Hasso-Plattner-InstitutSDG am HPI
Hasso-Plattner-InstitutDSG am HPI

Network Security in Practice (Wintersemester 2010/2011)

Dozent: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme) , Dr. Feng Cheng (Internet-Technologien und -Systeme)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: 1.10.2010 - 31.3.2011
  • Lehrform: SP
  • Belegungsart: Wahlpflichtmodul

Studiengänge & Module

IT-Systems Engineering BA
IT-Systems Engineering MA
  • IT-Systems Engineering A
  • IT-Systems Engineering B
  • IT-Systems Engineering C
  • IT-Systems Engineering D


(last update on 17.01.2010)

In this seminar, we focus on study of the security problems of networked systems or applications. Several network security technologies, such as, firewall, IDS/IPS, SSH, VPN, Application Layer Gateway, Network Scanning and Monitoring, etc. will be concerned in this seminar. Some known implementations, tools and methods, incl. commercial products/open source software, are expected to be reviewed and tested with certain practical deployment scenario. A comprehensive LAB-Manufactor platform is expected to be designed and implemented by the team with all the seminar participants.

Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!


  • 28.10.2010 We had the second meeting o this seminar. Here are the slides!
  • 21.10.2010 Welcome to the first meetin. Here you can find the slides!  
  • 25.08.2010 Web page of Seminar (at the HPI) is online.


Good knowledge in

  • networking technologies (TCP/IP, Routing, ...)
  • operating systems and software engineering
  • security basics (e.g., lectures on "Internet Security - Weaknesses and Targets" or"Informationssicherheit", etc.)
  • team work


Lern- und Lehrformen

The interested students are expected to contribute with:

  • Throughout investigation of the given topics (Phase I: Report and Presentation)
  • Design and Implementation of attack scenarios (i.e., examples), where the security methods can be tested (Phase I: Presentation)
  • The LAB-Manufactor platform (a virtual security experimental framework) which integrate scenarios from all the groups (Phase II: Report and Presentation)

The final evaluation will be based on: report, presentation, design, implementation, participation in the seminar.


This seminar has a limited number of participants! Up to 10 students can apply!

The seiminar will be divided into two phases. In the first phase, all the students will be distributed into 5 sub-teams (i.e., 2 for each), concentrating on 1-2 of the following topics. An invistigation report and a presentation (with the demonstration of the attack example) are expected for conclusing this phase. In the second phase, all the students will work in one team working on the LAB-Manufactor platform where the examples shown in the first phase can be integrated and demonstrated. A technical report (team) and a presentation with the demonstration of the running platform (team) are expected afterwards.


  1. Attack Category and Vulnerability Modeling (mandatory)
  2. Firewall: Principle and Limitation 
  3. IDS/IPS: Challenges and Deployment
  4. Application Layer Gateway and its Examples
  5. Web Security and SSL/TLS
  6. Email Security: PGP, S/MIME, ......
  7. Secure Networked Storage
  8. SIP and Secure VoIP
  9. SSH Tunneling and Virtual Private Network (VPN)
  10. Secure Routing
  11. Network Scanning and Monitoring
  12. IPSec
  13. IPv6 and its Security
  14. Wireless Security


The seminar will start from the first week of the new semester. Regular meeting will be held every week or upon request.

  • 21.10.2010 Introduction [slides]
  • 21-28.10.2010 Team Building, Topic Assignment and Literature Recommendation (per Email)
  • 28.10.2010
    • Enrolment Deadline
    • Discussion Meeting (Topics, Organization and Plan)
  • 04.11.2010 Discussion Meeting (Literatures,Tools and Scenarios)
  • 11.11.2010 Discussion Meeting (Q&A, upon request)
  • 18.11.2010 Discussion Meeting (Q&A, upon request)
  • 25.11.2010 Discussion Meeting (Progress Report & Scenario Implementation)
  • 02.12.2010 Discussion Meeting (Q&A, upon request)
  • 09.12.2010 Phase I: Presentation & Demonstration (Investigation&Scenario)
  • 16.12.2010 Discussion Meeting (Design of Integrated Framework)
  • 23.12.2010 Merry Christmas:)
  • 30.12.2010 Happy New Year:)
  • 06.01.2011Discussion Meeting(Integrated Framework: Task distribution)
  • 13.01.2011 Discussion Meeting (Q&A, upon request)
  • 20.01.2011 Discussion Meeting (Q&A, upon request)
  • 27.01.2011 Discussion Meeting (Q&A, upon request)
  • 03.02.2011 Discussion Meeting (Q&A, upon request)
  • 10.02.2011 Phase II: Presentation & Demonstration (Integrated Framework)
  • 04.2011 Report (Phase I and II) Submission Deadline