Internet Security VU


184.216 Internet Security
Vorlesung mit Uebung (2.0)

Lecturers

Engin Kirda and Christopher Kruegel

For correspondence, send a mail to inetsec@infosys.tuwien.ac.at

Tutors

Manuel "The Pizzaman" Egele (InetSec 2 Master Guru)

News

  1. 14.10.2005 The exam on the 18th of October will take place in FH HS 1.
  2. 20.07.2005 There is an exam scheduled for the 18th of October. You need to register between 04.10.2005 and 14.10.2005 via TUWIS. The exact exam location will be announced on the web site (here) and posted on TUWIS after the registration period ends.
  3. 19.07.2005 The exam results for the exam on the 28th of June have been released.
  4. 18.07.2005 The exam results will be announced here this week.
  5. 02.07.2005 InetSec has ended. Respects to everyone who took part and invested time. Have nice summer holidays!
  6. 27.06.2005 The exam will take place in two lecture rooms tomorrow: FH HS 6 and Informatik HS (TREITL). Please make sure that you go to the correct lecture room. These students are in Inf HS. These students are in FS HS 6.
  7. 21.06.2005 Detailed information about the exam (and further exams in the next semester) has been posted as news in TUWIS. Please login to TUWIS and make sure that you read it.
  8. 09.06.2005 Challenge 6 is online.
  9. 02.06.2005 Challenge 5 is online.
  10. 30.05.2005 Because of the unexpected maintenance of the servers during the weekend, Challenge 5 will be announced on Thursday (instead of Tuesday as originally announced).
  11. 30.05.2005 The lab servers are online again. Please let us know if you experience any difficulties.
  12. 27.05.2005 The lab servers will be offline during the week end (until Monday morning) because of maintenance reasons. Because of this, the deadline of Challenge 4 has been extended for 2 days.
  13. 25.05.2005 Joe Pichlmayr, The CEO of Ikarus Software (the only Austrian anti-virus company) will give an invited talk about viruses in the lecture on 21.06.2005.
  14. 21.05.2005 The exam date is 28.06.2005, 14:00-16:00, Inf HS (or FH 6, depending on the number of registrations). You need to register for the exam. Registration will be possible after the 15th of June in TUWIS.
  15. 19.05.2005 Challenge 5 will be announced after the lecture on 31.05.
  16. 16.05.2005 The lab machines bandit and gangsta were briefly halted due to a "denial of service" kind of submission "attack". Please remember that our lab resources are limited and don't use the grading slaves as a debugger. That's lame. You can't solve a challenge by "brute force".
  17. 10.05.2005 Challenge 4 is online.
  18. 06.05.2005 Challenge 4 will be announced after the lecture on 10.05.
  19. 26.04.2005 Challenge 3 is online.
  20. 22.04.2005 Challenge 3 will be announced after the lecture on 26.04.
  21. 19.04.2005 Challenge 2 is online.
  22. 19.04.2005 Registration ends today after the lecture.
  23. 17.04.2005 Challenge 2 will be announced after the lecture on 19.04.
  24. 11.04.2005 Current ratings are online.
  25. 06.04.2005 Challenge 1 is online.
  26. 05.04.2005 The InetSec registration has started. You can register using this link. Registration ends on 19th of April.
  27. 05.04.2005 The InetSec Lab will start on the 6th of April.
  28. 15.03.2005 There were some requests so the slides will be made available on this web site one day before the lecture (best effort :-)) -- You should in any case see them here before the lecture.
  29. 01.03.2005 The lecture will begin on the 8th of March (Vorbesprechung). Information about the registration for the lab will be announced in the first lecture.
  30. 14.02.2005 The lecture times and the details of the course will be announced at the beginning of the semester (1st of March) on this web site.

