|
|
188.366 Internet Security
Vorlesung mit Uebung (3.0 ECTS)
This lecture is held in cooperation with the Information and Software Engineering Group (188/1)
Lecturers
Tutor
Bernhard "Perfect Prime" Miller (InetSec 2 Master Guru)
News
- 12.07.2011 The results are in! Einsichtnahme will be on Friday, 15.07.2011, Treitlstrasse 1/4th Floor, 11:00-12:00
- 22.06.2011 The Exam will be in EI 10, as announced. Start time 12:30 s.t.
- 26.05.2011 Challenge 6 is online. Challenge deadline is June 15th, 11:59am. Smash that stack!
- 18.05.2011 The date of the exam has been announced! It will be on June 22nd, 12:30-14:00, in EI 10.
- 12.05.2011 Challenge 5 is online. Challenge deadline is May 25th, 11:59am. Happy MITMing!
- 05.05.2011 Challenge 4 is online. Challenge deadline is May 11th, 11:59am. Happy injecting!
- 04.05.2011 Lectures are back in EI 1 again.
- 14.04.2011 Challenge 3 is online. Go socialize! Challenge deadline is May 4th, 11:59am.
- 07.04.2011 Challenge 2 is online. Welcome to the world of online banking!
- 28.03.2011 The next 3 Lectures will be held in EI10, Fritz Praschke (Gusshausstr. 25-29 - Stair 1, Ground Floor) to keep you breathing.
- 24.03.2011 Challenge 1 is now online. Have fun!
- 11.03.2011 TUWEL forum is OPEN. Register here with key 21600027
- 08.03.2011 Registration extended to 06.04.2011.
- 21.02.2011 Registration postponed. InetSec Homepage will be down on 22.02.2011 (Power maintenance). Registration will start on 23.02
- 09.02.2011 Weekly lecture will start on Wednesday, March 16th 2011, 12:30 (s.t.) in EI 1 Petritsch HS
- 09.02.2011 The preliminary meeting (Vorbesprechung) will be held on Wednesday, March 9th 2011, 12:30 (s.t.) in EI 1 Petritsch HS
- 09.02.2011 It's summer semester 2011, let's get rolling!!
Abstract
Internet security has become part of everyday life where
security problems impact practical aspects of our
lives. Even though there is a considerable corpus of knowledge about
tools and techniques to protect networks, information about what are
the
actual vulnerabilities and how they are exploited is not generally
available. This situation hampers the effectiveness of security
research and practice. Understanding the details of network attacks is
a prerequisite for the design and implementation of secure systems.
This course presents the principal protocols and applications
that are used in the Internet today, discussing in detail the related
vulnerabilities and how they are exploited. For each vulnerability,
possible protection and detection techniques are examined. The course
includes a number of practical lab assignments where participants are
required to
apply their knowledge as well as a discussion of the
current research in the field. Students will learn how the security of
networks can be violated and how such attacks can be detected and
prevented.
The course aims to make the students "security aware" and gain a basic
understanding about security issues. For students who are
interested in advanced security topics and practical assignments, we offer the
Advanced Internet Security class in the winter semester.
Topics
- TCP/IP security (spoofing, hijacking, sequence number
guessing, denial-of-service attacks)
- Web security (SQL injection, parameter injection,
parameter tampering, etc.)
- Network discovery/vulnerability scanning: techniques and
tools (portscans, ping sweeps)
- Distributed systems security
- Firewalls and traffic filtering
- Intrusion Detection Systems
- Buffer Overflows
- Operational Practices
- Architectural Principles and Testing
Prerequisites
- basic operating system knowledge (Linux/Unix, Windows)
- interest for technical security issues
- good programming knowledge (e.g., Java, Web scripting, HTML advantageous)
- basic database knowledge (SQL)
- basic network knowledge (TCP/IP, VO and UE Computer Networks is recommended, VO and UE
Verteilte Systeme is a must!)
Location
EI 1 Petritsch HS (Gusshausstr. 25 Second Floor)
Dates and Times
Weekly, Wednesday 12:30-14:00 s.t. (sine tempore, we start at 12:30, 90 minutes)
Preliminary meeting (Vorbesprechung): Wednesday, March 9rd 2011
Regular, weekly lecture: Wednesday, starting March 16th 2011
TUWEL
You can subscribe to the TUWEL course and discuss all related topics. The key is 21600027.
Slides will be available for download shortly before, or after the lecture
09.03.2011, Introduction slides
16.03.2011, Security and Networking Basics slides
23.03.2011, TCP/IP Security (1) slides
30.03.2011, TCP/IP Security (2) slides
06.04.2011, Web Security (1) slides
13.04.2011, Web Security (2) slides
04.05.2011, Internet Applications slides
11.05.2011, Introduction to Cryptography slides
18.05.2011, Buffer Overflows slides
25.05.2011 Languge Security (Java)
01.06.2011 Testing
08.06.2011 Social Networks Security
15.06.2010, no lecture!
22.06.2011, Exam (will take place in EI10)
Practical Challenges (Assignments)
This year, the students will "need" to solve a set of practical challenges
(assignments) in the lab part of the course. The practical part of the course aims to prepare the students for more
advanced topics and programming done in the Internet Security 2 course.
For more information on the challenges and the grading, check this page.
The currently open challenge is challenge 6.
Examination
Written exam (English) on 22.06.2011 in EI 10. Please register via TISS. About 15 questions, 75 minutes time, no course material allowed.
Registration Registration will start on 23.02.2011 and will continue until 06.04.2011.
Use this link to register for this course and get an account, once registration has started.
Last Modified: Tue Aug 23 12:45:28 CEST 2011
|
|
|
