Curricula:

  • 033 526 Business Informatics
  • 033 532 Media informatics and Visual Computing
  • 033 533 Medical Informatics
  • 033 534 Software & Information Engineering
  • 066 933 Information & Knowledge Management

    • Lecturers

    Tutor

    Bernhard "Perfect Prime" Miller (InetSec 2 Master Guru) and
    Eduard "Crash Dragon" Thamm

    News

    1. 03.05.2012 Challenge 4 is now online. Challenge deadline is May 17th, 10:59am. Go social!
    2. 19.04.2012 Challenge 3 is now online. Challenge deadline is May 3rd, 10:59am. Enjoy!
    3. 29.03.2012 Challenge 2 is now online. Challenge deadline is April 19th, 10:59am. Happy injecting!
    4. 22.03.2012 Challenge 1 is now online. Challenge deadline is March 29th, 9:59am. Your account credentials will also work for the login to the challenge description. Have fun!
    5. 21.02.2012 Summer semester 2012 is about to start. Stay tuned for more information. Preliminary meeting date: Thursday 08.03.2012, FH HS 6, 12:00

    Abstract

    Internet security has become part of everyday life where security problems impact practical aspects of our lives. Even though there is a considerable corpus of knowledge about tools and techniques to protect networks, information about what are the actual vulnerabilities and how they are exploited is not generally available. This situation hampers the effectiveness of security research and practice. Understanding the details of network attacks is a prerequisite for the design and implementation of secure systems.

    This course presents the principal protocols and applications that are used in the Internet today, discussing in detail the related vulnerabilities and how they are exploited. For each vulnerability, possible protection and detection techniques are examined. The course includes a number of practical lab assignments where participants are required to apply their knowledge as well as a discussion of the current research in the field. Students will learn how the security of networks can be violated and how such attacks can be detected and prevented.

    The course aims to make the students "security aware" and gain a basic understanding about security issues. For students who are interested in advanced security topics and practical assignments, we offer the Advanced Internet Security class in the winter semester.

    Topics

    • TCP/IP security (spoofing, hijacking, sequence number guessing, denial-of-service attacks)
    • Web security (SQL injection, parameter injection, parameter tampering, etc.)
    • Network discovery/vulnerability scanning: techniques and tools (portscans, ping sweeps)
    • Distributed systems security
    • Firewalls and traffic filtering
    • Intrusion Detection Systems
    • Buffer Overflows
    • Operational Practices
    • Architectural Principles and Testing

    Prerequisites

    • basic operating system knowledge (Linux/Unix, Windows)
    • interest for technical security issues
    • good programming knowledge (e.g., Java, Web scripting, HTML advantageous)
    • basic database knowledge (SQL)
    • basic network knowledge (TCP/IP, VO and UE Computer Networks is recommended, VO and UE Verteilte Systeme is a must!)

    Location

    FH HS 6

    Dates and Times

    Weekly, Thursday 12:00-13:45 c.t.

    Preliminary meeting (Vorbesprechung): Thursday, March 8th 2012
    Regular, weekly lecture: Thursdays, starting March 15th 2012

    Slides will be available for download shortly before, or after the lecture

    08.03.2012, Introduction
    15.03.2012, TCP/IP Security basics
    29.03.2012, Web Security (1)
    19.04.2012, Advanced TCP/IP Security
    26.04.2012, Web Security (2)
    03.05.2012, Buffer Overflows
    10.05.2012 Languge Security (Java)
    24.05.2012, Internet Applications
    31.05.2012, Introduction to Cryptography
    14.06.2012 Testing
    21.06.2012 Social Networks Security (starts at 12:00 sharp!)
    28.06.2012, Exam (60 minutes, starts at 12:00 sharp!)

    Practical Challenges (Assignments)

    Students will "need" to solve a set of practical challenges (assignments) in the lab part of the course. The practical part of the course aims to prepare the students for more advanced topics and programming done in the Internet Security 2 course.

    For more information on the challenges and the grading, check this page.

    The currently open challenge is challenge 4.

    Examination

    Exam Dates will be announced here and on TISS.

    Registration

    Registration is closed. Enjoy InetSec! .
    Last Modified: Wed May 16 18:00:35 CEST 2012


International Secure Systems Lab www.iseclab.org