Foundations of Cyber Security II Michael Schwarz

News

09.05.2022

No Lecture This Week

Hi all,

just a short reminder: There will be no lecture this week, i.e., on May 12. Hence, we will also not release a new exercise sheet. The next lecture and sheet will be on May 19.

Cheers,

Daniel

05.05.2022

Broken PDF Contents

Hi all,

We observed that some of your solutions contain missing or wrong content in the PDF forms. This can easily happen depending on your PDF viewer.

To double-check you could, e.g., download your submission from the CMS again and check whether the file... Read more

Hi all,

We observed that some of your solutions contain missing or wrong content in the PDF forms. This can easily happen depending on your PDF viewer.

To double-check you could, e.g., download your submission from the CMS again and check whether the file still contains your answers. It is also often helpful to use the Print-As-File function of your PDF viewer and print the submission again as a PDF.

Cheers,

Daniel

PS: This does not mean that all your submissions must use the PDF forms. Feel free to submit other styles of solutions as long as they are readable.

26.04.2022

Feedback Exercise Sheet 1 + Grading Task 4

Hi all,

you can now see your feedback for the first exercise sheet on your Personal Status page in the CMS.

Due to a mistake from our side [1], we decided to grade the fourth task as a bonus exercise.

We apologize for the mistake and the resulting... Read more

Hi all,

you can now see your feedback for the first exercise sheet on your Personal Status page in the CMS.

Due to a mistake from our side [1], we decided to grade the fourth task as a bonus exercise.

We apologize for the mistake and the resulting frustration on your side!

 

Cheers,

Daniel

 

[1]: The scripts for task 4 contained Python type hints which were only supported in Python versions newer than the default of the recommended Ubuntu version

16.03.2022

saarsec CTF Workshop (Non-Lecture Content)

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security... Read more

Hello there,

we, the Capture-the-Flag Team saarsec, consisting of students and lecturers from Saarland University, are giving a workshop to familiarize students with Capture-the-Flag competitions as well as attacking and defending against security vulnerabilities. CTFs are a great way to actually fiddle around with the practical details of mounting attacks and defenses that were theoretically discussed during your studies. This practical experience can not only be beneficial for your studies but also come in handy during later stages of your career. The workshop starts with a short introduction to Linux, followed by different topics such as File Inclusions, SQL Injections, and Command Injections. For each topic, we will discuss how we can find these vulnerabilities, exploit them on a large scale, and how we can fix them. Then, for each each topic, you'll spend more than 50% of the time in each slot on actual challenges. At the end, we will host a CTF for all workshop participants where they can use their newly acquired skills against each other.

FAQ:

Q: When and where?

A: April 10th and 11th, the format (virtual, onsite, or hybrid) will be announced later

Q: Requirements?

A: We do not require any certain skills as we will start with the basics. However, the knowledge from Cysec1 or Security is definitely an advantage.

Q: Sounds awesome! Where can I register or get more information?

A: https://workshop.saarsec.rocks

 

See you there,

saarsec

 

Foundations of Cyber Security II

In this lecture, you will learn about software and system security. This includes malware, software vulnerabilities, isolation techniques, and side channels. You will learn about different types of software vulnerabilities, how to find vulnerabilities, how to exploit them, and ways to prevent vulnerabilities as well as techniques to deal with existing vulnerabilities. The following topics are covered in this lecture

  • Malware
  • Operating-system and Low-level Basics
  • Memory Safety + Exploitation
  • Finding Vulnerabilities
  • Preventing Vulnerabilities
  • Dealing with Vulnerabilities
  • Introduction to Side Channels

Time and Location

The lecture will take place every Thursday, 14:00-16:00, starting April, 14th, 2022. Location: E2 2 - Hörsaal 0.01 (Günter-Hotz-Hörsaal). No physical presence is required except for the final exam (see below). A stream of the lecture will be provided via YouTube. The link to the stream can be found in the Materials section before the lecture.

Weekly Tutorials

The weekly tutorials will be in-person, with 1/3 of each tutorial online, which also allows remote participation. We offer 3 tutorial slots

Grading

Only the exam is graded. However, to register for the exam, you need at least 50% of the exercise sheet points. Additionally, there are optional lecture challenges that give you bonus points if you solve them. Bonus points can only be used to get a better grade if you already passed the course.

Written Exam

Exams are done in writing (or orally if the Covid situation does not allow written exams). The final exam will take place on August, 4th, 2022 14:00-16:00 in E2 2 - Hörsaal 0.01 (Günter-Hotz-Hörsaal). Note that physical presence is required for the exam.

All questions of the exam are in English. Answers can be given either in English or in German, at the student’s discretion.

No lecture notes or any other materials are allowed during an exam. All materials required to solve the practical questions are provided at the exam.

Lecture Challenges

During the lecture, there will be small “Lecture Challenges” that you can optionally solve as a bonus. These challenges are optional, but solving them results in bonus points. The aim of the challenges is to dig deeper into a certain topic of the respective lecture. Thus, it is advisable to try to complete the challenge soon after the lecture.



Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators