News

Busy Beaver Award

Written on 06.11.22 by Michael Schwarz

Hi, 

I just wanted to thank all of you for the excellent evaluation and feedback. Foundations of Cyber Security II was awarded the Busy Beaver Award for the best basic lecture. The entire team is happy to see that our time investment resulted in a lecture that many of you enjoyed. There are also… Read more

Hi, 

I just wanted to thank all of you for the excellent evaluation and feedback. Foundations of Cyber Security II was awarded the Busy Beaver Award for the best basic lecture. The entire team is happy to see that our time investment resulted in a lecture that many of you enjoyed. There are also many good comments that will help to improve the lecture further in the next iterations.

Cheers,
Michael

Exam Inspection

Written on 13.08.22 by Michael Schwarz

Hi, 

the exam inspection is on Tuesday, 16.8., from 14:00 to 15:59 at CISPA room 0.07. There is no need to register for the exam inspection. You can also find the exam itself in the Materials section.

Cheers,
Michael

Exam

Written on 27.07.22 by Michael Schwarz

Hi, 

for the exam on Thursday, 04.08.2022 14:00 in E2 2, Günter-Hotz-Hörsaal, there are the following regulations:

  • Do not forget to register for the exam in LSF!
  • Remember: you need >=112 points on the exercise sheets to be admitted to the exam.
  • The lecture-challenge system closes on… Read more

Hi, 

for the exam on Thursday, 04.08.2022 14:00 in E2 2, Günter-Hotz-Hörsaal, there are the following regulations:

  • Do not forget to register for the exam in LSF!
  • Remember: you need >=112 points on the exercise sheets to be admitted to the exam.
  • The lecture-challenge system closes on 03.08.2022 23:59, until then you can collect bonus points for the exam. If you did not register with your student mail address, you have to write your username on the exam sheet to get the points or send me a mail before the exam!
  • You are allowed to bring a DIN A4 double-sided handwritten paper cheat sheet containing your name and anything you consider useful for the exam. No other materials or tools are allowed during the exam. 
  • All questions of the exam are in English. Answers can be given either in English or in German.
  • We strongly recommend you to take a COVID-19 test in case you are not vaccinated or recovered
  • You are not allowed to participate in the exam when you observed symptoms of COVID-19. If you provide a doctor's certificate to the examination office later on, the examination attempt will be canceled and will not count
  • To get a feeling how the exam looks like, there is a demo exam in the Materials section

If you have any questions, feel free to contact us.

Friday's Exam Prep Office Hour

Written on 18.07.22 by Daniel Weber

Hey everyone!

Since we want to give you one last in-person opportunity to ask questions about the whole content of this lecture (and because we expect that you are already busy with other exams as well), we decided to skip the last tutorials and instead offer you a grand office hour this Friday, 4… Read more

Hey everyone!

Since we want to give you one last in-person opportunity to ask questions about the whole content of this lecture (and because we expect that you are already busy with other exams as well), we decided to skip the last tutorials and instead offer you a grand office hour this Friday, 4 PM, right before the lecture event. There you can ask us any questions about any topic of this lecture.

If you want to participate in-person, you may attend this office hour from 4 PM on (until there are no more questions left and we go to the Ratskeller) in the CISPA lecture hall. Of course, you can also participate in the office hour via Zoom (use Luis' tutorial Zoom link for this).

Note: In case you want to attend on site, please bring a mask as we do not know how many people will come and at CISPA there's still a mandatory rule to wear a mask, if more than 15 people are in the lecture hall at the same time.

Cheers,

Luis.

Sheet 8 - Angr Exercise

Written on 23.06.22 by Daniel Weber

Hi all,

 

we observed that some angr versions can not solve exercise 2. More precisely, the sample solution does not work with angr in the pip version 9.1.11611.

Hence, we recommend that you update your angr installations [1] to at least 9.2.6 [2] in case your solution does not work. If you… Read more

Hi all,

 

we observed that some angr versions can not solve exercise 2. More precisely, the sample solution does not work with angr in the pip version 9.1.11611.

Hence, we recommend that you update your angr installations [1] to at least 9.2.6 [2] in case your solution does not work. If you have any further problems, you can reach us through the usual channels.

Cheers,

Daniel

 

[1]: If you haven't had angr installed in the first place, you should be fine.

[2]: You can check your angr version with "pip freeze | grep angr"

Today's Lecture: Alternative Lecture Hall

Written on 09.06.22 by Michael Schwarz

Hi, 

as some of you (including myself) prefer in-person lectures, I managed to get a different lecture hall for today if you want to be there in person. The location for today's lecture is E9 1 (CISPA), room 0.05 (lecture hall ground floor). The time stays the same. Of course, there will also be… Read more

Hi, 

as some of you (including myself) prefer in-person lectures, I managed to get a different lecture hall for today if you want to be there in person. The location for today's lecture is E9 1 (CISPA), room 0.05 (lecture hall ground floor). The time stays the same. Of course, there will also be the stream of the lecture. 

Cheers,
Michael

Tomorrow's Lecture only Online

Written on 08.06.22 by Michael Schwarz

Hi, 

Due to the "next Campusmesse", the lecture hall is, unfortunately, unavailable tomorrow. Hence, there will only be a stream of the lecture (link as usual in the Materials section). There will also be a Mentimeter link to ask questions during the lecture. 

