Advanced Internet Security

Transcription

1 Advanced Internet Security (aka InetSec 2) Lecturers Adrian Dabrowski Markus Kammerstetter Georg Merzdoznik Stefan Riegler Challenge Gurus Felix Winter

2 Administrative Issues Mode Weekly lectures Regular programming assignments Written final exam (end of January) When and Where Thursday 12:00 am. 13:30/45 pm. (s.t.) FH HS 6 Lectures until January Slides and News (please visit regularly) inetsec@seclab.tuwien.ac.at TISS News are important

3 InetSec 1 and InetSec 2 InetSec 1 InetSec 2 Unix Security Windows Security Web Security Buffer Overflows Internet Application Security Cryptography Reverse Engineering Viruses and Worms Testing Hardware Security, Wireless

4 Who should do InetSec 2 People who would like become security gurus we usually take part in a Capture The Flag hacking contest against other universities. Hopefully again this year lots of fun: many top positions over the past years, we won the competition in 2006 & 2011, and then moved to the DEFCON CTF finals! People who are technically oriented you should be (somewhat) familiar with C and Linux, ASM helps Java-purists will have some catching up to do ;-) You should be interested in solving technical problems - even if it might cost you some time People who have time! You get the chance to solve challenges such as - writing a worm or trojan - reverse engineering applications -

5

6 Who should do InetSec 2

7 Your Roadmap to Enlightenment Challenges Solved Rating Script Kiddie Nobody+ Nobody++ Nobody Junior Nobody Senior Nobody Professional Apprentice Stackmaster InetSec1 Apprentice++ Apprentice Junior Apprentice Senior Apprentice Professional Stackmaster Expl0it Warlock Guru / Master Guru (CtF required) InetSec2

8 Assignments Lab 6 challenges, mostly following the lecture content lab starts with the lectures on the October 15th (i.e., challenge 1) registration open until October 15th you cannot turn in challenge solutions later enroll via TISS! Environment assignments should be mostly solved at home small test network, which is remotely accessible via ssh (Linux) accounts are created automatically with the registration check homepage for details

9 Lab Challenge topics (tentative) Unix vulnerabilities Remote buffer overflow Windows Security Program analysis and Patching ( Cracking ) Advanced stack buffer overflow Malware (Worm, Virus, something simple) Android

10 Grading How you get your grade over the whole semester, you can solve 6 lab assignments final exam at the end 50% needed for each to pass the course 5 challenges count full, 20% assigned to each (plus one extra for 10% bonus) see website for more info Final exam needs registration via TISS!! your are required to correctly solve 3 assignments to take the exam! do the math: 5 (challenges) * 20% + 10% bonus (exam points) = 110% max one challenge is optional Turning in challenge solutions through the lab environment hard deadlines (with sufficient time) automatic checking with immediate feedback no points for partially solved challenges!

11 What s more Capture the Flag (CTF) Exercise security exercise involving universities around the world teams have to hack into other machines while simultaneously defending their own systems probably rather time consuming but very rewarding and interesting (and there will be pizza ;-) ) more information under and lecture homepage Most likely date: Fri Dec 4th

12 More Stuff Praktika, Diploma theses We always need students who are motivated to work on security projects, a very incomplete list is on Please do not hesitate to write us your own proposals: inetsec@seclab.tuwien.ac.at

13

14 Praktika (HW Seclab) Binary and Firmware Analysis RFID Security Wireless Radio Security (we use the BladeRF SDR platform and GNURadio for this) Integrated Circuit Reverse Engineering and Security Analysis High Speed Cryptography on FPGA Clusters (we run our own FPGA cluster with 36x Spartan 6 LX150 FPGAs) Fault Injection and Side Channel Attacks (we have custom build hardware and software in addition to a modified ChipWhisperer) Payment System Security Critical Infrastructure and Smart Grid Security

15 Praktika (SBA) evaluation of ROP attack generators: potential and limitations evaluation of CFI systems: performance and precision Optimized ROP attack generation Software Diversity: Compile-time supported static binary rewriting CFI for interpreters Practical Information Flow for JavaScript (XSS)

16 Topics: Mobile Phone Networks Sniffing GSM/UMTS/LTE Fake Base Stations Tracking fake base stations Fingerprinting over the radio access network Privacy Invading Hotspot

17 Thesis's, Internships Secure Systems Lab has become international possibility for very good students to do internship projects abroad take from three months to half a year participate in our research projects if you are good (technically AND academically) then we like you Locations & cooperations besides Vienna Tokyo Santa Barbara Boston Bohum.

18 Conclusion Hope you are interested! Unix Security