Skip to main content.
Security
Core Lecture in Winter Term 2010/2011

Tutors
Holger Bornträger (ph
x09wb4mynv
eredhel@gmx
534tw4piyx
.d
ng57ahf5dj
e)
Sven Obser (s9svobse
4ibcawwy61
@st
viksh08lna
ud.uni-s
zsygt02iqc
aarland.de)
David Pfaff (da
58737wfl17
v
1mcmrhz989
.p
fyipx97oxe
faff@googlemail.com)
Philip Peter (s9phpete@s
oi0zjn4iml
tud.uni-saarland
hwd6qsabsl
.de
bxaawsjjk1
)
Pengming Wang (s9pewang@stud
34ul1l83rv
.uni-saarl
3fvooc0n8c
and.de
an5zen0rgu
)
Lecture Time
Wednesday 12-14, Friday 12 - 14
Office Hours (TAs)
Friday, 11 - 12
Location
E2.2 (new lecture hall building)
Language
English
Registration
closed
Contact
secutity-ta@mail-infsec.cs.uni-saarland.de

News

Assignments

The course comprises four practical projects and six theoretical exercise sheets. You can work in teams (which have to be fixed throughout the entire course) of up to two people. For the practical projects the first team that manages to solve a subtask and provides proof of that by e-mail receives additional bonus points for that subtask. Each team can get at most three such extra points. The status of each subtask will be displayed by an internal webpage.

The projects are going to be handed out at the end of the class and posted on the course web page roughly every 3 weeks (the precise dates are listed below). Sample solutions will be posted on an internal web page and discussed in the tutorials.

The theoretical assignments are going to be handed out every second week. The teams from the practical projects are allowed to work together, but every student has to submit an own solution of the exercise sheet.

Lecture Timetable

ERROR OPENING FILE "lectures.txt"

Tutorials

ID Day Time Room TA
1 Tue 12-14 HS 003 (E1 3) Philip Peter
2 Tue 16-18 HS 003 (E1 3) Pengming Wang
3 Mon 8-10 HS 003 (E1 3) Holger Bornträger
4 Mon 12-14 HS 003 (E1 3) Sven Obser
5 Mon 14-16 SR 016 (E1 3) David Pfaff

Project #1 (Control Hijacking Attacks)

Project description: project1.pdf

Resources: code.tar.gz   vm.tar.gz   early bird status

Useful references:

Project #2 (Web Attacks)

Project description: project2.pdf

Resources: Peanut Foundation   useful hints   email script   peanut.tar.gz   txt-db-api.tar.gz   early bird status

This project is due on 7 December 2010 at 11:59 p.m.

Project #3 (ProVerif)

Project description: project3.pdf

Resources: ProVerif homepage  early bird status

This project is due on 13 January 2011 at 11:59 p.m.

Project #4 (Jif)

Project description: project4.pdf

Resources: Jif homepage  Password.jif  LStack.java  early bird status

This project is due on 08 February 2011 at 11:59 p.m.

Grading

For passing the course the following minimal amount of points is needed:

Note

In this course we discuss vulnerabilities and attacks. Most vulnerabilities have been fixed, still some attacks may cause harm. Do not try these at home or anyplace else.