The large-scale deployment of Internet-based services and the open nature of the Internet come alongside with the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.
These cyber-attacks often target the resources, availability, and operation of online services. In the recent years, a considerable number of online services such as Amazon, CNN, eBay, and Yahoo were hit by online attacks; the losses in revenues of Amazon and Yahoo were almost 1.1 million US dollars. With an increasing number of services relying on online resources, security becomes an essential component of every system.
This course aims to increase the security awareness of students and offers them a basic understanding with respect to a variety of interesting topics. After this course, students will be able to (1) learn about symmetric and asymmetric encryption schemes, (2) classify and describe vulnerabilities and protection mechanisms of popular network protocols, web protocols, and software systems (3) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.
Due to the suspension of teaching operations at the university, we offer remote lectures. The live-stream is available at the regular days and times (as noted in the schedule) here:
We have an ILIAS course where you will find all lecture materials, which you may find here: https://ilias.uni-mannheim.de/goto.php?target=crs_958194
Please note: you have to bring your own laptop to the exercises!
The exercise scoreboard can be found here: https://itsec.informatik.uni-mannheim.de/
|Feb. 11||1530h - 1845h||Introduction to Cryptography||Karame|
|Feb. 18||1530h - 1700h||WEP/
|Feb. 18||1715h - 1845h||Exercise Session 01||Müller|
|Feb. 25||1530h - 1845h||Side Channels & Zero Knowledge||Karame|
|Mar. 03||1530h - 1700h||IPsec & Tor & VPN||Hamann|
|Mar. 03||1715h - 1845h||Exercise Session 02||Müller|
|Mar. 10||1530h - 1700h||Spam & Phishing & Social Engineering & Mail Spoofing 1||Hamann|
|Mar. 10||1715h - 1845h||Exercise Session 03||Müller|
|Mar. 17||1530h - 1845h||TLS||Karame|
|Mar. 23||1015h - 1145h||Exercise Session 04||Müller|
|Mar. 24||1530h - 1845h||SQL Injection & XSS||Karame|
|Mar. 31||---||Mail Spoofing 2 & Rights Management (Video)||Hamann/
|Mar. 31||---||--- moved to Mar. 23 ---||---|
|Apr. 07||---||/** Easter||---|
|Apr. 14||---||* Holidays **/||---|
|Apr. 21||1530h - 1845h||Malware & Botnet & Trusted Computing||Karame|
|Apr. 28||1530h - 1700h||Password-Based Security & Biometric Authentication||Hamann|
|Apr. 28||1715h - 1845h||Exercise Session 05||Müller|
|May 05||1530h - 1845h||Bitcoin||Karame|
|May 12||1530h - 1700h||Buffer Overflow & Meltdown/
|May 12||1715h - 1845h||Exercise Session 06||Müller|
|May 19||1530h - 1845h||Blockchain and other Altcoins||Karame|
|May 26||1530h - 1700h||Guest Lecture: TBA||N.N.|
|May 26||1715h - 1845h||Exercise Session 07 & Q'n'A||Hamann|
You need to achieve at least 40% of the exercise points of the first half of the semester, and 40% of the exercise points of the second half of the semester to be admitted to the exam. You can track your progress in the ITSec-Flag-System.