# Search result: Catalogue data in Autumn Semester 2017

Computer Science Master | ||||||

Interfocus Courses | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |
---|---|---|---|---|---|---|

263-0006-00L | Algorithms LabOnly for master students, otherwise a special permission by the student administration of D-INFK is required. | O | 8 credits | 4P + 1A | A. Steger, E. Welzl, P. Widmayer | |

Abstract | Students learn how to solve algorithmic problems given by a textual description (understanding problem setting, finding appropriate modeling, choosing suitable algorithms, and implementing them). Knowledge of basic algorithms and data structures is assumed; more advanced material and usage of standard libraries for combinatorial algorithms are introduced in tutorials. | |||||

Objective | The objective of this course is to learn how to solve algorithmic problems given by a textual description. This includes appropriate problem modeling, choice of suitable (combinatorial) algorithms, and implementing them (using C/C++, STL, CGAL, and BGL). | |||||

Literature | T. Cormen, C. Leiserson, R. Rivest: Introduction to Algorithms, MIT Press, 1990. J. Hromkovic, Teubner: Theoretische Informatik, Springer, 2004 (English: Theoretical Computer Science, Springer 2003). J. Kleinberg, É. Tardos: Algorithm Design, Addison Wesley, 2006. H. R. Lewis, C. H. Papadimitriou: Elements of the Theory of Computation, Prentice Hall, 1998. T. Ottmann, P. Widmayer: Algorithmen und Datenstrukturen, Spektrum, 2012. R. Sedgewick: Algorithms in C++: Graph Algorithms, Addison-Wesley, 2001. | |||||

263-0007-00L | Advanced Systems Lab Only for master students, otherwise a special permission by the student administration of D-INFK is required. | O | 8 credits | 4P + 1A | G. Alonso | |

Abstract | The goal of this course is to teach students how to evaluate the performance of complex computer and software systems. Accordingly, the methodology to carry out experiments and measurements is studied. Furthermore, the modelling of systems with the help of queueing network systems is explained. | |||||

Objective | The goal of this course is to teach students how to evaluate the performance of complex computer and software systems. | |||||

Focus Courses | ||||||

Focus Courses in Computational Science | ||||||

Focus Core Courses Computational Science | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-0535-00L | Machine Learning | W | 8 credits | 3V + 2U + 2A | J. M. Buhmann | |

Abstract | Machine learning algorithms provide analytical methods to search data sets for characteristic patterns. Typical tasks include the classification of data, function fitting and clustering, with applications in image and speech analysis, bioinformatics and exploratory data analysis. This course is accompanied by practical machine learning projects. | |||||

Objective | Students will be familiarized with the most important concepts and algorithms for supervised and unsupervised learning; reinforce the statistics knowledge which is indispensible to solve modeling problems under uncertainty. Key concepts are the generalization ability of algorithms and systematic approaches to modeling and regularization. A machine learning project will provide an opportunity to test the machine learning algorithms on real world data. | |||||

Content | The theory of fundamental machine learning concepts is presented in the lecture, and illustrated with relevant applications. Students can deepen their understanding by solving both pen-and-paper and programming exercises, where they implement and apply famous algorithms to real-world data. Topics covered in the lecture include: - Bayesian theory of optimal decisions - Maximum likelihood and Bayesian parameter inference - Classification with discriminant functions: Perceptrons, Fisher's LDA and support vector machines (SVM) - Ensemble methods: Bagging and Boosting - Regression: least squares, ridge and LASSO penalization, non-linear regression and the bias-variance trade-off - Non parametric density estimation: Parzen windows, nearest nieghbour - Dimension reduction: principal component analysis (PCA) and beyond | |||||

Lecture notes | No lecture notes, but slides will be made available on the course webpage. | |||||

Literature | C. Bishop. Pattern Recognition and Machine Learning. Springer 2007. R. Duda, P. Hart, and D. Stork. Pattern Classification. John Wiley & Sons, second edition, 2001. T. Hastie, R. Tibshirani, and J. Friedman. The Elements of Statistical Learning: Data Mining, Inference and Prediction. Springer, 2001. L. Wasserman. All of Statistics: A Concise Course in Statistical Inference. Springer, 2004. | |||||

