192.082 Introduction to Security
This course is in all assigned curricula part of the STEOP.
This course is in at least 1 assigned curriculum part of the STEOP.

2020S, UE, 2.0h, 3.0EC
TUWEL

Properties

  • Semester hours: 2.0
  • Credits: 3.0
  • Type: UE Exercise

Learning outcomes

After successful completion of the course, students are able to discover and attack common software security vulnerabilities and to avoid common pitfalls during the development phase. The aim is to provide hands-on experience in the sort of attacks and protections found in the real world. More specifically, students will be given access to a safe environment where to interact with realistic applications containing ad-hoc vulnerabilities. The LVA offers practical exercises and follow-up materials to complement the topics presented during the Introduction to Security (VU) course.

Subject of course

Introduction

  • Python and bash scripting
  • Tools for binary and web exploit development

System Security

  • Buffer/stack overflow
  • Circumventing overflow mitigation techniques
  • Return-oriented programming (ROP)

Web Security

  • Server-side code injection techniques
  • Client-side injections and mitigation bypasses
  • Cross-site request forgery attacks and countermeasures
  • Browser side-channels

Network and Protocol Security

  • Cryptographic protocols

Teaching methods

Tutorials on practical security topics and project assignments as homework. 

 

Mode of examination

Immanent

Additional information

ECTS Breakdown

3 ECTS = 75h

  • 8h lecture
  • 67h self-study and projects development

Lecturers

Institute

Course dates

DayTimeDateLocationDescription
Tue10:00 - 12:0031.03.2020 OnlineBash scripting, Python, tools
Fri10:00 - 12:0010.04.2020 OnlineBinary exploitation
Tue10:00 - 12:0005.05.2020 OnlineWeb security
Tue10:00 - 12:0009.06.2020 OnlineNetwork security

Examination modalities

Practical assignments mostly focused on implementing attacks introduced during the course.

Course registration

Begin End Deregistration end
14.02.2020 00:01 06.04.2020 23:59 06.04.2020 23:59

Curricula

Study CodeObligationSemesterPrecon.Info
033 526 Business Informatics Mandatory electiveSTEOP
Course requires the completion of the introductory and orientation phase
033 532 Media Informatics and Visual Computing Mandatory elective
033 533 Medical Informatics Mandatory elective
033 534 Software & Information Engineering Mandatory elective
033 535 Computer Engineering Mandatory elective
880 FW Elective Courses - Computer Science Elective

Literature

No lecture notes are available.

Accompanying courses

Continuative courses

Language

English