Internet-Security - Weaknesses and Targets (Wintersemester 2017/2018)
Dozent: Prof. Dr. Christoph Meinel
(Internet-Technologien und -Systeme)
- Semesterwochenstunden: 4
- ECTS: 6
- Einschreibefrist: 27.10.2017
- Lehrform: VU
- Belegungsart: Wahlpflichtmodul
Studiengänge, Modulgruppen & Module
"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issues.
Online Exercise Registration: There are no printed list-forms on the whiteboards/blackboards for registering the exercise groups. Registration is possible fb10moodle using your HPI mail address.
Contents of lecture "Internet- und WWW-Technologien" (esp. protocols) should be present.
Important Notice: We are NOT guiding you for hacking and participation in this seminar could NOT be an excuse for any kinds of your malicious actions towards unauthorized resources over Internet!!!
- Meinel/Sack: Grundlagen der Digitalen Kommunikation
- Meinel/Sack: Internetworking - Technische Grundlagen und Anwendungen
- Tanenbaum: Computer Networks
- Stallings/Brown: Computer Security: Principles and Practice
- Cheswick/Bellovin/Rubin: Firewalls and internet security. Repelling the Wily Hacker
- Kaufman/Perlman/Speciner: Network Security: Private Communication in a Public World
- Egan/Mather: Executive Guide to Information Security: Threats, Challenges, and Solutions
- Stuttard/Pinto: The Web Application Hacker's Handbook - Discovering and Exploiting Security Flaws
- Koziol/Litchfield/Aitel/Anley/Eren/Mehta/Hassel: The Shellcoder's Handbook - Discovering and Exploiting Security Holes
Lern- und Lehrformen
Lecture and exercise: Every week a 90 minutes lecture (in English) is held and streamed by tele-TASK over the internet. Students have to solve and submit their exercises bi-weekly.
50% of the maximum exercise points (in 1st and 2nd half of semester) are needed to be able to take part in the examination at the end of the semester. In the middle of the semester there will be a written intermediate exam which counts about 1/3. Every student has to pass the intermediate exam and take actively part in the two Hands-On sessions to take the final exam and to successfully pass the course. At the end of the course there is a second written exam (counts about 2/3). Students who want to improve their mark can also register for an oral examination. Outstanding exercise results and participation in discussion can lead to a better mark.
For current dates always check the fb10moodle. We will announce appointments there. The preliminary dates are:
- Mid-Term: 9:00-10:30, 20.12.2017, HS2
- Final: TBA
- Hands-On experiences (mandatory)
- 15.12.2017 09:15-10:45/11:00-12:30
- 26.01.2018 09:15-10:45/11:00-12:30
- Lecture dates:
- Exercise course dates (tentative):
- Friday, 9:15, H-E.51
- Friday, 11:00, H-E.51
- Friday, 13:30, H-E.51
- First lecture will be on October 18th
- First exercise session will be on October 20st
Note: Usually, new exercise assignments (exercise sheets) will be published every Wednesday on the lecture management system fb10moodle. Deadline for the submission of the solutions: Wednesday (two weeks after the publication) 12 o'clock or as specified in the assignment sheets.