|
|
183.222 Advanced Internet Security (2.0)
(also known as Internet Security 2)
This lecture is held in cooperation with the Information and Software Engineering Group (188/1)
Lecturers
Tutor
Bernhard 'Perfect Prime' Miller (InetSec 2 Master Guru)
News
- 22.12.2011 Challenge 6 is online. Deadline for challenge 6 is January 19th, 9:59am. Enjoy the last challenge!
- 08.12.2011 Challenge 5 is online. Deadline for challenge 5 is December 22nd, 9:59am.
- 24.11.2011 Challenge 4 is online. Deadline for challenge 4 is December 8th, 9:59am. Be fruitful and multiply!
- 17.11.2011 Challenge 3 is online. Deadline for challenge 3 is November 24th, 9:59am. Join the dark (blue) side!
- 04.11.2011 Challenge 2 is online. Deadline for challenge 2 is November 17th, 9:59am. Happy exploiting!
- 03.11.2011 The power downtime caused some hickups in our Lab environment. Challenge 1 is extended to November 5th 9:59am.
- 20.10.2011 Challenge 1 is online. Deadline is November 3rd, 9:59am. Have fun!
- 28.09.2011 Registration opened! Use the link at the bottom of this page to get an account for our Lab.
- 27.09.2011 The web page has been updated with the necessary organizational information. There is an introductory meeting (Vorbesprechung) on Thurdsay, 6th of October, 11:15, in FH HS 3. At this meeting, the course and the prerequisites will be described. Further, a brief introduction will be given to the organization of the course this year. If you cannot attend this meeting, then please check this site. All information that you need to register and complete the course will be on this page. The assigments will be online on these pages as usual.
- 08.09.2011 The course was officially announced. Check this page periodically. More information will follow soon.
Abstract
Advanced Internet Security (previously Internet Security 2) serves as a continuation
for the class Internet Security. The idea is to present problems in more detail and
allow students to apply their knowledge in practical exercises. The lecture deals
with common programming mistakes and ways to detect and avoid them. Examples are used
to highlight general error classes, such as stack overflow and format string vulnerabilities.
In order to teach the subject in the most authentic way, the lecture uses an "offensive
approach": Security-related topics are viewed from an attacker's perspective and possible
attack scenarios are shown. In practical challenges the students need to exploit previously
discussed security vulnerabilities inside a controlled challenge-environment. This improves
the students' understanding of the handled topics and guarantees that they will not make
similar mistakes in own projects and allows them to actively take security measures when
handling security relevant projects.
As part of the class, students are able to participate in a hacking contest in which
they can prove their knowledge of security and system management by competing with
their peers or, as a team, against other Universities spread around the globe.
Topics
General Unix security:
- Security model
- System call
- Vulnerabilities
- Authentication
- Shell/Environment attacks
Memory Corruption
- Buffer Overflows
- Stack overflow exploitation
- Format string exploitation
- Heap overflow exploitation
- Return-to-libc attacks
- Heap-spraying attacks
- Linux shellcode writing
- Windows shellcode
- Protection mechanisms
Windows Security
- Windows security intro & overview
- Security principles (Windows 95 to Windows 7)
- Spyware
- BHO based malware
- .NET security model
Race conditions
- Problem introduction
- Unix File System race conditions
- Other race conditions
- Computational complexity attacks
- Prevention mechanisms
Reverse Engineering
- Static & dynamic reverse engineering techniques & tools
- Malicious code analysis
- Code obfuscation
DRM and Document encryption
Web Security
- Advanced session attacks
- Cross site request forgery (CSRF)
- Browser history stealing
- Exploits against caching infrastructure
Malware
- Intro & taxonomy
- Viruses, worms, trojan horses
- Botnets, command&control mechanisms
Prerequisites
- Understanding of security fundamental (e.g. as offered by Internet Security VU or equivalent)
- Good programming/developing skills (C knowledge is advantageous)
- Some experience with Linux and Windows
- Time ;-) You will need to solve a minimum of 3 security challenges during the lecture!
Assignments
There are a set of "challenges" that the students are required to solve. These challenges are
security-related programming assignments (e.g., buffer overflows, application cracking, virus
coding, etc.).
The challenges will be announced on a regular basis, most of them following the content of the lectures,
more details can be found here.
The current challenge is
Challenge 6.
Location, Dates and Times
06.10.2011 11:15-12:45, Introduction and Organization in FH HS 3
Regular lectures: Starting on Thursday, 13.10.2011 weekly lectures in FH HS3, 11:15 to 12:45.
Slides
Slides will be available shortly before or after the lecures.
06.10.2011, Introduction slides
13.10.2011, Unix security slides
20.10.2011, Memory Corruption Vulnerabilities slides
27.10.2011, Windows Security 1 slides
03.11.2011, Windows Security 2 slides
10.11.2011, Race Conditions slides
17.11.2011, Malware 1 slides
24.11.2011, Malware 2 slides
01.12.2011, Web Security 3 slides
08.12.2011, No lecture! (go see santa instead)
15.12.2011, DRM slides (Will not be published here. They are also not part of the exam)
22.12.2011, Reverse Engineering slides
Examination
There will be an exam at the end of the course, in January. To be admitted to the exam, you need to solve
at a minimum of 3 challenges. Further, you have to register via TISS!
Registration
Registration is closed. Enjoy the lectures.
Last Modified: Tue Jan 24 16:23:01 CET 2012
|
|
|
