Lecture: System Security

ProfessorProf. Dr. Ghassan Karame
Course number211011


LectureMondays, 14:15 – 15:45 in HID (presence only)
ExerciseMondays, 16:00 – 17:30 in HID (presence only)

While clearly beneficial, the large-scale deployment of online services has resulted in the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.

These cyber-attacks often target the resources, availability, and operation of online services. With an increasing number of services relying on online resources, integrating proper security measures therefore becomes integral to ensure the correct functioning of every online service. 

In this course, we discuss important theoretical and analytical aspects in system security. The focus of the course is to understand basic attack strategies on modern systems and platforms, with a focus on side-channel attacks, software-based attacks, malware analysis, as well as software-based defenses (e.g., address space randomization and non-executable memory) and hardware-based defenses (e.g., using TPMs and TEEs). Other topics of the course include analyzing the security of modern cryptocurrencies and ML platforms, and similar aspects in system security.

An integral part of this course are exercises and homeworks, which aim to deepen the understanding of the material with practical examples. At the end of this course, students will be able to (1) classify and describe vulnerabilities and protection mechanisms of popular systems and protocols, and (2) analyze / reason about basic protection mechanisms. Students will also develop the ability to reason about the security of a given protocol deployment and independently develop appropriate security defenses and security models.

There are no formal prerequisites for this course. However, a background in Cryptographic primitives (encryption methods, signatures, MACs, hash functions), principles of communication networks, is recommended.

Lab assignments
During the course, there will be numerous exercises/assignments. These are complementary to the lecture material and help in deepening the understanding of students in the topics covered in the lecture. 

Unless specified otherwise, assignments and lab work is to be performed and submitted individually. In case of individual assignments, any form of unsolicited collaboration or plagiarism will not be tolerated and will result in the immediate disqualification of the involved students from that particular assignment. 


    • Lecture: English
    • Exam & Exercise : German (but also English allowed)

Learning format
Lecture hall with media support, e-learning, exercises on the computer, additional self-study with additional materials and tasks provided.

Written Exam
At the end of the semester, we will organize a written exam. The exact location and date of the exam will be announced in due time. Physical presence is strictly required for the exam. The exam will cover both theoretical and practical aspects that were presented in the lecture/exercise session.