Prerequisites / Notice | The course requires solid basic knowledge in analysis, statistics and numerical methods for CSE as well as practical programming experience for solving assignments. Students should at least have followed one previous course offered by the Machine Learning Institute (e.g., CIL or LIS) or an equivalent course offered by another institution. | |||||

636-0007-00L | Computational Systems Biology | W | 6 credits | 3V + 2U | J. Stelling | |

Abstract | Study of fundamental concepts, models and computational methods for the analysis of complex biological networks. Topics: Systems approaches in biology, biology and reaction network fundamentals, modeling and simulation approaches (topological, probabilistic, stoichiometric, qualitative, linear / nonlinear ODEs, stochastic), and systems analysis (complexity reduction, stability, identification). | |||||

Objective | The aim of this course is to provide an introductory overview of mathematical and computational methods for the modeling, simulation and analysis of biological networks. | |||||

Content | Biology has witnessed an unprecedented increase in experimental data and, correspondingly, an increased need for computational methods to analyze this data. The explosion of sequenced genomes, and subsequently, of bioinformatics methods for the storage, analysis and comparison of genetic sequences provides a prominent example. Recently, however, an additional area of research, captured by the label "Systems Biology", focuses on how networks, which are more than the mere sum of their parts' properties, establish biological functions. This is essentially a task of reverse engineering. The aim of this course is to provide an introductory overview of corresponding computational methods for the modeling, simulation and analysis of biological networks. We will start with an introduction into the basic units, functions and design principles that are relevant for biology at the level of individual cells. Making extensive use of example systems, the course will then focus on methods and algorithms that allow for the investigation of biological networks with increasing detail. These include (i) graph theoretical approaches for revealing large-scale network organization, (ii) probabilistic (Bayesian) network representations, (iii) structural network analysis based on reaction stoichiometries, (iv) qualitative methods for dynamic modeling and simulation (Boolean and piece-wise linear approaches), (v) mechanistic modeling using ordinary differential equations (ODEs) and finally (vi) stochastic simulation methods. | |||||

Lecture notes | Link | |||||

Literature | U. Alon, An introduction to systems biology. Chapman & Hall / CRC, 2006. Z. Szallasi et al. (eds.), System modeling in cellular biology. MIT Press, 2006. | |||||

Focus Elective Courses Computational Science | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-0543-01L | Computer Graphics | W | 6 credits | 3V + 2U | M. Gross, J. Novak | |

Abstract | This course covers some of the fundamental concepts of computer graphics, namely 3D object representations and generation of photorealistic images from digital representations of 3D scenes. | |||||

Objective | At the end of the course the students will be able to build a rendering system. The students will study the basic principles of rendering and image synthesis. In addition, the course is intended to stimulate the students' curiosity to explore the field of computer graphics in subsequent courses or on their own. | |||||

Content | This course covers fundamental concepts of modern computer graphics. Students will learn about 3D object representations and the details of how to generate photorealistic images from digital representations of 3D scenes. Starting with an introduction to 3D shape modeling and representation, texture mapping and ray-tracing, we will move on to acceleration structures, the physics of light transport, appearance modeling and global illumination principles and algorithms. We will end with an overview of modern image-based image synthesis techniques, covering topics such as lightfields and depth-image based rendering. | |||||

Lecture notes | no | |||||

Prerequisites / Notice | Prerequisites: Fundamentals of calculus and linear algebra, basic concepts of algorithms and data structures, programming skills in C++, Visual Computing course recommended. The programming assignments will be in C++. This will not be taught in the class. | |||||

263-5001-00L | Introduction to Finite Elements and Sparse Linear System Solving | W | 4 credits | 2V + 1U | P. Arbenz | |

Abstract | The finite element (FE) method is the method of choice for (approximately) solving partial differential equations on complicated domains. In the first third of the lecture, we give an introduction to the method. The rest of the lecture will be devoted to methods for solving the large sparse linear systems of equation that a typical for the FE method. We will consider direct and iterative methods. | |||||

Objective | Students will know the most important direct and iterative solvers for sparse linear systems. They will be able to determine which solver to choose in particular situations. | |||||

