Systemsicherheit

NUMMER: 211011
KÜRZEL: SysSec
MODULBEAUFTRAGTE:R: Prof. Dr.-Ing. Jörg Schwenk
DOZENT:IN: Prof. Dr. Ghassan Karame
FAKULTÄT: Fakultät für Informatik
SPRACHE: Deutsch
SWS: 4 SWS
CREDITS: 5 CP
WORKLOAD: 150 h
ANGEBOTEN IM: jedes Sommersemester

BESTANDTEILE UND VERANSTALTUNGSART

Systemsicherheit – Vorlesung (2 SWS)Systemsicherheit – Übung (2 SWS)

PRÜFUNGEN

FORM: schriftlich
ANMELDUNG: eCampus
DATUM: 0000-00-00
BEGINN: 00:00:00
DAUER: 120 min
RAUM:

LERNFORM

Hörsaalvorlesung mit Medienunterstützung, eLearning, Übungen am Rechner, zusätzlich Selbststudium mit ergänzend bereitgestellten Materialien und Aufgaben

LERNZIELE

At the end of this course, students will be able to (1) classify and describe vulnerabilities and protection mechanisms of popular systems and protocols, and (2) analyze / reason about basic protection mechanisms for modern OSs, software, and hardware systems. Students will also develop the ability to reason about the security of a given protocol and independently develop appropriate security defenses and security models.

INHALT

While clearly beneficial, the large-scale deployment of online services has resulted in the increase of security threats against existing services. As the size of the global network grows, the incentives of attackers to abuse the operation of online applications also increase and their advantage in mounting successful attacks becomes considerable.


These cyber-attacks often target the resources, availability, and operation of online services. With an increasing number of services relying on online resources, integrating proper security measures therefore becomes integral to ensure the correct functioning of every online service.


In this course, we discuss important theoretical and analytical aspects in system security. The focus of the course is to understand basic attack strategies on modern systems and platforms, with a focus on side-channel attacks, software-based attacks, malware analysis, as well as software-based defenses (e.g., address space randomization and non-executable memory) and hardware-based defenses (e.g., using TPMs and TEEs). Other topics of the course include analyzing the security of modern cryptocurrencies and ML platforms, and similar aspects in system security.


An integral part of this course are exercises and homeworks, which aim to deepen the understanding of the material with practical examples.

VORAUSSETZUNGEN CREDITS

Bestandene Modulabschlussprüfung

EMPFOHLENE VORKENNTNISSE

background in Cryptographic primitives (encryption methods, signatures, MACs, hash functions), principles of communication networks, is recommended.

LITERATUR

1. D. Gollmann: „Computer Security“, Wiley and Sons
2. A.J. Menezes, P.C. van Oorschot and A. S. Vanstone: “Handbook of Applied Cryptography”, CRC Press
3. C. Boyd and A. Manthuria: “Protocols for Authentication and Key Establishment”, Springer Verlag
4. R. Anderson: “Security Engineering – A Guide for Building Dependeble Distributed Systems”, Wiley and Sons

SONSTIGE INFORMATIONEN

Aktuelle Informationen wie Vorlesungstermine, Räume oder aktuelle Dozent*innen und Übungsleiter*innen sind im Vorlesungsverzeichnis der Ruhr-Universität https://vvz.rub.de/ und im eCampus https://www.rub.de/ecampus/ecampus-webclient/ zu finden.