052713 UE Network Security (2022S)

3.00 ECTS (1.00 SWS), SPL 5 - Informatik und Wirtschaftsinformatik

Continuous assessment of course work

Moodle

Registration/Deregistration

Note: The time of your registration within the registration period has no effect on the allocation of places (no first come, first served).

Registration is open from Mo 14.02.2022 09:00 to Th 24.02.2022 10:00
Deregistration possible until Mo 14.03.2022 23:59

Details

max. 25 participants

Language: English

Lecturers

Michael Pucher

Classes (iCal) - next class is marked with N

The listed dates do not correspond to the dates of the actual lectures. The actual lecture days are listed in Moodle. Lectures are held online, or hybrid if possible (i.e. in the seminar room with stream; first lectures are online-only).

    
    Tuesday
    01.03.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    08.03.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    15.03.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    22.03.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    29.03.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    05.04.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    26.04.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    03.05.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    10.05.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    17.05.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    24.05.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    31.05.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    14.06.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    21.06.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG
    
    Tuesday
    28.06.
    16:45 - 20:00
    Seminarraum 7, Währinger Straße 29 1.OG

Information

Aims, contents and method of the course

This course is an extension to the topics presented in the lecture Network Security VO. However, the topics of this course venture beyond what is presented in the VO and complement it with practical exercises across a broad range of security topics. Beyond network security, possible topics include basic Linux security, Web security basics, binary reverse engineering and simple binary exploitation.

The course is taught through a challenge-based approach, similar to the concept of Capture-the-Flag (CTF) competitions in information security. Challenges will be released throughout the semester, one at a time, which have to be solved within a timespan of 2-3 weeks. There will be an accompanying lecture for every challenge, introducing the basic concepts needed for getting started. The challenge descriptions and initial hints are deliberately kept to a minimum and students are expected to perform additional research to complete the challenges. In the case of getting stuck on a challenge, students can ask for help and/or additional hints. Additionally, a scoreboard tracks which students are the fastest to solve the challenges; this scoreboard is anonymized by default and does not influence grading in any way.

Having completed both VO and UE 'Network Technologies' is recommended and concepts presented in 'Operating Systems' can be helpful as well.

Assessment and permitted materials

Assessment is solely based on solving the provided challenges, there are no additional tests or final projects. There are going to be 5 challenges, all of which award the same amount of points, i.e. 20 points per challenge. Students are expected to hand in a short writeup on their thought process and how they solved the challenge. This writeup does not influence the amount of points and is used for determining plagiarism of challenge solutions; if there are reasonable suspicions of plagiarism, students might be asked to explain their solution in an interview.

Minimum requirements and assessment criteria

Attendance of lectures is recommended, but not mandatory. Grading is based on challenge points:

Grading:
>= 85: Very good (1)
84-75: Good (2)
74-63: Satisfactory (3)
62-50: Sufficient (4)
< 50: Not sufficient (5)

ECTS Breakdown:

14h - Lectures
61h - Challenges

Examination topics

Network Security
Linux Security
Web Security
Applied Cryptography
Binary Analysis/Reverse Engineering
Binary Exploitation

Reading list

No Starch Press offers a large variety of books on practical security topics: https://nostarch.com/catalog/security None of these are mandatory reading material for the course and are only listed here for interested students. Also, a sheer unlimited amount of information on practical security is freely available online: https://github.com/vitalysim/Awesome-Hacking-Resources

Association in the course directory

Module: SEC

Last modified: Su 27.02.2022 19:27