I hope to still see many of you in… Read more

Hi, 

Due to the "next Campusmesse", the lecture hall is, unfortunately, unavailable tomorrow. Hence, there will only be a stream of the lecture (link as usual in the Materials section). There will also be a Mentimeter link to ask questions during the lecture. 

I hope to still see many of you in the stream.

Cheers,
Michael

No Lecture This Week

Written on 09.05.22 by Daniel Weber

Hi all,

just a short reminder: There will be no lecture this week, i.e., on May 12. Hence, we will also not release a new exercise sheet. The next lecture and sheet will be on May 19.

Cheers,

Daniel

Broken PDF Contents

Written on 05.05.22 by Daniel Weber

Hi all,

We observed that some of your solutions contain missing or wrong content in the PDF forms. This can easily happen depending on your PDF viewer.

To double-check you could, e.g., download your submission from the CMS again and check whether the file still contains your answers. It is also… Read more

Hi all,

We observed that some of your solutions contain missing or wrong content in the PDF forms. This can easily happen depending on your PDF viewer.

To double-check you could, e.g., download your submission from the CMS again and check whether the file still contains your answers. It is also often helpful to use the Print-As-File function of your PDF viewer and print the submission again as a PDF.

Cheers,

Daniel

PS: This does not mean that all your submissions must use the PDF forms. Feel free to submit other styles of solutions as long as they are readable.

Feedback Exercise Sheet 1 + Grading Task 4

Written on 26.04.22 by Daniel Weber

Hi all,

you can now see your feedback for the first exercise sheet on your Personal Status page in the CMS.

Due to a mistake from our side [1], we decided to grade the fourth task as a bonus exercise.

We apologize for the mistake and the resulting frustration on your… Read more

Hi all,

you can now see your feedback for the first exercise sheet on your Personal Status page in the CMS.

Due to a mistake from our side [1], we decided to grade the fourth task as a bonus exercise.

We apologize for the mistake and the resulting frustration on your side!

 

Cheers,

Daniel

 

[1]: The scripts for task 4 contained Python type hints which were only supported in Python versions newer than the default of the recommended Ubuntu version

saarsec CTF Workshop (Non-Lecture Content)

Written on 16.03.22 by Daniel Weber

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security vulnerabilities. CTFs are a great way to actually… Read more

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security vulnerabilities. CTFs are a great way to actually fiddle around with the practical details of mounting attacks and defenses that were theoretically discussed during your studies. This practical experience can not only be beneficial for your studies but also come in handy during later stages of your career. The workshop starts with a short introduction to Linux, followed by different topics such as File Inclusions, SQL Injections, and Command Injections. For each topic, we will discuss how we can find these vulnerabilities, exploit them on a large scale, and how we can fix them. Then, for each each topic, you'll spend more than 50% of the time in each slot on actual challenges. At the end, we will host a CTF for all workshop participants where they can use their newly acquired skills against each other.

FAQ:

Q: When and where?

A: April 10th and 11th, the format (virtual, onsite, or hybrid) will be announced later

Q: Requirements?

A: We do not require any certain skills as we will start with the basics. However, the knowledge from Cysec1 or Security is definitely an advantage.

Q: Sounds awesome! Where can I register or get more information?

A: https://workshop.saarsec.rocks

 

See you there,

saarsec

Show all

Foundations of Cyber Security II

In this lecture, you will learn about software and system security. This includes malware, software vulnerabilities, isolation techniques, and side channels. You will learn about different types of software vulnerabilities, how to find vulnerabilities, how to exploit them, and ways to prevent vulnerabilities as well as techniques to deal with existing vulnerabilities. The following topics are covered in this lecture

  • Malware
  • Operating-system and Low-level Basics
  • Memory Safety + Exploitation
  • Finding Vulnerabilities
  • Preventing Vulnerabilities
  • Dealing with Vulnerabilities
  • Introduction to Side Channels

Time and Location

The lecture will take place every Thursday, 14:00-16:00, starting April, 14th, 2022. Location: E2 2 - Hörsaal 0.01 (Günter-Hotz-Hörsaal). No physical presence is required except for the final exam (see below). A stream of the lecture will be provided via YouTube. The link to the stream can be found in the Materials section before the lecture.

Weekly Tutorials

The weekly tutorials will be in-person, with 1/3 of each tutorial online, which also allows remote participation. We offer 3 tutorial slots

Grading

Only the exam is graded. However, to register for the exam, you need at least 50% of the exercise sheet points. Additionally, there are optional lecture challenges that give you bonus points if you solve them. Bonus points can only be used to get a better grade if you already passed the course.

Written Exam

Exams are done in writing (or orally if the Covid situation does not allow written exams). The final exam will take place on August, 4th, 2022 14:00-16:00 in E2 2 - Hörsaal 0.01 (Günter-Hotz-Hörsaal). Note that physical presence is required for the exam.

All questions of the exam are in English. Answers can be given either in English or in German, at the student’s discretion.

You are allowed to bring a DIN A4 double-sided handwritten paper cheat sheet containing your name and anything you consider useful for the exam. No other materials or tools are allowed during an exam. All materials required to solve the practical questions are provided at the exam.

Lecture Challenges

During the lecture, there will be small “Lecture Challenges” that you can optionally solve as a bonus. These challenges are optional, but solving them results in bonus points. The aim of the challenges is to dig deeper into a certain topic of the respective lecture. Thus, it is advisable to try to complete the challenge soon after the lecture.

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.