Selected Topics in IT-Security

Takes place in FSS2019

 

Lecturers: Prof. Dr. Frederik Armknecht, Dr. Ghassan Karame

Teaching Assistant:  Christian Müller

The large-scale deployment of Internet-based services and the open nature of the Internet come alongside with the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.

These cyber-attacks often target the resources, availability, and operation of online services. In the recent years, a considerable number of online services such as Amazon, CNN, eBay, and Yahoo were hit by online attacks; the losses in revenues of Amazon and Yahoo were almost 1.1 million US dollars. With an increasing number of services relying on online resources, security becomes an essential component of every system.

This course aims to increase the security awareness of students and offers them a basic understanding with respect to a variety of interesting topics. After this course, students will be able to (1) learn about symmetric and asymmetric encryption schemes, (2) classify and describe vulnerabilities and protection mechanisms of popular network protocols, web protocols, and software systems (3) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.

  • Schedule and Material

    Lecture and Exercise

    • Tuesdays: 15:30-17:00h, room: A1.01 in B6 23-25
    • Tuesdays: 17:15-18:45h, room: A1.01 in B6 23-25

    ILIAS

    We have an ILIAS course where you will find all lecture materials, which you may find here: https://ilias.uni-mannheim.de/goto.php?target=crs_862549

     

     

  • Lecture Topics

    • Bitcoin & Blockchain
    • Password Security
    • Biometric Authentication
    • Symmetric and Asymmetric Crypto
    • Side Channels
    • TLS
    • IPSEC & VPN
    • TOR
    • WEP / WPA / WPA2
    • System Security
    • Spam & Social Engineering
    • Mail Spoofing & Mail Encryption
    • Web Security & SQL Injection & XSS
    • Buffer Overflows & Meltdown/Spectre
    • Malware & Trusted Computing
  • Lecture Roadmap

    Please note: you have to bring your own laptop to the exercises!

    The exercise scoreboard can be found here: https://itsec.informatik.uni-mannheim.de/

    Tentative Agenda (Last update on: 27.05.2019)
    Date Time Topics Lecturer
    Feb. 12 15:30 - 18:45 Symmetric Cryptography Armknecht
    Feb. 19 15:30 - 17:00 WEP/WPA/WPA2 Security Armknecht
    Feb. 19 17:15 - 18:45 Exercise Session 01 Müller
    Feb. 26 15:30 - 18:45 Asymmetric Cryptography & Side Channels Karame
    Mar. 05 15:30 - 17:00 IPsec & Tor & VPN Armknecht
    Mar. 05 17:15 - 18:45 Exercise Session 02 Müller
    Mar. 12 15:30 - 18:45 Spam&Phishing&Social Engineering&Mail Spoofing + Rights Management Armknecht
    Mar. 19 15:30 - 17:00 TLS Karame
    Mar. 19 17:15 - 18:45 Exercise Session 03 Müller
    Mar. 26 15:30 - 17:00 Password-based Security & Biometric Authentication Armknecht
    Apr. 02 15:30 - 18:45 Web Security & SQL Injection & XSS Karame
    Apr. 09 12:00 - 13:30 Exercise Session 04 [Room B1.44 in building A5] Müller
    Apr. 09 15:30 - 18:45 Malware & Botnet & Trusted Computing Karame
    Apr. 16 --- /**  Easter ---
    Apr. 23 ---    *  Holidays  **/ ---
    Apr. 30 15:30 - 17:00 Exercise Session 05 Müller
    May 07 15:30 - 18:45 Bitcoin Karame
    May 14 15:30 - 17:00 Buffer Overflow & Meltdown/Spectre Armknecht
    May 14 17:15 - 18:45 Exercise Session 06 Müller
    May 21 15:30 - 17:00 Blockchain and other Altcoins Karame
    May 28 15:30 - 17:00 Information Security Management Obligations & Risk Management Practice R. Kopp
    May 28 17:15 - 18:45 Exercise Session 07 + Q&A Müller/Armknecht
  • Exam Admission and Requirements

    You need to achieve at least 40% of the exercise points of the first half of the semester, and 40% of the exercise points of the second half of the semester to participate in the exam. You can track your progress in the ITSec-Flag-System. You will receive an exercise points notification via email on TBD and TBD, respectively.

  • Exam

    • First date: 2019-06-13, 1300h-1430h, A5 B2.43
    • Second date: 2019-08-30, 1345h-1515h, A5-6 C.012 (The date and room were changed!)