Abstract

Internet security has become part of everyday life where security problems impact practical aspects of our lives. Even though there is a considerable corpus of knowledge about tools and techniques to protect networks, information about what are the actual vulnerabilities and how they are exploited is not generally available. This situation hampers the effectiveness of security research and practice. Understanding the details of network attacks is a prerequisite for the design and implementation of secure systems.

This course presents the principal protocols and applications that are used in the Internet today, discussing in detail the related vulnerabilities and how they are exploited. For each vulnerability, possible protection and detection techniques are examined. The course includes a number of practical lab assignments where participants are required to apply their knowledge as well as a discussion of the current research in the field. Students will learn how the security of networks can be violated and how such attacks can be detected and prevented.

The course aims to make the students "security aware" and gain a basic understanding about security issues. For students who are interested in advanced security topics and practical assignments, we offer the Internet Security 2 class in the winter semester.

Topics

  • TCP/IP security (spoofing, hijacking, sequence number guessing, denial-of-service attacks)
  • Web security (SQL injection, parameter injection, parameter tampering, etc.)
  • Network discovery/vulnerability scanning: techniques and tools (portscans, ping sweeps)
  • Distributed systems security
  • Firewalls and traffic filtering
  • Intrusion Detection Systems
  • Buffer Overflows
  • Operational Practices
  • Architectural Principles and Testing


Prerequisites

  • basic operating system knowledge (Linux/Unix, Windows)
  • interest for technical security issues
  • good programming knowledge (e.g., Java, Web scripting, HTML advantageous)
  • basic database knowledge (SQL)
  • basic network knowledge (TCP/IP, VO and UE Computer Networks is recommended, VO and UE Verteilte Systeme is a must!)

Location

FH HS 6

Dates and Times

Tuesdays, 14:00-15:00

Slides

Here are the slides of the lecture for download.

(You might find this document useful for understanding the TCP/IP part of the lecture.)

If you want to print more than one slide on a page, use the printer settings. Under Linux, you can start kghostview, for example, and click on the print properties. Then you can choose multiple "pages per sheet". Under Windows, there is a similar choice.

21.06.2005 Viruses and Worms, Invited Talk by Joe Pichlmayr, Ikarus Software (download slides)
14.06.2005 Operational Practices (download slides)
07.06.2005 Buffer Overflows (download slides)
31.05.2005 Testing (download slides)
24.05.2005 Cyptography/Cryptanalysis (download slides)
10.05.2005 Design and Architectural Principles (download slides)
03.05.2005 Internet Application Security (download slides)
26.04.2005 Web Security Part 2 (download slides)
19.04.2005 Web Security Part 1 (download slides)
12.04.2005 TCP/IP Attacks Part 2 (download slides)
05.04.2005 TCP/IP Attacks Part 1 (download slides)
15.03.2005 Security and Networking Basics (download slides)
08.03.2005 Introduction (Vorbesprechung) (download slides)

Practical Challenges (Assignments)

This year, the students will "need" to solve a set of practical challenges (assignments) in the lab part of the course. The practical part of the course aims to prepare the students for more advanced topics and programming done in the Internet Security 2 course.

For more information on the challenges and the grading, check this page.

Examination

Written exam (English). About 15 questions, 60 minutes time, no course material allowed.

Here are the results for the exam on 28.06.2005.

There is an exam scheduled for the 18th of October. You need to register between 04.10.2005 and 14.10.2005 via TUWIS. The exact exam location will be announced on the web site (here) and posted on TUWIS after the registration period ends.

If you do not do the exam until WS 2006, the challenge points you gained become invalid. There will be at least one written exam during the winter semester. In urgent cases, the exam can also be done orally. You need to contact us.

Further Reading

You might find these documents helpful for further reading and understanding of the course contents:

TCP/IP Introduction

Registration

Registration is over.
Last Modified: Fri Oct 14 06:11:40 CEST 2005


Distributed Systems Group, Technical University of Vienna, Argentinierstrasse 8 / 184-1, 1040 Vienna, Austria, www.infosys.tuwien.ac.at