Selected Topics in IT-Security

CS 408 | English

Lecturer: Prof. Dr. Frederik Armknecht
Teaching Assistant: Christian Müller

The large-scale deployment of Internet-based services and the open nature of the Internet come alongside with the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.

These cyber-attacks often target the resources, availability, and operation of online services. In the recent years, a considerable number of online services such as Amazon, CNN, eBay, and Yahoo were hit by online attacks; the losses in revenues of Amazon and Yahoo were almost 1.1 million US dollars. With an increasing number of services relying on online resources, security becomes an essential component of every system.

This course aims to increase the security awareness of students and offers them a basic understanding with respect to a variety of interesting topics. After this course, students will be able to (1) learn about symmetric and asymmetric encryption schemes, (2) classify and describe vulnerabilities and protection mechanisms of popular network protocols, web protocols, and software systems (3) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.

Re-Sit Exam

  • Written, in-person 90-minute exam on Thursday, 2022–09-01, from 1300h to 1430h in room B1.44 in building A5.


  • Written, in-person 90-minute exam on Friday, 2022–06-10, from 1300h to 1430h in room B2.43 in building A5.

Lecture and Exercise

  • Thursdays: 1530h-1700h, room C0.13, in building A5 + ZOOM (please find the meeting details in Portal2)
  • Fridays: 1345h-1515h, room C0.13, in building A5

Lectures by Prof. Arkmnecht (cf. Lecture Roadmap) are offered as inverted lectures, i.e., videos are available on ILIAS for self-study and you may ask questions about or discuss the topic on thursdays.

The exercise sessions are offered on-site only and take place on fridays on an almost bi-weekly basis. The exact schedule will be updated continuously. Please note that you need a laptop (or a comparable computing device) for some of the exercises. The exercise scoreboard can be found here:


We have an ILIAS course where you will find all lecture materials, which you may find here:

Lecture Topics (tentative)

  • Security Goals
  • Crash Course in Cryptography
  • Access Control
  • Authentication
  • Social Engineering
  • E-Mail Security
  • System Vulnerabilities
  • Malware
  • Network Security
  • Web Security
  • Bitcoin
  • Privacy

Lecture Roadmap

Tentative Agenda (Last update on: 2022–06-02)

Feb. 17

1530h – 1700h

Intro to and organization of this lecture



Feb. 18------------

Feb. 24

1530h – 1700h




Feb. 25

1345h – 1515h

Exercise Session 01



Mar. 03

1530h – 1700h

Access ControlZoomArmknecht

Mar. 04

1345h – 1515hExercise Session 02On-siteMüller

Mar. 10

1530h – 1700h


Mar. 11


Mar. 17

1530h – 1700h

Social EngineeringZoomArmknecht

Mar. 18

1345h – 1515hExercise Session 03On-siteMüller

Mar. 24

1530h – 1700h

E-Mail SecurityZoomArmknecht

Mar. 25


Mar. 31

1530h – 1700h


Apr. 01

1345h – 1515hExercise Session 04On-siteMüller

Apr. 07

1530h – 1700h


Apr. 08


Apr. 14


/** Easter


Apr. 15


   * ...


Apr. 21


   * ...


Apr. 22


   * Break **/


Apr. 28

1530h – 1700h

WLAN SecurityHybridArmknecht

Apr. 29

1345h – 1515hExercise Session 05On-siteMüller

May 05

1530h – 1700h

Network SecurityHybridArmknecht

May 06


May 12

1530h – 1700h

Web SecurityHybridArmknecht

May 13

1345h – 1515hExercise Session 06On-siteMüller

May 19

1530h – 1700h


May 20

1345h – 1515hExercise Session 07On-siteMüller

May 26


// Public Holiday (Privacy)------

May 27

June 02

1530h – 1700h

Incidence ResponseOn-siteDr. Hamann
June 031345h – 1515hQ'n'AHybridArmknecht