Advanced Internet Security

Homepage
People
Research
Teaching
About
Abstract
Topics
Prerequisites
Location
Dates and Times
Slides
Challenges
Hall of Ultra Fame
Hall of Fame
Ratings
Standings
Environment
CTF
Examination
Registration

183.222 Advanced Internet Security (2.0)
(also known as Internet Security 2)

Lecturers

Christian Platzer, Paolo Milani and Clemens Kolbitsch.

For correspondence, send a mail to inetsec@iseclab.org

Tutors

Bernhard 'Perfect Prime' Miller (InetSec 2 Master Guru)


News

  1. 05.07.2010 The web page has been updated with the necessary organizational information. There is an introductory meeting (Vorbesprechung) on Thursday, 7th of October, 11:15, in Seminarraum Zemanek. At this meeting, the course and the prerequisites will be described. Further, a brief introduction will be given to the organization of the course this year. If you cannot attend this meeting, then please check this site. All information that you need to register and complete the course will be on this page. The assigments will be online on these pages as usual.
  2. 04.07.2010 Reacting to suggestions of last year's students, we will try a slightly modified grading scheme in Advanced Internet Security this year. We hope this will allow you more flexibility when solving challenges while offering the same level of insight and fun.
  3. 01.07.2010 Woohoo... there will be an Advanced Inetsec course next semester. Stay tuned for updates...


Abstract

Advanced Internet Security (previously Internet Security 2) serves as a continuation for the class Internet Security. The idea is to present problems in more detail and allow students to apply their knowledge in practical exercises. The lecture deals with common programming mistakes and ways to detect and avoid them. Examples are used to highlight general error classes, such as stack overflow and format string vulnerabilities.

In order to teach the subject in the most authentic way, the lecture uses an "offensive approach": Security-related topics are viewed from an attacker's perspective and possible attack scenarios are shown. In practical challenges the students need to exploit previously discussed security vulnerabilities inside a controlled challenge-environment. This improves the students' understanding of the handled topics and guarantees that they will not make similar mistakes in own projects and allows them to actively take security measures when handling security relevant projects.

As part of the class, students are able to participate in a hacking contest in which they can prove their knowledge of security and system management by competing with their peers or, as a team, against other Universities spread around the globe.


Topics

General Unix security:
  • Security model
  • System call
  • Vulnerabilities
  • Authentication
  • Shell/Environment attacks

Memory Corruption
  • Buffer Overflows
  • Stack overflow exploitation
  • Format string exploitation
  • Heap overflow exploitation
  • Return-to-libc attacks
  • Heap-spraying attacks
  • Linux shellcode writing
  • Windows shellcode
  • Protection mechanisms

Windows Security
  • Windows security intro & overview
  • Security principles (Windows 95 to Windows 7)
  • Spyware
  • BHO based malware
  • .NET security model

Race conditions
  • Problem introduction
  • Unix File System race conditions
  • Other race conditions
  • Computational complexity attacks
  • Prevention mechanisms

Reverse Engineering
  • Static & dynamic reverse engineering techniques & tools
  • Malicious code analysis
  • Code obfuscation

Web Security
  • Advanced session attacks
  • Cross site request forgery (CSRF)
  • Browser history stealing
  • Exploits against caching infrastructure

Malware
  • Intro & taxonomy
  • Viruses, worms, trojan horses
  • Botnets, command&control mechanisms


Prerequisites

  • Time! ;-) == You will need to solve a minimum of 4 challenges during the lecture!
  • Internet Security VU (or equivalent)
  • Good programming/developing skills (C & x86 assembler advantageous)
  • Some experience with Linux and Windows

Assignments

There are a set of "challenges" that the students are required to solve. These challenges are security-related programming assignments (e.g., buffer overflows, application cracking, virus coding, etc.).
The challenges will be announced on a regular basis, most of them following the content of the lectures.


Location, Dates and Times

07.10.2010 11:15-12:45, Introduction and Organization in Seminarraum Zemanek
Regular lectures: Starting on Thursday, 14.10.2010 weekly lectures in Seminarraum Zemanek, 11:15 to 12:45.

Slides

07.10.2010, Introduction slides (to appear)
14.10.2010, Unix security slides (to appear)


Examination

There will be an exam at the end of the course, in January. To be admitted to the exam, you need to solve at a minimum of 4 challenges. Further, you have to register via TUWIS++!

Registration

will start on the 15th of September and will continue until the 15th of November. You will be able to register via this link.
Last Modified: Mon Jul 12 12:35:41 CEST 2010

International Secure Systems Lab www.iseclab.org