Content | I. THE FINITE ELEMENT METHOD (1) Introduction, model problems. (2) 1D problems. Piecewise polynomials in 1D. (3) 2D problems. Triangulations. Piecewise polynomials in 2D. (4) Variational formulations. Galerkin finite element method. (5) Implementation aspects. II. DIRECT SOLUTION METHODS (6) LU and Cholesky decomposition. (7) Sparse matrices. (8) Fill-reducing orderings. III. ITERATIVE SOLUTION METHODS (9) Stationary iterative methods, preconditioning. (10) Preconditioned conjugate gradient method (PCG). (11) Incomplete factorization preconditioning. (12) Multigrid preconditioning. (13) Nonsymmetric problems (GMRES, BiCGstab). (14) Indefinite problems (SYMMLQ, MINRES). | |||||

Literature | [1] M. G. Larson, F. Bengzon: The Finite Element Method: Theory, Implementation, and Applications. Springer, Heidelberg, 2013. [2] H. Elman, D. Sylvester, A. Wathen: Finite elements and fast iterative solvers. OUP, Oxford, 2005. [3] Y. Saad: Iterative methods for sparse linear systems (2nd ed.). SIAM, Philadelphia, 2003. [4] T. Davis: Direct Methods for Sparse Linear Systems. SIAM, Philadelphia, 2006. [5] H.R. Schwarz: Die Methode der finiten Elemente (3rd ed.). Teubner, Stuttgart, 1991. | |||||

Prerequisites / Notice | Prerequisites: Linear Algebra, Analysis, Computational Science. The exercises are made with Matlab. | |||||

636-0017-00L | Computational Biology | W | 6 credits | 3G + 2A | C. Magnus, T. Stadler, T. Vaughan | |

Abstract | The aim of the course is to provide up-to-date knowledge on how we can study biological processes using genetic sequencing data. Computational algorithms extracting biological information from genetic sequence data are discussed, and statistical tools to understand this information in detail are introduced. | |||||

Objective | Attendees will learn which information is contained in genetic sequencing data and how to extract information from this data using computational tools. The main concepts introduced are: * stochastic models in molecular evolution * phylogenetic & phylodynamic inference * maximum likelihood and Bayesian statistics Attendees will apply these concepts to a number of applications yielding biological insight into: * epidemiology * pathogen evolution * macroevolution of species | |||||

Content | The course consists of four parts. We first introduce modern genetic sequencing technology, and algorithms to obtain sequence alignments from the output of the sequencers. We then present methods for direct alignment analysis using approaches such as BLAST and GWAS. Second, we introduce mechanisms and concepts of molecular evolution, i.e. we discuss how genetic sequences change over time. Third, we employ evolutionary concepts to infer ancestral relationships between organisms based on their genetic sequences, i.e. we discuss methods to infer genealogies and phylogenies. Lastly, we introduce the field of phylodynamics. The aim of phylodynamics is to understand and quantify the population dynamic processes (such as transmission in epidemiology or speciation & extinction in macroevolution) based on a phylogeny. Throughout the class, the models and methods are illustrated on different datasets giving insight into the epidemiology and evolution of a range of infectious diseases (e.g. HIV, HCV, influenza, Ebola). Applications of the methods to the field of macroevolution provide insight into the evolution and ecology of different species clades. Students will be trained in the algorithms and their application both on paper and in silico as part of the exercises. | |||||

Lecture notes | Lecture slides will be available on moodle. | |||||

Literature | The course is not based on any of the textbooks below, but they are excellent choices as accompanying material: * Yang, Z. 2006. Computational Molecular Evolution. * Felsenstein, J. 2004. Inferring Phylogenies. * Semple, C. & Steel, M. 2003. Phylogenetics. * Drummond, A. & Bouckaert, R. 2015. Bayesian evolutionary analysis with BEAST. | |||||

Prerequisites / Notice | Basic knowledge in linear algebra, analysis, and statistics will be helpful. Programming in R will be required for the "Central Element". We provide an R tutorial and help sessions during the first two weeks of class to learn the required skills. | |||||

Seminar Computational Science | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-5701-00L | Advanced Topics in Computer Graphics and Vision Number of participants limited to 24. | W | 2 credits | 2S | M. Gross, O. Sorkine Hornung | |

Abstract | This seminar covers advanced topics in computer graphics, such as modeling, rendering, animation, real-time graphics, physical simulation, and computational photography. Each time the course is offered, a collection of research papers is selected and each student presents one paper to the class and leads a discussion about the paper and related topics. | |||||

Objective | The goal is to get an in-depth understanding of actual problems and research topics in the field of computer graphics as well as improve presentations and critical analysis skills. | |||||

