Selected Topics in IT-Security
CS 408 | English
Lecturers: Prof. Dr. Frederik Armknecht, Dr. Ghassan Karame
Teaching Assistant: Christian Müller
The large-scale deployment of Internet-based services and the open nature of the Internet come alongside with the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.
These cyber-attacks often target the resources, availability, and operation of online services. In the recent years, a considerable number of online services such as Amazon, CNN, eBay, and Yahoo were hit by online attacks; the losses in revenues of Amazon and Yahoo were almost 1.1 million US dollars. With an increasing number of services relying on online resources, security becomes an essential component of every system.
This course aims to increase the security awareness of students and offers them a basic understanding with respect to a variety of interesting topics. After this course, students will be able to (1) learn about symmetric and asymmetric encryption schemes, (2) classify and describe vulnerabilities and protection mechanisms of popular network protocols, web protocols, and software systems (3) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.
Re-Sit Exam
- Written, in-person 90-minute exam on 2021-08-28, from tba to tba in room tba in building tba.
Exam
- Written, in-person 90-minute exam on 2021-06-24, from 0900h to 1030h in room A0.01 in building B6.
Lecture and Exercise
- Thursdays: 1530h-1700h, room: WIM-ZOOM-06 (you need to be logged into Portal2 before following this link)
- Thursdays: 1715h-1845h, room: WIM-ZOOM-06 (you need to be logged into Portal2 before following this link)
Lectures by Dr. Karame will be held as live sessions.
Lectures by Prof. Armknecht (cf. Lecture Roadmap) will be offered as inverted lectures, i.e., videos are available on ILIAS for self-study and you may ask questions about or discuss the topic on the indicated date. The exercise session starts shortly after the question/
ILIAS
We have an ILIAS course where you will find all lecture materials, which you may find here: https://ilias.uni-mannheim.de/goto.php?target=crs_1090575
Lecture Topics
- Bitcoin & Blockchain
- Password Security
- Biometric Authentication
- Symmetric and Asymmetric Crypto
- Side Channels
- TLS
- IPsec & VPN
- Tor
- WEP/
WPA/ WPA2 - System Security
- Spam & Social Engineering
- Mail Spoofing & Mail Encryption
- Web Security & SQL Injection & XSS
- Buffer Overflows & Meltdown/
Spectre - Malware & Trusted Computing
Lecture Roadmap
Please note: you have to have access to a laptop for the exercises!
The exercise scoreboard can be found here: https://itsec.informatik.uni-mannheim.de/
| Date | Time | Topics | Lecturer |
|---|---|---|---|
Mar. 04 | 1530h – 1845h | Intro To Crypto (*) | Karame |
Mar. 11 | 1530h – 1845h | Armknecht | |
Mar. 18 | 1530h – 1845h | Karame | |
Mar. 25 | 1530h – 1845h | Armknecht | |
Apr. 01 | --- | /** Easter | --- |
Apr. 08 | --- | * Holidays **/ | --- |
Apr. 15 | 1530h – 1845h | Karame | |
Apr. 22 | 1530h – 1845h | Spam & Phishing & Social Engineering & Mail Spoofing | Armknecht |
Apr. 29 | 1530h – 1845h | Karame | |
May 06 | 1530h – 1845h | Armknecht | |
May 13 | --- | // Public Holiday | --- |
May 20 | 1530h – 1845h | Karame | |
May 27 | 1530h – 1845h | Password-Based Security & Biometric Authentication | Armknecht |
Jun. 03 | --- | // Public Holiday | --- |
Jun. 10 | 1530h – 1845h | Bitcoin | Karame |
Jun. 17 | 1530h – 1845h | Buffer Overflow & Meltdown/ | Armknecht |
(*) For symmetric cryptography, you may also use a video by Prof. Arkmnecht as additional resource.