Internet Security (Lecture)
Overview /
Überblick
Evaluation website / Vorlesungsumfrage
News / Aktuelles
-
Information about exams:
The exams will be oral. They take place on 17, 23, 30, and 31 July, 26 and 27 August, and 9 October in Prof. Feldmann's office, TEL 16.Informationen zu den Prüfungen:
Es wird mündliche Prüfungen geben. Sie finden am 17., 23,. 30. und 31. July, 26. und 27. August, sowie am 9. Oktober in Prof. Feldmanns Büro, TEL 16 statt. -
The evaluation of the lecture is done!
Die Vorlesungsumfrage ist fertig!
topOverview / Überblick
| Lecturer / Dozentin: | Prof.
Anja Feldmann, Prof. Jean-Pierre Seifert (FG SECT) |
| additional contact persons / weitere Ansprechpartner: | Gregor Maier, Collin Mulliner (FG SECT) |
| event type / Veranstaltungstyp: | lecture / Vorlesung |
| area / Gebiet: | Operating and Communication Systems / Betriebs- und Kommunikationssysteme (BKS) |
| SWS: | 2 |
| ECTS / LP: | 3 |
| Time / Zeit: | Thursday/Donnerstag 14:00–16:00 weekly/wöchentlich |
| First Meeting / Erster Termin: | 16 April 2009 |
| Room / Raum: | MA 043 |
| Course ID / Veranstaltungsnr.: | 0432 L 812 |
| Audience / Hörerkreis | Diplom students in the main study
period / Diplomstudenten im Hauptstudium (Studiengebiet
f. Informatik: "Betriebs- und Kommunikationssysteme"), Part of following master modules / Teil der folgende Mastermodule: INET NA und INET NA++ (Fachstudium "Kommunikationstechnologie"), (Can be taken as part of the bachelor program / Kann auch im Bachelor belegt werden). |
| Prerequisites / Voraussetzungen: | intermediate diplom / Vordiplom, lectures Network Protocols and Architectures (Prof. Feldmann), Kommunikationsnetze (Prof. Wolisz) or equivalent |
| Exam / Prüfung: | tba / wird noch bekanntgegeben |
Content / Inhalt
As the common utilization of the Internet broadens, the threat from malicious programs and users increases. To counteract this development during the design of new applications and technologies, we will try to identify and discuss the different attacks and threats (e.g., worms, viruses, denial of service). Based on that countermeasures (e.g., firewalls, network intrusion detection/prevention systems, scanners) are introduced and the challenges those are facing are explained. In addition to these active security tools, secure protocols (e.g., SSL, Kerberos, TLS, VPN, IPsec, WLAN Security), key management approaches, and the security of different Internet services (e.g., E-Mail, SSH, VoIP, Network Storage) will be analysed.
Mit der breiten Nutzung des Internet ist auch die Bedrohung durch bösartige Programme und Nutzer gesteigen. Um dem auch schon bei der Entwicklung neuer Technologien entgegen zu wirken, werden zunächst die Gefahren identifiziert und diskutiert (z.B. Würmer, Viren). Darauf aufbauend werden Gegenmaßnahmen (z.B. Firewalls, Network Intrusion Detection/Prevention Systems) vorgestellt und die an sie gestellten Herausforderungen erläutert. Neben diesen aktiven Sicherheitsmaßnahmen werden auch Verschlüsselungsprotokolle (z.B. SSL, TLS, VPN, IPsec, WLAN Security) analysiert.
Organisation
Mailinglist
If you are interested in attending, please make sure you are
subscribed to
our Mailinglist is_ss09 to receive information
and announcements.
Falls du an unserer Vorlesung teilnehmen willst, schreib dich
bitte auf
unsere Mailingliste is_ss09, um wichtige
Informationen und Ankündigungen zu bekommen.
Homework
There will be no tutorial.
Es wird keine Übung angeboten.
Exam
Please, register if you want to take the exam. (The form will be available later.)
Meldet euch an, wenn Ihr an der Prüfung teilnehmen wollt. (Das Formular wird rechtzeitig online gestellt.)
