Information on individual educational components (ECTS-Course descriptions) per semester

  
Degree programme:Bachelor Computer Science - Software and Information Engineering
Type of degree:FH Bachelor´s Degree Programme
 Full-time
 Summer Semester 2023
  

Course unit titleSecurity
Course unit code024717060501
Language of instructionEnglish
Type of course unit (compulsory, optional)Compulsory
Semester when the course unit is deliveredSummer Semester 2023
Teaching hours per week2
Year of study2023
Level of course unit (e.g. first, second or third cycle)First Cycle (Bachelor)
Number of ECTS credits allocated3
Name of lecturer(s)Michael KAPPAURER
Armin SIMMA


Prerequisites and co-requisites
  • Basics of computer networking
  • Basic Configuration of Cisco-Router und -Switches
  • Hands-on experience with a Linux/Unix system: e.g. simple commands like pwd, cd, ls, chmod; access control system in Linux (rwx..)
  • Basic user administration (access control, groups) in Linux
  • Installation of rpm or deb packages (without detailed troubleshooting of problems)
  • Basic network commands on a Linux and Windows system: ifconfig, ipconfig, arp -a
  • Ability to work with a Windows system (also server): e.g. configure network; basic configuration of an AD domain controller
  • Applied cryptology
  • Database basics
  • Programming knowledge (C)
  • Basics of operating systems (processes, threads, memory protection, virtual memory)   
  • Basic knowledge of web programming
Course content

Network security: attacks and (technical) countermeasures

  • Layer 2 Attacks (arpspoof)
  • DNS attacks
  • Routing problems/attacks
  • -- each with a focus on countermeasures
  • Lab: Configuration of Firewall and IDS

Authentication and authorization systems/protocols

Cryptological/security protocols: SSL/TLS, IPsec, (Kerberos)

Problems and vulnerabilities of/with operating systems (focus on Linux)

Problems and typical weaknesses in SW development with C

Countermeasures

  •     Set-UID programs and problems with them (weaknesses)
  •     Environment variables and attacks on/with them
  •     Dirty COW vulnerability
  •     Buffer overflow
  •     Format String vulnerability
  •     possible return-to-libc


Exercises:

  • https://seedsecuritylabs.org/ (Wenliang Du, syracuse Univ.)
  • OS attacks and countermeasures

 

PKI Public Key Infrastructure:

  • Certificates
  • Configuration
  • Attacks (e.g. MITM)

Trusted computing (TPM): Introduction

Secure/ Trusted/ Measured BootSecurity and Machine Learning/ Anomaly Detection: Introduction

Learning outcomes

In this course, the students receive implementation skills/ competence in:

  • Security in computer networks
  • PKI Public Key Infrastructure
  • Authentication and Authorization systems; AAA
  • Network Security
    • Attacks and countermeasures
    • Procedures and technologies (e.g. VPN, authentication technologies)
    • Analysis and Configuration of security protocols: SSL/TLS, IPsec, 802.1x, RADIUS, if time permits: Kerberos

Students receive basic competence - if time permits - in:

  • Security in the area of operating systems
  • Trusted computing
  • Secure and Trusted Boot
  • Security and machine learning (anomaly detection)
Planned learning activities and teaching methods

Lecture and seminar/labs using Packet Tracer and virtual machines (attendance is mandatory)

 

Assessment methods and criteria

Final exam (60%) and assessment of practical work (40%).

For a positive grade, a minimum of 50% of the possible points must be achieved in each part of the examination.

Obligatory attendance in labs

Comment

Non applicable

Recommended or required reading
  • Adams, Carlisle; Lloyd, Steve (2010): Understanding PKI: Concepts, Standards, and Deployment Considerations. Boston etc.: Pearson Education.
    Boyle, Randy J.; Panko, Raymond R. (2014): Corporate Computer Security. 00004 Ed. Boston: Prentice Hall.
  • William Stallings: "Cryptography and Network Security: Principles and Practice", Eighth Global Edition  2022
  • Steffen Wendzel: "IT-Sicherheit für TCP/IP- und IoT-Netzwerke: Grundlagen, Konzepte, Protokolle, Härtung", 2021
  • Chris Carthern, William Wilson : "Cisco Networks: Engineers' Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021
  • Du, Wenliang (2019): Computer Security: A Hands-on Approach. 2. Wenliang Du.
  • Garman, Jason (2003): Kerberos: The Definitive Guide. 1st Ed. Beijing ; Farnham: O'Reilly & Associates.
  • Kurose, James; Keith, Ross (2016): Computer Networking: A Top-Down Approach, Global Edition. 7. Boston Columbus Indianapolis Amsterdam Cape Town: Prentice Hall.
  • Pröhl, Mark (2011): Kerberos: Single Sign-on in gemischten Linux/Windows-Umgebungen. 1st Ed. Heidelberg: dpunkt.verlag GmbH.
  • Richer, Justin; Sanso, Antonio (2017): OAuth 2 in Action. 1st Ed. Shelter Island, NY: Manning Publications.
  • Seacord, Robert C. (2014): CERT® C Coding Standard, Second Edition, The: 98 Rules for Developing Safe, Reliable, and Secure Systems: 98 Rules for Developing Safe, Reliable, and ... Edition). 2 ed. Upper Saddle River, NJ: Addison-Wesley Professional.
Mode of delivery (face-to-face, distance learning)

Classroom teaching, attendance is mandatory in the labs/seminars

Summer Semester 2023go Top