Introduction to Computer Security


10K students

General


SemesterWinter 2014/2015
LecturerProf. Dr. Konrad Rieck
AssistantChristian Wressnegger, Daniel Arp, Fabian Yamaguchi
Course typeLecture (UniVZ)
ModuleM.Inf.1127 (previously 1125)
ECTS (SWS)5 (3)
DateLecture: Tuesday, 10–12
Exercise: Wednesday, 14–16
Mailing list for discussion and exercises
LocationLecture: Informatik 0.101
Exercise: Informatik 1.101
StartLecture: 21.10.2014
Exercise: 22.10.2014
Audio recordingyes
AudienceApplied Computer Science MSc
Applied Computer Science BSc
ITIS MSc

Description


This course deals with principles of computer and network security. The course covers basic concepts of security and introduces common attacks and defenses. Topics of the course include basic cryptography, authentication and authorization, vulnerabilities and attacks, malicious software, and privacy aspects.

The course will partially cover topics of offensive security. Students must always follow an ethical and responsible conduct when learning about computer attacks.

Topics

  • Basic security concepts
  • Symmetric-key cryptography
  • Public-key cryptography
  • Authentication and access control

  • Network attacks and defenses
  • Vulnerabilities and exploits
  • Intrusion detection
  • Malicious software

Mailing List


There is a mailing list for the lecture. News and updates regarding the schedule are posted to this list. Furthermore, the list allows students to discuss topics of the lecture. You should register here. Note that an archive of the list is also available online and you can easily lookup postings you might have missed.

Preliminary Schedule

     Date Topic Slides Video Sheets
     21.10. 10h  Introduction
     28.10. 10h  Symmetric-Key Cryptography1
     04.11. 10h  Public-Key Cryptography (a)2
     11.11. 10h  Public-Key Cryptography (b)3
     18.11. 10h  Authentication and Access Control4
     25.11. 10h  — no lecture —4b
     02.12. 10h  Basic Network Security5
     09.12. 10h  Web Security6
     16.12. 10h  Vulnerabilities and Exploits7
     06.01. 10h  Malicious Software (Malware)8
     13.01. 10h  Intrusion and Malware Detection9
     20.01. 10h  Smartphone Security
     27.01. 10h  Wrap-Up and Outlook (Theses Topics)
     03.02. 10h  Written exam

    Exercises and Exam


    You need to solve 50% of the exercise sheets to take part in the written exam. Please follow our exercise guidelines.

    The exam will take place on the 03.02.2015 from 10.00–12.00. You need to register for the exam with FlexNow (or at your Examination Office). The exam will be in English. Please do not bring any additional material to the exam.

    Results

       SHA1 of matriculation number Grade Points
      896e7a6f02b09dc447fe5144c0bca6e4d5e7abef1.037.5
      44a30f0cd8f1bc13c47d74dee0cf229ce4a658ff1.037.5
      f752da5e114c7953d0595c586cec2c8eea25604d1.335.6
      af4559acbc6571be6acc1eec80955b81af964e651.335.1
      c75f11bd60b6b18436c5ed8c3f0f9cfbaabd525f1.335.0
      b7c72257e1aa799f696b20c95f764240774656b61.335.0
      166c2f59f14319365acd4eb011126773978731a31.733.9
      158276ac53c35f943a9228b8650855ec467c944f1.733.0
      05ed951c87338da5b6a31ad0ad054b6f3098028a1.731.8
      28cde449ac84c26cd75bdfe8d8da14b52ef972541.731.8
      bf5ecd33f2a87cf86dc9aa09412ddddecea556ef2.031.2
      5f02eef724313ea7244b26dc464bf9c5bd84be481.732.1
      a6c45b93b3ea6526547242e0b221f24baa1705502.030.7
      e717cc5555f1b48a7e9a07d8e6b4472c3edd80df2.030.1
      c5ee7ebc8cac88465ad65d91d9273da82e2cf0882.030.0
      e27e51c6725413734ce95126a557b8a7943e74aa2.328.9
      b66d8ba6622ffe40e026076fd6b7ee994989d7962.328.5
      6250c2e9fa8ccb952e75a38a77ec0a52976250a12.328.1
      70225bcdc035172e2b92b90ea00412019df96e972.328.0
      0fe35d67075ba4e05075dd413e08e48c0a02e48a2.327.8
      9965fa8c54ff62cc31c040e7017c0728c54147f02.327.3
      6c20a2d3440c1898f9e79f1408ccbe53e5ef78cc2.726.6
      cd0928169885a0f162649f16b94300971cec94422.726.4
      4e2edeb611135877d0ef646fc685d65a167e34342.726.9
      c3c52ad5cf085ea91d899ce390f46b95b64ff5462.725.1
      c53a27b03be8585365ee9ea70621b32f1415167a2.725.0
      5c0a52979cfa4fe7d6ffe6d5987652910fa0bf3c3.024.9
      2a030c82975240368df00b1f4b6800e5a4d1e1583.024.5
      3f5eeac935725e29fd1d1d7915f93305885607523.024.2
      990f659c10171efefab3bbaf609618c894d67fb63.023.3
      270a5f70e5d9ffef24bc67872c0ad1eb7c5ad85e3.023.0
      157cefe55e5dd75467ebeddd4cd234f65e4e3b1c3.022.8
      9a41f561b24ba1cf86ebbe34edf35c192913b3483.322.0
      df8d12fda8756ba3de9cb3b8960a0f37048aaa9a3.321.0
      12f95512181347d70a8ed87efe6e8bfaa7598a233.320.8
      7e7434f9b0ad3925c191c9d707ce7e0ddfa045ad3.320.7
      69359caf8f330290777854c370065816d07340f83.720.3
      39927268189270774bbcd917bf118ff3500e4ac83.719.5
      765c03c448d12217f89fd1b40e903f950ae2b19c4.017.0
      112ea3d4ef80148b28eb651304fe0677f10a5ffb5.015.5
      b2a8cdf8651048734de7ad63312cdfbde2adf5475.013.0
      0f69f67ae4b6e236b677f764e185d0e07d0bdfa25.012.8
      1b6448606b04a410ba4102b58e15ea8878dd939c5.05.5

      results


      IRC Channel


      All students of the course are encouraged to join the IRC channel #goesec on EFnet. The channel is used as a platform for discussing and chatting about computer security in a casual atmosphere.

      References

      • M. Bishop: Computer Security - Art and Science. Macmillian Publishing, 2002
      • D. Gollmann: Computer Security. Wiley & Sons, 2011
      • C. Eckert: IT-Sicherheit: Konzepte - Verfahren - Protokolle. Oldenbourg, 2006
      • B. Schneier: Applied Cryptography. Wiley & Sons, 1995
      • P. Szor: The Art of Computer Virus Research and Defense. Addison-Wesley, 2005