Internet Security

Vorlesung mit Uebung (3.0 ECTS) - 188.366
10K students
An Initiative of the Consortium

Curricula

This lecture is held as a cooperation between the Secure Systems Lab at the Automation Systems Group (183/1) and the Information and Software Engineering Group (188/1)

Lecturers

Tutor

News

  1. 2017-03-09: Lecture in progress.
  2. 2017-03-22: SecEnv-Account-Credentials sent.
  3. 2017-03-23 19:00: Challenge 1 starts.

Abstract

Internet security has become part of everyday life where security problems impact practical aspects of our lives. Even though there is a considerable corpus of knowledge about tools and techniques to protect networks, information about what are the actual vulnerabilities and how they are exploited is not generally available. This situation hampers the effectiveness of security research and practice. Understanding the details of network attacks is a prerequisite for the design and implementation of secure systems.

This course presents the principal protocols and applications that are used in the Internet today, discussing in detail the related vulnerabilities and how they are exploited. For each vulnerability, possible protection and detection techniques are examined. The course includes a number of practical lab assignments where participants are required to apply their knowledge as well as a discussion of the current research in the field. Students will learn how the security of networks can be violated and how such attacks can be detected and prevented.

The course aims to make the students "security aware" and gain a basic understanding about security issues. For students who are interested in advanced security topics and practical assignments, we offer the /course/inetsec2 class in the winter semester.

Topics

Prerequisites

Location

FH HS 6

Dates and Times

Weekly, Thursday 12:00-13:45 sharp
Preliminary meeting (Vorbesprechung): Wednesday, March 2nd 2016, 14:00, different room: FH HS 1
Regular, weekly lecture: Thursdays, starting March 10th 2016, FH HS 6

Slides

Slides will be available for download either shortly before, or within two business days after the lecture.
Future lecture topics are preliminary.

2017-03-01Introduction
2017-03-09 TCP/IP and Internet Applications
2017-03-16Unix Security
2017-03-22Web Security 1

Practical Challenges (Assignments)

Students will "need" to solve a set of practical challenges (assignments) in the lab part of the course. The practical part of the course aims to prepare the students for more advanced topics and programming done in the /course/inetsec2 course.

"Stuff" to hack, crack, explore and learn
Lab start: 2017-03-23
During the InetSec course, we will announce a "challenge" here every couple of weeks that you can solve. These challenges aim to allow you to gain some basic practical experience in the penetration testing and the security analysis of software and applications.
We have planned 6 challenges that deal with topics such as common security tools, web vulnerabilities, code cracking and stack-based buffer overflows. The challenges are directly related to the concepts discussed in the lecture part of the course.
In order to successfully pass the InetSec course, you have to have at least 50% on the challenges and 50% on the written exam. Challenges are worth 20% each, and if you manage to solve all 6 Challenges you get an additional 10% on the last one (amounting to a total of 110%). Challenges and Exam Results are weighted 1/2 + 1/2 for the final grade.
The challenges in the course are not necessarily difficult (for people who can program and who have basic Web, networking and software knowledge), but may require you to do some research on the Internet and read some documentation. Of course, you also need some patience.
By the way, we are aware that the InetSec environment is not highly secure. It's a time issue ;-) So we trust you that you will not try to break or hack the system. That is not a challenge. Remember that you are the good guy/gal. If we notice that you are trying to crack us, there will be consequences.
Good luck and happy debugging

Forum

If you have questions regarding the lab challenges, please use the TISS Forum to exchange yourself with other students. Our tutor is reading it on a daily basis and usually quick to answer with help. Please refrain from posting (partial) solutions, as you will spoil the fun for others. If you think, you need help beyond that do contact us per email at the address at the top of this page.

Examination

Date: TBA.

About 20 questions, 75 minutes time, no course material allowed.

Registration

Registration is now handled via TISS only! Your registration data will automagically be imported in our Challenge environment around 20th of march. Then you will receive an email with your login credentials and your account number. Everything else is handled via our Lab System (e.g. solved Challenges, error replies, total grades etc..). Other important issues will be discussed in the preliminary lecture. Be there.

Internships, Theses

Are you a motivated student and looking for a bachalor's thesis or master's thesis, visited our courses and are otherwise also very interested in the security topic? Please visit the internship and theses pages of Seclab and SBA Research:
  • Internships and Theses at Seclab Vienna
  • Internships and Theses at SBA Research