Hasso-Plattner-Institut25 Jahre HPI
Hasso-Plattner-Institut25 Jahre HPI
 

Privacy and Security in IPv6 (Wintersemester 2013/2014)

Lecturer: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme)

General Information

  • Weekly Hours: 4
  • Credits: 6
  • Graded: yes
  • Enrolment Deadline: 1.10.2013 - 31.10.2013
  • Teaching Form: SP
  • Enrolment Type: Compulsory Elective Module

Programs, Module Groups & Modules

IT-Systems Engineering BA
IT-Systems Engineering MA
  • IT-Systems Engineering A
  • IT-Systems Engineering B
  • IT-Systems Engineering C
  • IT-Systems Engineering D

Description

Last Update: 22/10/2013

Privacy and security are two important entities in any networks and have a close relationship. Privacy is the ability of the users to choose what data they want to share with others and what data they want to keep from others. Security, on the other hand, is the act of making these data confidential or preventing unauthorized access to these data.

Unfortunately the wide use of the Internet and other online storage over the Internet to improve information availability decreases the privacy of the user's, governments' and businesses' information. This is because, it might be easier for an attacker to attack these storage in order to harm user's privacy and security.

Important: Our intent is not to teach you how to attack systems but how to protect systems from attacks!

The purpose of this seminar is to teach students how to protect their privacy and security. The students are asked to integrate their findings and results to our IPv6SSL to improve this system. The purpose of IPv6SSL is to play a role of basic security and privacy consulting system and enhance users with a means to protect their privacy and security or helping them to be aware of the privacy and security issues in the network they are using.

Note: Our focus is on all available services in the network that uses an IP address. It can be either application layer or network layer services.

 

This seminar divided into three phases. Paper review and mid term and final presentation, report and implementation. For more information please attend to the introductory session of this seminar.

Requirements

A few requirements are as follow. The detailed list will be explained at the introductory session:
● Good knowledge of C++ or Python in a mostly Linux environment
● You should have general information about network and network security

Examination

The evaluation and final grade is based on the quality of the report, the presentation and the implementations and the sum of your total activities

 

-       Implementations                                      40%

-       Presentations                                          25%

-    Paper review                                           5%
and individual presentation (paper review)

-       Reports                                                   30%

 

Seminar Topics
(Where you can find the topic in more detail:
\\fs23\Seminar_PrivacyandSecurityInIPv6_WS2013)

New topic: Security and privacy in Big data over IPv6 networks

Application layer attacks (in both wireless and wired networks)

  • Attacks against DNS protocol using fuzzing approaches (In particular grammar based fuzzing using Peach Fuzzer framework)
  • Attacks against Web protocols (Here you can use different mechanisms, the purpose is gather user's information)

Network layer attacks (in  both wireless and wired networks)

  •  Attacks against IPv6 extended headers
  • Extended routing headers (spoofing, bypassing firewalls using spoofed headers, etc)
  • Routing protocols (BGP, OSPF, RIP, etc)
  • TCP sessions and temporary addresses
  • Brute force attacks against cryptographic hashes
  • Attacks against double stack networks (both IPv4 and IPv6)
  • Attacks against VoIP networks
  • A topic proposed by you
  • ....

Both application layer and network layer attacks

  • Reconnaissance nodes in IPv6 networks and attacks against user's information
  • Reconnaissance nodes in double stack networks and attacks against user's information
  • ...

What do you need to do if you would like to attend this seminar?

  1. Select your team member(s)
  2. Select a topic
  3. Choose a paper related to this topic
  4. Think about this topic
  5. Send me an email, include your name, your team member(CC his email(s)), your selected topic and one short paragraph about what do you think about this topic, what do you expect to learn ...
  6. Send me an email, include your name and the title of your selected paper. (This is an individual task. Each students needs to review a paper for this seminar and present it.)
    Note:
    If you do not know what topic you want to choose, but you want to attend the seminar and you have chosen your team member(s) then just send me an email stating this and i will get back to you.

    if you do know what topic you want to choose but you do not have any team members, send me an email expressing your idea about your selected topic and I will check to see whether or not any other students chose this topic and then merge you into the same team.


  7. I will send you a confirmation message
  8. Officially register with Frau Pamperin for the seminar

Guidelines to select a topic

  • Ask yourself these questions
  1. What protocol do I want to evaluate? IPv6, DNS, IPsec, VoIP etc.
  2. What attacks do I want to implement?
  3. What do I need to know about this protocol? Are there any lectures available with information concerning my topic? If you want help with this, ask me.

If you have further questions that I did not cover here, simply send me an email or come by my office at room H.1.17.

Dates

- Introductory sessions will be on 16.10.2013  Done!

Mittwoch, 9:15-10:45

Donnerstag, 13:30-15:00

Place: A-2.2

17.10.13: I will explain the seminar topics in more detail.
24.10.13: I will be here to answer any questions that might come to your mind. We will also talk about next phases and future plan.
    Deadline to express your interest by sending me an email to rafiee(at)hpi.uni-potsdam.de (subject line: [privacy and security seminar])
The seminar has limited number of participants <= 10 students
28.10.13:  Official Registration with Frau Pamperin.  Topic Introduction: Team building, initial materials and references   
~20.11.13: Phase 1:You will ask to present your selected paper in front of other students (presentation no longer than 10 minutes per person)
~29.01.14: Phase 2: Mid term presentation (Team presentation) and first report submission
~28.02.14: Phase 3: Final presentation (Team presentation) and final report submission (Integration of your work with IPv6SSL)

Zurück