Search result: Catalogue data in Autumn Semester 2022

DAS in Cyber Security Information
Core Courses
252-1414-00LSystem Security Information O7 credits2V + 2U + 2AS. Capkun, S. Shinde
AbstractThe first part of the course covers general security concepts and hardware-based support for security.
In the second part, the focus is on system design and methodologies for building secure systems.
ObjectiveIn this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.
ContentThe first part of the lecture covers hardware-based security concepts. Topics include the concept of physical and software-based side channel attacks on hardware resources, architectural support for security (e.g., memory management and permissions, disk encryption), and trusted execution environments (Intel SGX, ARM TrustZone, AMD SEV, and RISC-​V Keystone).

In the second part, the focus is on system design and methodologies for building secure systems. Topics include: common software faults (e.g., buffer overflows, etc.), bug-​detection, writing secure software (design, architecture, QA, testing), compiler-​supported security (e.g., control-​flow integrity), and language-​supported security (e.g., memory safety).

Along the lectures, model cases will be elaborated and evaluated in the exercises.
263-4640-00LNetwork Security Information O8 credits2V + 2U + 3AA. Perrig, S. Frei, M. Legner, K. Paterson
AbstractSome of today's most damaging attacks on computer systems involve exploitation of network infrastructure, either as the target of attack or as a vehicle to attack end systems.
This course provides an in-depth study of network attack techniques and methods to defend against them.
Objective- Students are familiar with fundamental network-security concepts.
- Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures.
- Students can identify and assess vulnerabilities in software systems and network protocols.
- Students have an in-depth understanding of a range of important state-of-the-art security technologies.
- Students can implement network-security protocols based on cryptographic libraries.
ContentThe course will cover topics spanning four broad themes with a focus on the first two themes:
(1) network defense mechanisms such as public-key infrastructures, TLS, VPNs, anonymous-communication systems, secure routing protocols, secure DNS systems, and network intrusion-detection systems;
(2) network attacks such as hijacking, spoofing, denial-of-service (DoS), and distributed denial-of-service (DDoS) attacks;
(3) analysis and inference topics such as traffic monitoring and network forensics; and
(4) new technologies related to next-generation networks.

In addition, several guest lectures will provide in-depth insights into specific current real-world network-security topics.
Prerequisites / NoticeThis lecture is intended for students with an interest in securing Internet communication services and network devices. Students are assumed to have knowledge in networking as taught in a communication networks lecture like 252-0064-00L or 227-0120-00L.
Basic knowledge of information security or applied cryptography as taught in 252-0211-00L or 263-4660-00L is beneficial, but an overview of the most important cryptographic primitives will be provided at the beginning of the course.
The course will involve several graded course projects. Students are expected to be familiar with a general-purpose or network programming language such as C/C++, Go, Python, or Rust.
Subject-specific CompetenciesConcepts and Theoriesassessed
Techniques and Technologiesassessed
Method-specific CompetenciesAnalytical Competenciesassessed
Media and Digital Technologiesassessed
Project Managementassessed
Social CompetenciesCommunicationfostered
Cooperation and Teamworkfostered
Customer Orientationfostered
Leadership and Responsibilityfostered
Self-presentation and Social Influence fostered
Sensitivity to Diversityfostered
Personal CompetenciesAdaptability and Flexibilityfostered
Creative Thinkingassessed
Critical Thinkingassessed
Integrity and Work Ethicsfostered
Self-awareness and Self-reflection fostered
Self-direction and Self-management assessed
268-0101-00LIntroduction to Information Security Restricted registration - show details
Only for CAS and DAS in Cyber Security.
O5 credits4GP. Schaller, S. Matetic
AbstractIn this course, the goal is to introduce the fundamentals of information/cyber security from a technical point of view. Along with theory, hands-on experiments are an important building block of the course and help to deepen the students’ understanding of the theory parts.
ObjectiveGraduates of the course know the technical foundations of information security and understand the difficulty and complexity involved when trying to build secure systems.
ContentIn this new course, the goal is to introduce the fundamentals of information/cyber security from a technical point of view. Along with theory, hands-on experiments are an important building block of the course and help to deepen the students’ understanding of the theory parts.
268-0102-00LApplied Security Laboratory Information Restricted registration - show details
Only for DAS in Cyber Security.
O5 credits3PD. Basin
AbstractHands-on course on applied aspects of information security. Applied
information security, operating system security, OS hardening, computer forensics, web application security, project work, design, implementation, and configuration of security mechanisms, risk analysis, system review.
ObjectiveThe Applied Security Laboratory addresses four major topics: operating system security (hardening, vulnerability scanning, access control, logging), application security with an emphasis on web applications (web server setup, common web exploits, authentication, session handling, code security), computer forensics, and risk analysis and risk management.
ContentThis course emphasizes applied aspects of Information Security. The students will study a number of topics in a hands-on fashion and carry out experiments in order to better understand the need for secure implementation and configuration of IT systems and to assess the effectivity and impact of security measures. This part is based on a book and virtual machines that include example applications, questions, and answers.

The students will also complete an independent project: based on a set of functional requirements, they will design and implement a prototypical IT system. In addition, they will conduct a thorough security analysis and devise appropriate security measures for their systems. Finally, they will carry out a technical and conceptual review of another system. All project work will be performed in teams and must be properly documented.
Lecture notesThe course is based on the book "Applied Information Security - A Hands-on Approach". More information: Link
LiteratureRecommended reading includes:
* Pfleeger, Pfleeger: Security in Computing, Third Edition, Prentice Hall, available online from within ETH
* Garfinkel, Schwartz, Spafford: Practical Unix & Internet Security, O'Reilly & Associates.
* Various: OWASP Guide to Building Secure Web Applications, available online
* Huseby: Innocent Code -- A Security Wake-Up Call for Web Programmers, John Wiley & Sons.
* Scambray, Schema: Hacking Exposed Web Applications, McGraw-Hill.
* O'Reilly, Loukides: Unix Power Tools, O'Reilly & Associates.
* Frisch: Essential System Administration, O'Reilly & Associates.
* NIST: Risk Management Guide for Information Technology Systems, available online as PDF
* BSI: IT-Grundschutzhandbuch, available online
Prerequisites / Notice* The lab allows flexible working since there are only few mandatory meetings during the semester.
* The lab covers a variety of different techniques. Thus, participating students should have a solid foundation in the following areas: information security, operating system administration (especially Unix/Linux), and networking. Students are also expected to have a basic understanding of HTML, PHP, JavaScript, and MySQL because several examples are implemented in these languages.
* Students must be prepared to spend more than three hours per week to complete the lab assignments and the project. This applies particularly to students who do not meet the recommended requirements given above. Successful participants of the course receive 8 credits as compensation for their effort.
* All participants must sign the lab's charter and usage policy during the introduction lecture.
  •  Page  1  of  1