Content | This seminar covers advanced topics in computer graphics, including both seminal research papers as well as the latest research results. Each time the course is offered, a collection of research papers are selected covering topics such as modeling, rendering, animation, real-time graphics, physical simulation, and computational photography. Each student presents one paper to the class and leads a discussion about the paper and related topics. All students read the papers and participate in the discussion. | |||||

Lecture notes | no script | |||||

Literature | Individual research papers are selected each term. See http://graphics.ethz.ch/ for the current list. | |||||

Prerequisites / Notice | Prerequisites: The courses "Computer Graphics I and II" (GDV I & II) are recommended, but not mandatory. | |||||

Focus Courses in Distributed Systems | ||||||

Focus Core Courses Distributed Systems | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

263-3800-00L | Advanced Operating Systems | W | 6 credits | 2V + 2U + 1A | T. Roscoe | |

Abstract | This course is intended to give students a thorough understanding of design and implementation issues for modern operating systems, with a particular emphasis on the challenges of modern hardware features. We will cover key design issues in implementing an operating system, such as memory management, scheduling, protection, inter-process communication, device drivers, and file systems. | |||||

Objective | The goals of the course are, firstly, to give students: 1. A broader perspective on OS design than that provided by knowledge of Unix or Windows, building on the material in a standard undergraduate operating systems class 2. Practical experience in dealing directly with the concurrency, resource management, and abstraction problems confronting OS designers and implementers 3. A glimpse into future directions for the evolution of OS and computer hardware design | |||||

Content | The course is based on practical implementation work, in C and assembly language, and requires solid knowledge of both. The work is mostly carried out in teams of 3-4, using real hardware, and is a mixture of team milestones and individual projects which fit together into a complete system at the end. Emphasis is also placed on a final report which details the complete finished artifact, evaluates its performance, and discusses the choices the team made while building it. | |||||

Prerequisites / Notice | The course is based around a milestone-oriented project, where students work in small groups to implement major components of a microkernel-based operating system. The final assessment will be a combination grades awarded for milestones during the course of the project, a final written report on the work, and a set of test cases run on the final code. | |||||

252-1414-00L | System Security | W | 5 credits | 2V + 2U | S. Capkun, A. Perrig | |

Abstract | The first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems. | |||||

Objective | In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met. | |||||

Content | The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc. In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX). Along the lectures, model cases will be elaborated and evaluated in the exercises. | |||||

Focus Elective Courses Distributed Systems | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-0437-00L | Distributed Algorithms | W | 4 credits | 3V | F. Mattern | |

Abstract | Models of distributed computations, time space diagrams, virtual time, logical clocks and causality, wave algorithms, parallel and distributed graph traversal, consistent snapshots, mutual exclusion, election and symmetry breaking, distributed termination detection, garbage collection in distributed systems, monitoring distributed systems, global predicates. | |||||

Objective | Become acquainted with models and algorithms for distributed systems. | |||||

Content | Verteilte Algorithmen sind Verfahren, die dadurch charakterisiert sind, dass mehrere autonome Prozesse gleichzeitig Teile eines gemeinsamen Problems in kooperativer Weise bearbeiten und der dabei erforderliche Informationsaustausch ausschliesslich über Nachrichten erfolgt. Derartige Algorithmen kommen im Rahmen verteilter Systeme zum Einsatz, bei denen kein gemeinsamer Speicher existiert und die Übertragungszeit von Nachrichten i.a. nicht vernachlässigt werden kann. Da dabei kein Prozess eine aktuelle konsistente Sicht des globalen Zustands besitzt, führt dies zu interessanten Problemen. Im einzelnen werden u.a. folgende Themen behandelt: Modelle verteilter Berechnungen; Raum-Zeit Diagramme; Virtuelle Zeit; Logische Uhren und Kausalität; Wellenalgorithmen; Verteilte und parallele Graphtraversierung; Berechnung konsistenter Schnappschüsse; Wechselseitiger Ausschluss; Election und Symmetriebrechung; Verteilte Terminierung; Garbage-Collection in verteilten Systemen; Beobachten verteilter Systeme; Berechnung globaler Prädikate. | |||||

