SecLab 20/21

 
Type Practical Project Seminar
SWS 4
ECTS 7.0 (+4.0)
Schedule Type Weekly Meetings
Area Data and Information Management
Lecturer Prof. Dr. Ulrike Meyer
Teaching Assistants Andreas Klinger, Sebastian Schäfer, Vincent Drury
Contact

Application

In order to apply for the lab, please send us an email with your write-up of the entry challenge and a motivation why you want to participate. See below for further information regarding the entry challenge.

We will notify you whether you have a spot in the lab or not before the deadline of the registration for other labs/seminars. If you got a spot, you need to confirm as soon as possible that you actually want to participate.

Important Dates

  • Entry Challenge: 2011-05-31, 12:52 noon till 2021-06-13, 23:59.
  • TBA

Requirements

  • Current Major: Master of Computer Science
  • No other practical course/lab already completed in your Master's studies
  • Basic IT-security knowledge (e.g. have attended the IT-Security lecture, the Security in Mobile Communications lecture, ...).
  • Basic Linux (command-line) skills.
  • At least decent or advanced programming skills in one programming language.
  • Decent knowledge of networking (TCP/IP).

Topics

We will discuss mainly the following topics and implement various practical attacks in those application fields.

  • Wireless technologies in practice, e.g. session hijacking, WEP/WPA/WPA2 hacking...
  • Network traffic analysis, e.g. analysis of authentication protocols, sniffing...
  • Security countermeasures, e.g. reactive security, system analysis...
  • Attacks against cryptography, e.g. key recovery in cryptographic ciphers, factorization attacks...
  • Web application security, e.g. cross-site scripting, wargames...
  • Code analysis, e.g. java byte code analysis, reverse engineering...
  • Malware analysis, e.g. analysis of botnet samples and rootkits
  • Android security, e.g. analysis of mobile malware and forensic data analysis
  • ...

You have to solve common tasks every two weeks and work on it in the lab (if possible) or at home. Be prepared to spend some time in the lab. To balance the effort required for the lab, it will be possible to combine the course with a 4ECTS seminar. More information about this seminar will be available to all participants in the first weeks of the lab.

Entry Challenge

Here is the challenge that you can solve in order to significantly increase your chances of getting a spot in the Security Lab. Note, that the quality of your solution to the entry challenge influences your chance of getting one of the highly sought-after spots in the lab.

Submission

You can submit your solution as a pdf file (written in English or German) until Sunday, June 13th, 2020 at 23:59. We will announce whether you were able to enter the lab before the deadline of choosing practical courses. This way, you can still apply for a different course if you did not make it.

Please do not submit in teams and try to solve the challenge on your own instead!
Submissions should be sent via email.

Task

Collect as much information as possible about this file. If you think you have found everything, you might want to dig deeper or try something else...

Write-Up

For the write-up, make sure to tell us:

  • How you approached the problem.
  • What you found in each step (including everything interesting).
  • Why you pursued or didn't pursue any particular avenue.
  • Also write down everything you tried (even if it did not lead to success).


Make sure, to also include:

  • A short motivation, where you describe in a few sentences, less than 1/2 page, why you want to attend the lab
  • Your major
  • Your student number

Have Fun!