Slides / Folien
| No. | Topic/Thema | Slides | Handouts (2 slides per page) |
Date/Datum |
|---|---|---|---|---|
| 00 | General Information and Overview | Slides | Handouts | 16 Apr. 2009 |
| 01 | Basic Terms and Definitions | Slides | Handouts | 16 Apr. 2009 |
| 02 | Crypto Basics, Pt. 1 | Slides | Handouts | 23 Apr. 2009 |
| 03 | Crypto Basics, Pt. 2 | Slides | Handouts | 30 Apr. 2009 |
| 04 | Crypto Basics, Pt. 3 | Slides | Handouts | 7 May 2009 |
| 05 | Network Security Standards: Key distribution, Kerberos, SSL/TLS |
Slides | Handouts | 14 May 2009 |
| 06 | Worms | Slides | Handouts | 28 May 2009 |
| 07 | Firewalls and NAT | Slides | Handouts | 4 June 2009 |
| 08 | Phishing | Slides | Handouts | 11 June 2009 |
| Internet Background Radiation (by Ruoming Pang, Princeton University) |
Slides | 11 June 2009 | ||
| 09 | Browser Security | Slides | Handouts | 18 June 2009 |
| 10 | Web Security | Slides | Handouts | 25 June 2009 |
| 11 | Intrusion Detection Systems | Slides | Handouts | 2 July 2009 |
| 12 | IDS Extensions: Time Machine and Dynamic Application Detection |
Slides | Handouts | 2 July 2009 |
| 13 | SSH | Slides | Handouts | 9 July 2009 |
| 14 | SIP and VoIP | Slides | Handouts | 16 July 2009 |
| Silver Needle in the Skype (by Philippe Biondi and Fabrice Desclaux, EADS Corporate Research Center) |
Slides | 16 July 2009 | ||
| Advanced Malware Trends (by Michael Berg, Sandia National Laboratories) |
Slides | 16 July 2009 | ||
| 15 | RFC 3514 | Slides | Handouts | 16 July 2009 |
Literature / Literatur
- [Dun08en]
-
Ken Dunham. Mobile Malware Attacks and Defense (Paperback). Syngress, November 2008. (english)
- [GSS03en]
-
Simson Garfinkel, Gene Spafford, and Alan Schwartz. Practical Unix & Internet Security, 3rd Edition (Paperback). O'Reilly Media, Inc., 2003. (english)
- [Bis02en]
-
Matt Bishop. Computer Security: Art and Science. Addison-Wesley Professional, December 2002. (english)
- [DR02en]
-
Joan Daemen and Vincent Rijment. The Design of Rijndael: AES – The Advanced Encryption Standard. Springer, 1st edition, March 2002. (english)
- [PP06en]
-
Charles P. Pfleeger and Shari Lawrence Pfleeger. Security in Computing (4th Edition) . Prentice Hall PTR, Upper Saddle River, NJ, 2006. (english)
- [War93en]
-
Warwick Ford. Computer Communications Security: Principles, Standard Protocols and Techniques. Prentice Hall PTR, 2006. (english)
- [CBR03en]
-
William R. Cheswick, Steven M. Bellovin and Aviel D. Rubin. Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition. Addison-Wesley Professional, 2003. (english)
- [Sta05en]
-
William Stallings. Cryptography and Network Security (4th Edition). Prentice Hall, 2005. (english)
- [KPS02en]
-
Charlie Kaufman, Radia Perlman and Mike Speciner. Network Security: Private Communication in a Public World, Second Edition. Prentice Hall PTR, 2005. (english)
- [AJP94en]
-
Marshall D. Abrams, Sushil Jajodia and Harold J. Podell. Information Security: An Integrated Collection of Essays. IEEE Computer Society Press, Los Alamitos, California, USA, 1994. (english)
- [Amo94en]
-
Edward Amoroso. Fundamentals of Computer Security Technology. Prentice Hall PTR, 1994. (english)
- [Den82en]
-
Dorothy Elizabeth Robling Denning. Cryptography and Data Security. Addison-Wesley Pub, 1982. (english)
- [Den90en]
-
Peter J. Denning. Computers Under Attack: Intruders, Worms and Viruses. Addison-Wesley Professional, 1990. (english)
- [Sti02en]
-
Douglas R. Stinson. Cryptography: Theory and Practice, Second Edition. Chapman & Hall/CRC, 2002. (english)
- [Gas88en]
-
Morrie Gasser. Building a Secure Computer System. Van Nostrand Reinhold, 1988. (english)
- [ZCC00en]
-
Elizabeth D. Zwicky (Author), Simon Cooper (Author), D. Brent Chapman. Building Internet Firewalls (2nd Edition). O'Reilly Media, Inc., 2000. (english)