Literature | - F. Mattern: Verteilte Basisalgorithmen, Springer-Verlag - G. Tel: Topics in Distributed Algorithms, Cambridge University Press - G. Tel: Introduction to Distributed Algorithms, Cambridge University Press, 2nd edition - A.D. Kshemkalyani, M. Singhal: Distributed Computing, Cambridge University Press - N. Lynch: Distributed Algorithms, Morgan Kaufmann Publ | |||||

252-0817-00L | Distributed Systems Laboratory In the Master Programme max.10 credits can be accounted by Labs on top of the Interfocus Courses. These Labs will only count towards the Master Programme. Additional Labs will be listed on the Addendum. | W | 10 credits | 9P | G. Alonso, T. Hoefler, F. Mattern, T. Roscoe, A. Singla, R. Wattenhofer, C. Zhang | |

Abstract | This course involves the participation in a substantial development and/or evaluation project involving distributed systems technology. There are projects available in a wide range of areas: from web services to ubiquitous computing including wireless networks, ad-hoc networks, RFID, and distributed applications on smartphones. | |||||

Objective | Gain hands-on-experience with real products and the latest technology in distributed systems. | |||||

Content | This course involves the participation in a substantial development and/or evaluation project involving distributed systems technology. There are projects available in a wide range of areas: from web services to ubiquitous computing including as well wireless networks, ad-hoc networks, and distributed application on smartphones. The goal of the project is for the students to gain hands-on-experience with real products and the latest technology in distributed systems. There is no lecture associated to the course. For information of the course or projects available, see https://www.dsl.inf.ethz.ch/ or contact Prof. Mattern, Prof. Wattenhofer, Prof. Roscoe or Prof. G. Alonso. | |||||

263-2210-00L | Computer Architecture | W | 8 credits | 6G + 1A | O. Mutlu | |

Abstract | Computer architecture is the science and art of selecting and interconnecting hardware components to create a computer that meets functional, performance and cost goals. This course introduces the basic hardware structure of a modern programmable computer, including the basic laws underlying performance evaluation. | |||||

Objective | We will learn, for example, how to design the control and data path hardware for a MIPS-like processor, how to make machine instructions execute simultaneously through pipelining and simple superscalar execution, and how to design fast memory and storage systems. | |||||

Content | The principles presented in the lecture are reinforced in the laboratory through the design and simulation of a register transfer (RT) implementation of a MIPS-like pipelined processor in System Verilog. In addition, we will develop a cycle-accurate simulator of this processor in C, and we will use this simulator to explore processor design options. | |||||

Prerequisites / Notice | Digital technology | |||||

Seminar Distributed Systems | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

263-3900-00L | Communication Networks Seminar Number of participants limited to 20. | W | 2 credits | 2S | A. Singla | |

Abstract | We will study recent advances in computer networking by reading, presenting, and discussing research papers from recent iterations of the top conferences in the area, including NSDI, SIGCOMM, and CoNEXT. | |||||

Objective | The objectives are (a) to understand the state-of-the-art in the field; (b) to learn to read, present and critique papers; (c) to engage in discussion and debate about research questions; and (d) to identify opportunities for new research. Students are expected to attend the entire seminar, choose a topic for presentation from a given list, make a presentation on that topic, and lead the discussion. Further, for each reading, every student needs to submit a review before the in-class discussion. Students are evaluated on their submitted reviews, their presentation and discussion leadership, and participation in seminar discussions. | |||||

263-3504-00L | Hardware Acceleration for Data Processing | W | 2 credits | 2S | G. Alonso, T. Hoefler, O. Mutlu, C. Zhang | |

Abstract | The seminar will cover topics related to data processing using new hardware in general and hardware accelerators (GPU, FPGA, specialized processors) in particular. | |||||

Objective | The seminar will cover topics related to data processing using new hardware in general and hardware accelerators (GPU, FPGA, specialized processors) in particular. | |||||

Content | The general application areas are big data and machine learning. The systems covered will include systems from computer architecture, high performance computing, data appliances, and data centers. | |||||

Prerequisites / Notice | Students taking this seminar should have the necessary background in systems and low level programming. | |||||

Focus Courses in Information Security | ||||||

Focus Core Courses Information Security | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-0463-00L | Security Engineering | W | 5 credits | 2V + 2U | D. Basin | |

Abstract | Subject of the class are engineering techniques for developing secure systems. We examine concepts, methods and tools, applied within the different activities of the SW development process to improve security of the system. Topics: security requirements&risk analysis, system modeling&model-based development methods, implementation-level security, and evaluation criteria for secure systems | |||||

