Hasso-Plattner-InstitutSDG am HPI
Hasso-Plattner-InstitutDSG am HPI
Login
 

Cops and Robbers (Sommersemester 2013)

Dozent: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme) , Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: 10.2.2013 - 30.4.2013
  • Lehrform: Projektseminar
  • Belegungsart: Wahlpflichtmodul

Studiengänge, Modulgruppen & Module

IT-Systems Engineering BA

Beschreibung

(last update: 28.04.2013)

This experimental project seminar is about advanced techniques in practical system and networking security.

We will have two teams defeating each other or the tutoring team within four challenges - with changing roles either as an attacker or defender of a target IT system.

For each challenge, the teams will have 2-4 weeks to prepare their arms: setting up a secure system (under given constraints) for the defenders, choosing and testing recon and penetration tools for the attackers. After preparation, the teams will fight out a supervised Capture-the-Flag contest.

Topics for the challenges:

  • 0. Preliminary Impression 
  • 1. System- and Network Security
  • 2. Web- and Service/Application Security
  • 3. The whole bunch

Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!

Voraussetzungen

  • Good knowledge in
  • networking technologies (TCP/IP stack, ...)
  • operating systems (memory management, ...)

Very good knowledge in security basics (i.e., lecture on Internet Security - Weaknesses and Targets)

  • Only 10 participants will be accepted for this seminar.
  • If you got interest while seeing this page, please do not wait and just drop an email to Feng to show your interest and then come to the first session on April 12.
  • The invitation email will be sent to the selected participant after the first session. Frau Pamperin will accept the subscription of the selected participants o the list. Please do not directly subscribe by her.

Literatur

Leistungserfassung

  • Team presentation/report after each challenge
  • Individual technical Presentation (15-20 mins) on a selected topic
  • Intensive collaboration and discussion within the teams and challenges

Topic List for Individual Presentations

  • Fuzzing Techniques: Tools, Methods & Examples (Sven)
  • Computer Forensics: Tools, Methods & Examples (Timo)
  • Security Issues of Social Websites (Tim)
  • Rootkits and Malware (Sebastian)
  • Honeypot: Tools, Methods, & Examples (Fabio)
  • Attacks on Router, Switch, and WLAN Access Point (Daniel)
  • Taint-Analysis: Tools, Methods & Examples (Georg)
  • New Attacks on Smartphone (Johannes)
  • Reverse-Engineering: Tools, Methods & Examples
  • Capture the Flag: Organization and Planning
  • Penetration Testing and Accountability
  • Security Issues of Virtualization
  • Privacy Issues in the Cloud
  • Recovery: HW, SW, Data
  • Side channel attacks
  • Electronic fraud
  • SIEM solutions
  • ...... 

Termine

  • 12.04.2013 Introductory Session (13:30 pm, HE.52) 
  • 15.04.2013 Invitation Email and Subscription Deadline
  • 19.04.2013 Team Building, Initial Research Topics, and Kick-off Challenge 0
  • 22.-26.04.2013 Live-Show Week: Challenge 0
    • Friday (13:30-17 pm, H-E.52): Live-Challenge Session
  • 29.04.2013 (from 13 pm, H-1.13): Kick-Off Challenge 1 (requirement-list pick-up)
  • 03.05.2013 Presentation Session: Challenge 0
  • 20.-24.05.2013 Live-Show Week: Challenge 1
    • Monday (before 18 pm): Scenario Delivery
    • Tuesday (16 pm, H-1.13): Meeting of Defender Team and Tutors
    • Thursday (16 pm, H-1 Tele-Board Area): Cops and Robbers Court
    • Thursday (18 pm): Release of the live-challenge rules
    • Friday (13-17 pm, H-E.52): Live-Challenge Session
  • 27.05.2013 (from 13 pm, H-1.13): Kick-Off Challenge 2 (requirement-list pick-up)
  • 31.05.2013 Presentation Session: Challenge 1 (postponed to June 11: fg-meinel research seminar )
  • 17.-21.06.2013 Live-Show Week: Challenge 2
    • Monday (before 18 pm): Scenario Delivery
    • Tuesday (16 pm, H-1.13): Meeting of Defender Team and Tutors
    • Thursday (16 pm, H-1 Tele-Board Area): Cops and Robbers Court
    • Thursday (18 pm): Release of the live-challenge rules
    • Friday (13-17, H-E.52): Live-Challenge Session
    • Friday (17:10 pm): Kick-Off Challenge 3 (no requirement-list)
  • 28.06.2013 Presentation Session: Challenge 2
  • 01.-08.07.2013 Live-Show Week: Challenge 3 
    • Friday (12-13pm, H-1 Tele-Board Area): Cops and Robbers Court
    • Monday (13-17, H-E.5): Live-Challenge Session
  • 02.08.2013
    • Report: Challenge 3
    • 13:30-17:00 Individiual Presentation Session
    • 17:00-19:00 Seminar BBQ

Zurück