Hasso-Plattner-Institut
Dr. Jiska Classen
 

Summer 2024

iOS and Android Internals (Seminar, 3 ECTS, MSc)

On two weekends, you'll learn hands-on iOS and Android reverse engineering with various practical exercises. Only take this course if you're not afraid of command lines and like programming, because this is what you'll do here! After the two weekends, your task is to create CTF-style mobile security challenges for an even more hands-on experience. Grading is based on the challenges you create.

See course catalogue for further details.

 

Recent Topics in Cybersecurity (Lecture Series, 6 ECTS, BSc) & Advanced Recent Topics in Cybersecurity (Lecture Series, 6 ECTS, MSc)

In this lecture series, you'll learn about recent hot topics from cybersecurity experts. See course catalogue and Moodle for organizational details. This is a preliminary list of invited talks, which are part of the lecture series.

r00t cause analysis: the process of analyzing in-the-wild zero day iOS exploits

Ian Beer (@i41nbeer), Security Researcher at Google.

He finds bugs at Google.

Friday, April 19, 14:30-16:00, HS3

Modern Malware Analysis

Alexander Druffel, Senior Security Researcher at CrowdStrike.

Monday, April 22, 15:15-16:45, HS2

Telco Security - Bellheads vs. Netheads and the Evolution of a Critical Infrastructure

Jennifer Gabriel, Vodafone Group Service GmbH.

Monday, April 22, 17:00-18:30, HS2

Something Something Decompilers, ILs, AI and an industry retrospective

Jordan Wiens (@psifertex), Binary Ninja.

Jordan's a hacker. He's played a lot of CTF, made a lot of CTF, written a lot of exploits, worked in offsec and network defense and even worked as a reporter back when print magazines were a thing. Now he makes Binary Ninja and likes to commentate live CTF matches.

A grab-bag of topics, this talk will cover a summary of a wide variety of area of the information security ecosystem, trends over the two and a half decades Jordan's been working in it (spoiler, no, the latest trend will NOT remove all vulnerabilities), as well as technical details of building a decompiler, designing purpose-build ILs, and applying AI to modern program analysis. Also, probably some funny CTF stories if there's time!

Friday, May 3, 14:30-16:00, HS3

Bluetooth Trackers: Security, Privacy and Misuse

Alexander Heinrich, security researcher and PhD candidate at the Secure Mobile Networking Lab.

Friday, May 10, 14:30-16:00, HS3

Applied Fault Injection – Hacking Chips by Zapping Them

Thomas Roth (stacksmashing).

Monday, May 13, 13:30-15:00, HS2

Sweet QuaDreams or Nightmare Before Christmas? Dissecting an iOS 0-Day

Christine Fossaceca, Senior Mobile Security Researcher, Microsoft Corporation.

Monday, May 13, 15:15-16:45, HS2

Using Forensic Analysis to Discover the Latest NSO Pegasus Spyware Exploit

Matthias Frielingsdorf, iVerify.

Monday, May 27, 15:15-16:45 HS2

CPU Sidechannel Attacks

Alyssa Milburn, Intel.

Monday, June 3, 15:15-16:45, HS2

Auf sicheren Schienen: Pentesting bei der DB

DB InfraGo AG.

Monday, June 10, 15:15-16:45, HS2

Behind the Screens: Exploring Penetration Testing with Real-World Stories and Insights

Alexander Neumann, RedTeam Pentesting GmbH.

Alexander Neumann works at RedTeam Pentesting GmbH in Aachen and has 15 years of experience as a pentester.

Monday, June 17, 15:15-16:45, HS2

Firmware Rehosting – Or: how to efficiently fuzz embedded systems at scale

Marius Muench, Assistant Professor at the University of Birmingham.

Marius Muench is an assistant professor at the University of Birmingham. His main research area is computer security with a special focus on embedded systems, fuzzing, binary analysis, and cellular security.

Monday, July 1, 15:15-16:45, HS2