Objective | Security engineering is an evolving discipline that unifies two important areas: software engineering and security. Software Engineering addresses the development and application of methods for systematically developing, operating, and maintaining, complex, high-quality software. Security, on the other hand, is concerned with assuring and verifying properties of a system that relate to confidentiality, integrity, and availability of data. The goal of this class is to survey engineering techniques for developing secure systems. We will examine concepts, methods, and tools that can be applied within the different activities of the software development process, in order to improve the security of the resulting systems. Topics covered include * security requirements & risk analysis, * system modeling and model-based development methods, * implementation-level security, and * evaluation criteria for the development of secure systems | |||||

Content | Security engineering is an evolving discipline that unifies two important areas: software engineering and security. Software Engineering addresses the development and application of methods for systematically developing, operating, and maintaining, complex, high-quality software. Security, on the other hand, is concerned with assuring and verifying properties of a system that relate to confidentiality, integrity, and availability of data. The goal of this class is to survey engineering techniques for developing secure systems. We will examine concepts, methods, and tools that can be applied within the different activities of the software development process, in order to improve the security of the resulting systems. Topics covered include * security requirements & risk analysis, * system modeling and model-based development methods, * implementation-level security, and * evaluation criteria for the development of secure systems Modules taught: 1. Introduction - Introduction of Infsec group and speakers - Security meets SW engineering: an introduction - The activities of SW engineering, and where security fits in - Overview of this class 2. Requirements Engineering: Security Requirements and some Analysis - overview: functional and non-functional requirements - use cases, misuse cases, sequence diagrams - safety and security - FMEA, FTA, attack trees 3. Modeling in the design activities - structure, behavior, and data flow - class diagrams, statecharts 4. Model-driven security for access control (design) - SecureUML as a language for access control - Combining Design Modeling Languages with SecureUML - Semantics, i.e., what does it all mean, - Generation - Examples and experience 5. Model-driven security (Part II) - Continuation of above topics 6. Security patterns (design and implementation) 7. Implementation-level security - Buffer overflows - Input checking - Injection attacks 8. Testing - overview - model-based testing - testing security properties 9. Risk analysis and management 1 (project management) - "risk": assets, threats, vulnerabilities, risk - risk assessment: quantitative and qualitative - safeguards - generic risk analysis procedure - The OCTAVE approach 10. Risk analysis: IT baseline protection - Overview - Example 11. Evaluation criteria - CMMI - systems security engineering CMM - common criteria 12. Guest lecture - TBA | |||||

Literature | - Ross Anderson: Security Engineering, Wiley, 2001. - Matt Bishop: Computer Security, Pearson Education, 2003. - Ian Sommerville: Software Engineering, 6th ed., Addison-Wesley, 2001. - John Viega, Gary McGraw: Building Secure Software, Addison-Wesley, 2002. - Further relevant books and journal/conference articles will be announced in the lecture. | |||||

Prerequisites / Notice | Prerequisite: Class on Information Security | |||||

252-1414-00L | System Security | W | 5 credits | 2V + 2U | S. Capkun, A. Perrig | |

Abstract | The first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems. | |||||

Objective | In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met. | |||||

Content | The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc. In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX). Along the lectures, model cases will be elaborated and evaluated in the exercises. | |||||

263-4640-00L | Network Security | W | 6 credits | 2V + 1U + 2A | A. Perrig, S. Frei | |

Abstract | Some of today's most damaging attacks on computer systems involve exploitation of network infrastructure, either as the target of attack or as a vehicle to attack end systems. This course provides an in-depth study of network attack techniques and methods to defend against them. | |||||

Objective | - Students are familiar with fundamental network security concepts. - Students can assess current threats that Internet services and networked devices face, and can evaluate appropriate countermeasures. - Students can identify and assess known vulnerabilities in a software system that is connected to the Internet (through analysis and penetration testing tools). - Students have an in-depth understanding of a range of important security technologies. - Students learn how formal analysis techniques can help in the design of secure networked systems. | |||||

Content | The course will cover topics spanning five broad themes: (1) network defense mechanisms such as secure routing protocols, TLS, anonymous communication systems, network intrusion detection systems, and public-key infrastructures; (2) network attacks such as denial of service (DoS) and distributed denial-of-service (DDoS) attacks; (3) analysis and inference topics such as network forensics and attack economics; (4) formal analysis techniques for verifying the security properties of network architectures; and (5) new technologies related to next-generation networks. | |||||

