IT-Security 2

Chapter 1: Technical Stuff and Overview

Prof. Dr.-Ing. Ulrike Meyer

 IT-Security 2: Organization

Q&A Slots for Lecture

Screencasts of Lecture Wed 8:30

Starting April 14thth
Uploaded to Moodle
To be watched before Q&A! Every other Mon 16:30
Starting April 19th
Also: April 26th

Q&A Slots for

Exercise Sheets Screencast of Exercise Exercise

Uploaded to Moodle Uploaded to Moodle Every other Mo

Hand in of solutions optional To be watched before Q&A! 16:30
Starting May 3rd

2
 Example Schedule for Three Weeks

Week 1 Week 2 Week 3

Mo Wed Mo Wed Mo Wed

Q&A Q&A Q&A Q&A Q&A

Lecture 1 Lecture 2 Lecture 3 Exercise 1 Lecture 4
Screencast Screencast Screencast Screencast Screencast Screencast
Lecture 1 Lecture 2 Lecture 3 Exercise 1 Lecture 4 Lecture 5
Hand out Hand in Hand out
Exercise 1 Exercise 1 Exercise 2

3
 Exercises

§ Will be held by Benedikt Holmes

§ Contact address for lecture and exercise

§ [email protected]

§ Every second Wed new exercise sheet available in Moodle

§ Solutions to exercises can be handed in via Moodle

§ In groups, one group member hands in the solution
§ Corrected if handed in but not mandatory to hand in
§ We recommend doing the exercises and handing them in

4
 Exams

§ Exam:
§ Written exam of 90 minutes at the end of the semester
§ Registration for the exam via RWTH Online
§ Your grade will depend on the exam

§ Exam dates published in RWTH Online!

§ Currently planned:
§ First: August 2nd , 14:00 – 15:30
§ Second: September 11th 14:00 – 15:30

§ Only the exam will count for your grade

5
 Overall Context: LuFG IT-Sec Teaching

§ Lectures
§ IT-Security 1: Cryptographic Basics and Network Security
§ IT-Security 2: Malware and Defenses, Privacy, and Applications Security
§ MobSec: Security in Mobile Networks
§ Datenkommunikation und Sicherheit

§ Seminars
§ Proseminar or Seminar on changing topics
§ Typically taught in summer terms

§ Practical Course
§ Security Lab, also known as Hacking Lab

6
 Dependencies

§ IT-Security 2
§ Does NOT require IT-Security 1 but basic cryptographic knowledge
§ Datkom-knowledge will suffice to understand the content
§ BUT we recommend one of {Crypto, IT-Security 1} at least in parallel

§ MobSec
§ Does NOT require IT-Security 1 but basic cryptographic knowledge
§ BUT one of {Crypto, IT-Security 1} at least in parallel

7
 Research and Master/Bachelor Thesis Topics

Wireless Security Malware and Intrusion Detection

Gaming

Secure Multi-Party Computation

Security Education
min: x

Content Didactic

max: y

8
 IT-Security 2: Topics Planned

§ Software Security
§ Types of Malware
§ Spreading § Privacy
§ Exploits § Anonymous Communication
§ Examples § Payment Systems
§ Secure Multi-Party
§ … and Defenses Computation
§ E-Voting
§ AV-Products
§ E-Auctions
§ Honeypots
§ Biometrics
§ Malware Analysis
§ Access control
§ Firewalls
§ Intrusion Detection

9
 Books

§ The lecture will partly be based on

§ Stallings and Brown, Computer Security, Pearson Press, 2015

§ Ross, Security Engineering, Wiley, 2008
§ Pfleeger Pfleeger, Marguies, Security in Computing, 2014
§ You can find these books in the CS library
§ Some chapters of Anderson’s book are also downloadable from his web page
http://www.cl.cam.ac.uk/~rja14/
§ Additional reading material will be indicated at the end of each chapter
§ Some links will be accessible via the RWTH network only

10