Advanced Internet Security

Similar documents
Organizational Details Summer 2015

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

EECS 354 Network Security. Introduction

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CRYPTUS DIPLOMA IN IT SECURITY

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

CEH Version8 Course Outline

Modern Binary Exploitation Course Syllabus

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

[CEH]: Ethical Hacking and Countermeasures

Computer Security (EDA263 / DIT 641)

FORBIDDEN - Ethical Hacking Workshop Duration

CS Ethical Hacking Spring 2016

Certified Ethical Hacker (CEH)

CIS 4204 Ethical Hacking Fall, 2014

Loophole+ with Ethical Hacking and Penetration Testing

Advanced Systems Security

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Course mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

Unix Security Technologies. Pete Markowsky <peterm[at] ccs.neu.edu>

TEACHING COMPUTER SECURITY TO UNDERGRADUATES A Hands-On Approach

MSc Computer Security & Resilience Steve Riddle Degree Programme Director

Computer Security SEGC-00 - Overview

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Certified Ethical Hacker Exam Version Comparison. Version Comparison

SONDRA SCHNEIDER JOHN NUNES

CS 458 / 658 Computer Security and Privacy. Course mechanics. Course website. Module 1 Introduction to Computer Security and Privacy.

EC Council Certified Ethical Hacker V8

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Firewall and UTM Solutions Guide

Computer Security (EDA263 / DIT 641)

Please consult the Department of Engineering about the Computer Engineering Emphasis.

Network Attacks. Common Network Attacks and Exploits

Certified Cyber Security Analyst VS-1160

Course Title: Course Description: Course Key Objective: Fee & Duration:

EC-Council C E. Hacking Technology. v8 Certified Ethical Hacker

A Dozen Years of Shellphish From DEFCON to the Cyber Grand Challenge

EC-Council. Certified Ethical Hacker. Program Brochure

FIT College Online. User guide. Step 6: Navigation (step by step) guide to learning topics

CENTRAL TEXAS COLLEGE ITSY 2401 FIREWALLS AND NETWORK SECURITY. Semester Hours Credit: 4 INSTRUCTOR: OFFICE HOURS:

CYBERTRON NETWORK SOLUTIONS

CSE331: Introduction to Networks and Security. Lecture 32 Fall 2004

EC-Council Ethical Hacking and Countermeasures

e-code Academy Information Security Diploma Training Discerption

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

RMAR Technologies Pvt. Ltd.

CS 450/650 Fundamentals of Integrated Computer Security

MIS W: Mobile Business

UVic Department of Electrical and Computer Engineering

Vulnerability and Threat Management and Prevention

Cyber Exercises, Small and Large

Oakland Community College MAT A1503 Calculus I Fall Semester, Instructor Jeremy JJ Mertz Office C-245

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

CS 203 / NetSys 240. Network Security

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

CSUS COLLEGE OF ENGINEERING AND COMPUTER SCIENCE Department of Computer Science (RVR 3018; /6834)

FFRI, Inc.

Malware: Malicious Code

KEVIN CARDWELL. Q/SA (Qualified Security Analyst) Penetration Tester. & Optional Q/PTL (Qualified Penetration Licence) Workshop

CS 340 Cyber Security Weisberg Division of Computer Science College of Information Technology & Engineering Marshall University

Ethical Hacking Course Layout

COURSE OUTLINE Survey of Operating Systems

How To Complete Math 1314 Online

Penetration Testing with Kali Linux

New-Age Master s Programme

Why Security Matters. Why Security Matters. 00 Overview 03 Sept CSCD27 Computer and Network Security. CSCD27 Computer and Network Security 1

1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications

Course Content: Session 1. Ethics & Hacking

Mobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Becoming a University Preparation Student at TRU. Online Tutorial Academic Advising

Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS

MIS W: Mobile Business

CSci 530 Midterm Exam. Fall 2012

Cyber Security, Cyber Crimes and Cyber Laws

Detailed Description about course module wise:

CS 464/564 Networked Systems Security SYLLABUS

Software security specification and verification

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

COURSE CATALOG. BS Networking and System Administration

Twelfth Grade Student Intervention and Support Courses AP Courses: AP Independent Study: Concurrent Enrollment Courses GTI Career Courses

Advanced ANDROID & ios Hands-on Exploitation

Transcription:

Advanced Internet Security (aka InetSec 2) 183.222 Lecturers Adrian Dabrowski Markus Kammerstetter Georg Merzdoznik Stefan Riegler Challenge Gurus Felix Winter