Prerequisites / Notice | This lecture is intended for students with an interest in securing Internet communication services and network devices. Students are assumed to have knowledge in networking as taught in a Communication Networks lecture. The course will involve a course project and some smaller programming projects as part of the homework. Students are expected to have basic knowledge in network programming in a programming language such as C/C++, Go, or Python. | |||||

Focus Elective Courses Information Security | ||||||

Number | Title | Type | ECTS | Hours | Lecturers | |

252-0811-00L | Applied Security Laboratory In the Master Programme max. 10 credits can be accounted by Labs on top of the Interfocus Courses. Additional Labs will be listed on the Addendum. | W | 8 credits | 7P | D. Basin | |

Abstract | Hands-on course on applied aspects of information security. Applied information security, operating system security, OS hardening, computer forensics, web application security, project work, design, implementation, and configuration of security mechanisms, risk analysis, system review. | |||||

Objective | The Applied Security Laboratory addresses four major topics: operating system security (hardening, vulnerability scanning, access control, logging), application security with an emphasis on web applications (web server setup, common web exploits, authentication, session handling, code security), computer forensics, and risk analysis and risk management. | |||||

Content | This course emphasizes applied aspects of Information Security. The students will study a number of topics in a hands-on fashion and carry out experiments in order to better understand the need for secure implementation and configuration of IT systems and to assess the effectivity and impact of security measures. This part is based on a book and virtual machines that include example applications, questions, and answers. The students will also complete an independent project: based on a set of functional requirements, they will design and implement a prototypical IT system. In addition, they will conduct a thorough security analysis and devise appropriate security measures for their systems. Finally, they will carry out a technical and conceptual review of another system. All project work will be performed in teams and must be properly documented. | |||||

Lecture notes | The course is based on the book "Applied Information Security - A Hands-on Approach". More information: http://www.infsec.ethz.ch/appliedlabbook | |||||

Literature | Recommended reading includes: * Pfleeger, Pfleeger: Security in Computing, Third Edition, Prentice Hall, available online from within ETH * Garfinkel, Schwartz, Spafford: Practical Unix & Internet Security, O'Reilly & Associates. * Various: OWASP Guide to Building Secure Web Applications, available online * Huseby: Innocent Code -- A Security Wake-Up Call for Web Programmers, John Wiley & Sons. * Scambray, Schema: Hacking Exposed Web Applications, McGraw-Hill. * O'Reilly, Loukides: Unix Power Tools, O'Reilly & Associates. * Frisch: Essential System Administration, O'Reilly & Associates. * NIST: Risk Management Guide for Information Technology Systems, available online as PDF * BSI: IT-Grundschutzhandbuch, available online | |||||

Prerequisites / Notice | * The lab allows flexible working since there are only few mandatory meetings during the semester. * The lab covers a variety of different techniques. Thus, participating students should have a solid foundation in the following areas: information security, operating system administration (especially Unix/Linux), and networking. Students are also expected to have a basic understanding of HTML, PHP, JavaScript, and MySQL because several examples are implemented in these languages. * Students must be prepared to spend more than three hours per week to complete the lab assignments and the project. This applies particularly to students who do not meet the recommended requirements given above. Successful participants of the course receive 8 credits as compensation for their effort. * All participants must sign the lab's charter and usage policy during the introduction lecture. | |||||

252-1411-00L | Security of Wireless Networks | W | 5 credits | 2V + 1U + 1A | S. Capkun | |

Abstract | Core Elements: Wireless communication channel, Wireless network architectures and protocols, Attacks on wireless networks, Protection techniques. | |||||

Objective | After this course, the students should be able to: describe and classify security goals and attacks in wireless networks; describe security architectures of the following wireless systems and networks: 802.11, GSM/UMTS, RFID, ad hoc/sensor networks; reason about security protocols for wireless network; implement mechanisms to secure 802.11 networks. | |||||

Content | Wireless channel basics. Wireless electronic warfare: jamming and target tracking. Basic security protocols in cellular, WLAN and multi-hop networks. Recent advances in security of multi-hop networks; RFID privacy challenges and solutions. |

- Page 1 of 6 All