192.111 Attacks and Defenses in Computer Security
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2020W, UE, 4.0h, 6.0EC

Properties

  • Semester hours: 4.0
  • Credits: 6.0
  • Type: UE Exercise
  • Format: Distance Learning

Learning outcomes

After successful completion of the course, students are able to use and extend state of the art security tools and actively participate in international IT security competitions, also called Capture The Flag (CTF). In particular, students will acquire the necessary technical skills to tackle modern security challenges and develop the required software.

Subject of course

Security topics:

  • Binary exploitation
  • Reverse engineering
  • Web security
  • Cryptography
  • Network security
  • Forensics
  • Mobile security
  • Fuzzing
  • Security of virtualized environments

Teaching methods

Technical discussions on computer security problems and introduction to state of the art security tools. Participation to on-line international Capture The Flag security contests.

Mode of examination

Immanent

Additional information

The lecture is held in English.

ECTS Breakdown (6 ECTS = 150 hours):

  • On-line meetings and presentations (20 hours)
  • Individual project work (130 hours)

Lecturers

Institute

Course dates

DayTimeDateLocationDescription
Fri16:00 - 17:3023.10.2020 Zoom (LIVE)Introductory meeting
Tue17:00 - 19:0003.11.2020 Zoom (LIVE)Description of the projects
Tue17:00 - 19:0001.12.2020 Zoom (LIVE)Meeting and presentations
Tue17:00 - 19:0015.12.2020 Zoom (LIVE)Meeting and presentations
Tue17:00 - 19:0022.12.2020 Zoom (LIVE)Meeting and presentations

Examination modalities

Participation to on-line international Capture The Flag security contests and a short talk on a challenge taken from a competition. Assessment of a project focused on protecting or attacking computer systems. Projects will be agreed upfront between lecturers and students and will include the development of innovative security challenges, the creation of new tools or contributions to existing open-source projects to extend the original capabilities. Depending on the estimated effort of each project, students will be allowed to work in groups.

Course registration

Begin End Deregistration end
28.09.2020 00:00 31.10.2020 23:59 31.10.2020 23:59

Group Registration

GroupRegistration FromTo
Individual Talks (01.12.2020)09.11.2020 16:0017.12.2020 23:59
Individual Talks (15.12.2020)09.11.2020 16:0017.12.2020 23:59
Individual Talks (22.12.2020)16.11.2020 14:0020.12.2020 23:59
Service - binary/reversing01.11.2020 00:0012.11.2020 23:59
Service - cryptography01.11.2020 00:0012.11.2020 23:59
Service - exotic language/architecture01.11.2020 00:0012.11.2020 23:59
Service - web client-side security01.11.2020 00:0012.11.2020 23:59
Service - web server-side security01.11.2020 00:0012.11.2020 23:59
Tool - attack infrastructure01.11.2020 00:0012.11.2020 23:59
Tool - botnet01.11.2020 00:0012.11.2020 23:59
Tool - integrity checker/patch deployment01.11.2020 00:0012.11.2020 23:59
Tool - traffic analyzer01.11.2020 00:0012.11.2020 23:59

Curricula

Literature

No lecture notes are available.

Previous knowledge

Background on system and web security. Basic programming and scripting skills (python and unix shell usage are strongly recommended). Good familiarity with the Linux operating system. 

Preceding courses

Language

English