Search result: Catalogue data in Autumn Semester 2020

Cyber Security Master Information
Field of Specialization
Electives
NumberTitleTypeECTSHoursLecturers
227-0575-00LAdvanced Topics in Communication Networks (Autumn 2020) Information W6 credits2V + 2UL. Vanbever
AbstractThis course covers advanced topics and technologies in computer networks, both theoretically and practically. It is offered each Fall semester, with rotating topics. Repetition for credit is possible with consent of the instructor. In the Fall 2020, the course will cover advanced topics in Internet routing and forwarding.
ObjectiveThe goals of this course is to provide students with a deeper understanding of the existing and upcoming Internet routing and forwarding technologies used in large-scale computer networks such as Internet Service Providers (e.g., Swisscom or Deutsche Telekom), Content Delivery Networks (e.g., Netflix) and Data Centers (e.g., Google). Besides covering the fundamentals, the course will be “hands-on” and will enable students to play with the technologies in realistic network environments, and even implement some of them on their own during labs and a final group project.
ContentThe course will cover advanced topics in Internet routing and forwarding such as:

- Tunneling
- Hierarchical routing
- Traffic Engineering and Load Balancing
- Virtual Private Networks
- Quality of Service/Queuing/Scheduling
- IP Multicast
- Fast Convergence
- Network virtualization
- Network programmability (OpenFlow, P4)
- Network measurements

The course will be divided in two main blocks. The first block (~10 weeks) will interleave classical lectures with practical exercises and labs. The second block (~4 weeks) will consist of a practical project which will be performed in small groups (~3 students). During the second block, lecture slots will be replaced by feedback sessions where students will be able to ask questions and get feedback about their project. The last week of the semester will be dedicated to student presentations and demonstrations.
Lecture notesLecture notes and material will be made available before each course on the course website.
LiteratureRelevant references will be made available through the course website.
Prerequisites / NoticePrerequisites: Communication Networks (227-0120-00L) or equivalents / good programming skills (in any language) are expected as both the exercices and the final project will involve coding.
227-0579-00LHardware Security Restricted registration - show details W6 credits4GK. Razavi
AbstractThis course covers the security of commodity computer hardware (e.g., CPU, DRAM, etc.) with a special focus on cutting-edge hands-on research. The aim of the course is familiarizing the students with hardware security and more specifically microarchitectural and circuit-level attacks and defenses through lectures, reviewing and discussing papers, and executing some of these advanced attacks.
ObjectiveBy the end of the course, the students will be familiar with the state of the art in commodity computer hardware attacks and defenses. More specifically, the students will learn about:

- security problems of commodity hardware that we use everyday and how you can defend against them.
- relevant computer architecture and operating system aspects of these issues.
- hands-on techniques for performing hardware attacks.
- writing critical reviews and constructive discussions with peers on this topic.

This is the course where you get credit points by building some of the most advanced exploits on the planet! The luckiest team will collect a Best Demo Award at the end of the course.
LiteratureSlides, relevant literature and manuals will be made available during the course.
Prerequisites / NoticeKnowledge of systems programming and computer architecture is a plus.
252-0811-00LApplied Security Laboratory Information
This only applies to Study Regulations 09: In the Master Programme max. 10 credits can be accounted by Labs on top of the Interfocus Courses. Additional Labs will be listed on the Addendum.
W8 credits7PD. Basin
AbstractHands-on course on applied aspects of information security. Applied
information security, operating system security, OS hardening, computer forensics, web application security, project work, design, implementation, and configuration of security mechanisms, risk analysis, system review.
ObjectiveThe Applied Security Laboratory addresses four major topics: operating system security (hardening, vulnerability scanning, access control, logging), application security with an emphasis on web applications (web server setup, common web exploits, authentication, session handling, code security), computer forensics, and risk analysis and risk management.
ContentThis course emphasizes applied aspects of Information Security. The students will study a number of topics in a hands-on fashion and carry out experiments in order to better understand the need for secure implementation and configuration of IT systems and to assess the effectivity and impact of security measures. This part is based on a book and virtual machines that include example applications, questions, and answers.

The students will also complete an independent project: based on a set of functional requirements, they will design and implement a prototypical IT system. In addition, they will conduct a thorough security analysis and devise appropriate security measures for their systems. Finally, they will carry out a technical and conceptual review of another system. All project work will be performed in teams and must be properly documented.
Lecture notesThe course is based on the book "Applied Information Security - A Hands-on Approach". More information: Link
LiteratureRecommended reading includes:
* Pfleeger, Pfleeger: Security in Computing, Third Edition, Prentice Hall, available online from within ETH
* Garfinkel, Schwartz, Spafford: Practical Unix & Internet Security, O'Reilly & Associates.
* Various: OWASP Guide to Building Secure Web Applications, available online
* Huseby: Innocent Code -- A Security Wake-Up Call for Web Programmers, John Wiley & Sons.
* Scambray, Schema: Hacking Exposed Web Applications, McGraw-Hill.
* O'Reilly, Loukides: Unix Power Tools, O'Reilly & Associates.
* Frisch: Essential System Administration, O'Reilly & Associates.
* NIST: Risk Management Guide for Information Technology Systems, available online as PDF
* BSI: IT-Grundschutzhandbuch, available online
Prerequisites / Notice* The lab allows flexible working since there are only few mandatory meetings during the semester.
* The lab covers a variety of different techniques. Thus, participating students should have a solid foundation in the following areas: information security, operating system administration (especially Unix/Linux), and networking. Students are also expected to have a basic understanding of HTML, PHP, JavaScript, and MySQL because several examples are implemented in these languages.
* Students must be prepared to spend more than three hours per week to complete the lab assignments and the project. This applies particularly to students who do not meet the recommended requirements given above. Successful participants of the course receive 8 credits as compensation for their effort.
* All participants must sign the lab's charter and usage policy during the introduction lecture.
252-1411-00LSecurity of Wireless Networks Information W6 credits2V + 1U + 2AS. Capkun, K. Kostiainen
AbstractCore Elements: Wireless communication channel, Wireless network architectures and protocols, Attacks on wireless networks, Protection techniques.
ObjectiveAfter this course, the students should be able to: describe and classify security goals and attacks in wireless networks; describe security architectures of the following wireless systems and networks: 802.11, GSM/UMTS, RFID, ad hoc/sensor networks; reason about security protocols for wireless network; implement mechanisms to secure
802.11 networks.
ContentWireless channel basics. Wireless electronic warfare: jamming and target tracking. Basic security protocols in cellular, WLAN and
multi-hop networks. Recent advances in security of multi-hop networks; RFID privacy challenges and solutions.
  •  Page  1  of  1