course: Current Topics in the Area of Internet Security

number:
141251
teaching methods:
lecture with tutorials
media:
Moodle
responsible person:
Prof. Dr. Jörg Schwenk
lecturer:
Dr.-Ing. Marcus Niemietz (ETIT)
language:
german
HWS:
4
CP:
5
offered in:
winter term

dates in winter term

  • start: Monday the 26.10.2020
  • lecture Mondays: from 08:15 to 09.45 o'clock in Online
  • tutorial Mondays: from 10:15 to 11.45 o'clock in Online

Exams

Die Angaben zu den Prüfungsmodalitäten (im WiSe 2020/2021 | SoSe 2021) erfolgen vorbehaltlich der aktuellen Situation. Notwendige Änderungen aufgrund universitärer Vorgaben werden zeitnah bekanntgegeben.
Form of exam:written
Registration for exam:FlexNow
Date:04.03.2021
Begin:08:30
Duration:120min
description of exam:

Termin findet wie geplant statt

Rooms : HNC 10,  HNC 30
Individual appointments of students to each exam location will be issued by the responsible chair.
Die Angaben zu den Prüfungsmodalitäten (im WiSe 2020/2021 | SoSe 2021) erfolgen vorbehaltlich der aktuellen Situation. Notwendige Änderungen aufgrund universitärer Vorgaben werden zeitnah bekanntgegeben.
Form of exam:written
Registration for exam:FlexNow
Date:02.09.2021
Begin:08:30
Duration:120min
Room : HNC 20

goals

Upon successful completion of the module, students will have a comprehensive understanding of current research topics in the field of Internet security. They have become familiar with the latest attacks and security mechanisms. In addition, they know how to deal with security vulnerabilities correctly and how to report them to the manufacturer. Through the science-related topics, students have gained insight into research in the area of Internet security, which has prepared them for their potential research role.

content

The lecture deals with selected IT security topics that have been published by the Chair of Network and Data Security in recent years. Among others the following topics will be covered:

  • Attacks on IPsec and IKE.
  • TLS Scanning, Fuzzing and State Learning
  • Attacks on TLS (Padding Oracles, ROBOT, Invalid Curve)
  • Attacks on email signatures and email encryption (Efail)
  • Attacks on network printers
  • PDF encryption
  • Responsible Disclosure
  • Analysis of the Document Object Model
  • UI redressing and clickjacking
  • Security models in the field of instant messaging
  • 0-RTT in TLS 1.3 and gate

In addition to the systems themselves, published attacks on these systems are also discussed; the students themselves make scientific considerations on how to improve security.

requirements

None

recommended knowledge

The event builds (among other things) on these courses:

  • Network security 1 and 2
  • Introduction to Cryptography

miscellaneous

Exam aids: 2 sheets (= 4 pages) DIN A4 handwritten notes, a scientific calculator (not programmable)