Adrian Perrig: Katalogdaten im Herbstsemester 2020

NameHerr Prof. Dr. Adrian Perrig
LehrgebietInformatik
Adresse
Institut f. Informationssicherheit
ETH Zürich, CAB F 85.1
Universitätstrasse 6
8092 Zürich
SWITZERLAND
Telefon+41 44 632 99 69
E-Mailadrian.perrig@inf.ethz.ch
URLhttp://www.netsec.ethz.ch/people/aperrig
DepartementInformatik
BeziehungOrdentlicher Professor

NummerTitelECTSUmfangDozierende
252-1414-00LSystem Security Information 7 KP2V + 2U + 2AS. Capkun, A. Perrig
KurzbeschreibungThe first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems.
LernzielIn this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.
InhaltThe first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc.

In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX).

Along the lectures, model cases will be elaborated and evaluated in the exercises.
252-4601-00LCurrent Topics in Information Security Information Belegung eingeschränkt - Details anzeigen
Number of participants limited to 24.

The deadline for deregistering expires at the end of the second week of the semester. Students who are still registered after that date, but do not attend the seminar, will officially fail the seminar.
2 KP2SS. Capkun, K. Paterson, A. Perrig
KurzbeschreibungThe seminar covers various topics in information security: security protocols (models, specification & verification), trust management, access control, non-interference, side-channel attacks, identity-based cryptography, host-based attack detection, anomaly detection in backbone networks, key-management for sensor networks.
LernzielThe main goals of the seminar are the independent study of scientific literature and assessment of its contributions as well as learning and practicing presentation techniques.
InhaltThe seminar covers various topics in information security, including network security, cryptography and security protocols. The participants are expected to read a scientific paper and present it in a 35-40 min talk. At the beginning of the semester a short introduction to presentation techniques will be given.

Selected Topics

- security protocols: models, specification & verification
- trust management, access control and non-interference
- side-channel attacks
- identity-based cryptography
- host-based attack detection
- anomaly detection in backbone networks
- key-management for sensor networks
LiteraturThe reading list will be published on the course web site.
263-0009-00LInformation Security Lab Information Belegung eingeschränkt - Details anzeigen
Only for master students, otherwise a special permission by the study administration of D-INFK is required.

Number of participants limited to 150.
8 KP2V + 1U + 3P + 1AK. Paterson, D. Basin, S. Capkun, D. Hofheinz, A. Perrig
KurzbeschreibungThis InterFocus Course will provide a broad, hands-on introduction to Information Security, introducing adversarial thinking and security by design as key approaches to building secure systems.
LernzielThis course will introduce key concepts from Information Security, both from attack and defence perspectives. Students will gain an appreciation of the complexity and challenge of building secure systems.
InhaltThe course is organised in two-week segments. In each segment, a new concept from Information Security will be introduced. The overall scope will be broad, including cryptography, protocol design, network security, system security.
SkriptWill be made available during the semester.
LiteraturPaul C. van Oorschot, Computer Security and the Internet: Tools and Jewels.
Dan Boneh and Victor Shoup, A Graduate Course in Applied Cryptography.
Voraussetzungen / BesonderesIdeally, students will have taken the D-INFK Bachelors course “Information Security" or an equivalent course at Bachelors level.
263-4640-00LNetwork Security Information 8 KP2V + 2U + 3AA. Perrig, S. Frei, M. Legner
KurzbeschreibungSome of today's most damaging attacks on computer systems involve
exploitation of network infrastructure, either as the target of attack
or as a vehicle to attack end systems. This course provides an
in-depth study of network attack techniques and methods to defend
against them.
Lernziel- Students are familiar with fundamental network security concepts.
- Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures.
- Students can identify and assess known vulnerabilities in a software system that is connected to the Internet (through analysis and penetration testing tools).
- Students have an in-depth understanding of a range of important security technologies.
- Students learn how formal analysis techniques can help in the design of secure networked systems.
InhaltThe course will cover topics spanning five broad themes: (1) network
defense mechanisms such as secure routing protocols, TLS, anonymous
communication systems, network intrusion detection systems, and
public-key infrastructures; (2) network attacks such as denial of
service (DoS) and distributed denial-of-service (DDoS) attacks; (3)
analysis and inference topics such as network forensics and attack
economics; (4) formal analysis techniques for verifying the security
properties of network architectures; and (5) new technologies related
to next-generation networks.
Voraussetzungen / BesonderesThis lecture is intended for students with an interest in securing
Internet communication services and network devices. Students are
assumed to have knowledge in networking as taught in a Communication
Networks lecture. The course will involve a course project and some
smaller programming projects as part of the homework. Students are
expected to have basic knowledge in network programming in a
programming language such as C/C++, Go, or Python.