183.222 Advanced Internet Security
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2018W, VU, 2.0h, 3.0EC

Properties

  • Semester hours: 2.0
  • Credits: 3.0
  • Type: VU Lecture and Exercise

Aim of course

Advanced Internet Security serves as a continuation for the class Internet Security. The lecture deals with common errors and vulnerabilities as well as ways to detect and avoid them. Examples are used to highlight the general error classes and how they can be abused.

In order to teach the subject in the most authentic way, the lecture uses an "offensive approach": Security-related topics are viewed from an attacker's perspective and possible attack scenarios are shown. In practical challenges the students need to exploit previously discussed security vulnerabilities inside a controlled challenge-environment. This improves the students' understanding of the handled topics and helps them to prevent similar mistakes in own projects and allows them to actively take security measures when handling security relevant projects.

As an optional part of the class, students are able to participate in a hacking contest in which they can prove their knowledge of security and system management by competing as a team against other Teams spread around the globe.

Subject of course

The mentioned topics are tentative and can be adapted/focused based on student's interest and suggestions. 

  • Malware * Botnets, command&control mechanisms
  • Binary Analysis * Fuzzing * Instrumentation * Tainting * Symbolic Execution
  • Heap Attacks * Data-driven Attacks * Kernel Security
  • Meltdown/Spectre * Rowhammer * CPU Side-Channel Attacks
  • IoT Security * Embedded Systems and Firmware
  • Hardware Security * Hardware Analysis and Attacks
  • Wireless * Radio * RFID * EMV security
  • Applied Crypto * RSA * ECDSA
  • Mobile Security * Android security concepts
  • Windows Security

Additional information

ECTS Schlüssel (3 ECTS = 75 hours):

  • Lectures (18h)
  • Self-studies & Learning for Exams (18h)
  • Challenges (38h)
  • Exam (1h)

Lecturers

Institute

Course dates

DayTimeDateLocationDescription
Tue16:00 - 18:0002.10.2018EI 3 Sahulka HS - UIW Introduction lecture of multiple security related lectures
Wed18:00 - 20:0003.10.2018 - 23.01.2019EI 8 Pötzl HS - QUER Lectures
Wed18:00 - 20:0023.01.2019EI 2 Pichelmayer HS - ETIT Exam 2nd room
Advanced Internet Security - Single appointments
DayDateTimeLocationDescription
Tue02.10.201816:00 - 18:00EI 3 Sahulka HS - UIW Introduction lecture of multiple security related lectures
Wed03.10.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed10.10.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed17.10.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed24.10.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed31.10.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed07.11.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed14.11.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed21.11.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed28.11.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed05.12.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed12.12.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed19.12.201818:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed09.01.201918:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed16.01.201918:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed23.01.201918:00 - 20:00EI 8 Pötzl HS - QUER Lectures
Wed23.01.201918:00 - 20:00EI 2 Pichelmayer HS - ETIT Exam 2nd room

Examination modalities

Written. Details of the grading scheme can be found on the lecture homepage.

Course registration

Begin End Deregistration end
05.09.2018 00:00 10.10.2018 15:00 10.10.2018 15:00

Registration modalities

Accounts will be automatically generated according to your TISS registration.

Curricula

Study CodeObligationSemesterPrecon.Info
066 926 Business Informatics Mandatory elective
066 937 Software Engineering & Internet Computing Mandatory elective
710 FW Elective Courses - Electrical Engineering Not specified

Literature

The lecture slides contain all necessary information required to pass the exam. Further, they include links to extended literature and examples (e.g. available online).

Previous knowledge

Since the class will feature a number of programming exercises, students are required to have considerable programming experience. Basic knowledge of security relevant topics is expected (as taught in one of the preceding courses).

Preceding courses

Miscellaneous

Language

English