Administrative Issues Mode Weekly lectures Regular programming assignments Written final exam (end of January) When and Where Thursday 12:00 am. 13:30/45 pm. (s.t.) FH HS 6 Lectures until January Slides and News (please visit regularly) https://secenv.seclab.tuwien.ac.at/ Email: inetsec@seclab.tuwien.ac.at TISS News are important

InetSec 1 and InetSec 2 InetSec 1 InetSec 2 Unix Security Windows Security Web Security Buffer Overflows Internet Application Security Cryptography Reverse Engineering Viruses and Worms Testing Hardware Security, Wireless

Who should do InetSec 2 People who would like become security gurus we usually take part in a Capture The Flag hacking contest against other universities. Hopefully again this year lots of fun: many top positions over the past years, we won the competition in 2006 & 2011, and then moved to the DEFCON CTF finals! People who are technically oriented you should be (somewhat) familiar with C and Linux, ASM helps Java-purists will have some catching up to do ;-) You should be interested in solving technical problems - even if it might cost you some time People who have time! You get the chance to solve challenges such as - writing a worm or trojan - reverse engineering applications -

Who should do InetSec 2

Your Roadmap to Enlightenment Challenges Solved Rating 0 1 2 3 4 5 6 7 8 9 10 11 12 13 Script Kiddie Nobody+ Nobody++ Nobody Junior Nobody Senior Nobody Professional Apprentice Stackmaster InetSec1 Apprentice++ Apprentice Junior Apprentice Senior Apprentice Professional Stackmaster Expl0it Warlock Guru / Master Guru (CtF required) InetSec2

Assignments Lab 6 challenges, mostly following the lecture content lab starts with the lectures on the October 15th (i.e., challenge 1) registration open until October 15th you cannot turn in challenge solutions later enroll via TISS! Environment assignments should be mostly solved at home small test network, which is remotely accessible via ssh (Linux) accounts are created automatically with the registration check homepage for details

Lab Challenge topics (tentative) Unix vulnerabilities Remote buffer overflow Windows Security Program analysis and Patching ( Cracking ) Advanced stack buffer overflow Malware (Worm, Virus, something simple) Android

Grading How you get your grade over the whole semester, you can solve 6 lab assignments final exam at the end 50% needed for each to pass the course 5 challenges count full, 20% assigned to each (plus one extra for 10% bonus) see website for more info Final exam needs registration via TISS!! your are required to correctly solve 3 assignments to take the exam! do the math: 5 (challenges) * 20% + 10% bonus (exam points) = 110% max one challenge is optional Turning in challenge solutions through the lab environment hard deadlines (with sufficient time) automatic checking with immediate feedback no points for partially solved challenges!

What s more Capture the Flag (CTF) Exercise security exercise involving universities around the world teams have to hack into other machines while simultaneously defending their own systems probably rather time consuming but very rewarding and interesting (and there will be pizza ;-) ) more information under http://ictf.cs.ucsb.edu/ and lecture homepage Most likely date: Fri Dec 4th

More Stuff Praktika, Diploma theses We always need students who are motivated to work on security projects, a very incomplete list is on http://www.seclab.tuwien.ac.at/praktikaandtheses.html https://www.sba-research.org/research/teaching/ Please do not hesitate to write us your own proposals: inetsec@seclab.tuwien.ac.at

Praktika (HW Seclab) Binary and Firmware Analysis RFID Security Wireless Radio Security (we use the BladeRF SDR platform and GNURadio for this) Integrated Circuit Reverse Engineering and Security Analysis High Speed Cryptography on FPGA Clusters (we run our own FPGA cluster with 36x Spartan 6 LX150 FPGAs) Fault Injection and Side Channel Attacks (we have custom build hardware and software in addition to a modified ChipWhisperer) Payment System Security Critical Infrastructure and Smart Grid Security

Praktika (SBA) evaluation of ROP attack generators: potential and limitations evaluation of CFI systems: performance and precision Optimized ROP attack generation Software Diversity: Compile-time supported static binary rewriting CFI for interpreters Practical Information Flow for JavaScript (XSS)

Topics: Mobile Phone Networks Sniffing GSM/UMTS/LTE Fake Base Stations Tracking fake base stations Fingerprinting over the radio access network Privacy Invading Hotspot

Thesis's, Internships Secure Systems Lab has become international possibility for very good students to do internship projects abroad take from three months to half a year participate in our research projects if you are good (technically AND academically) then we like you Locations & cooperations besides Vienna Tokyo Santa Barbara Boston Bohum.

Conclusion Hope you are interested! Unix Security

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information