System Security AS14

Autumn semester 2014
Course no. 252-1414-00L, (5 ECTS)

Lecture: Mon, 10.15h -12.00h, LFO C 13
Exercises: Thu, 13.15h -15.00h, HG F 5

Course responsible: Prof. Srdjan Capkun (), Prof. Adrian Perrig ()
Teaching Assistants: Cristina Basescu, Hubert Ritzdorf, Ramya Jayaram Masti ()

Lecture start: Monday, 22.09.2014
Lecture end: Monday, 15.12.2014 (Tentative)
Duration: 13 weeks (Tentative)

Written exam

Performance assessment is based on exercises/reports submitted through the semester (20%) and a session examination at the end of the semester (80%). Details will be discussed at the end of the semester.

Exercise schedule and material

18.09.2014
No Exercise (exercises will start on 25.09.2014)

25.09.2014
protected pageSlides (PDF, 184 KB) | protected pageExercise (PDF, 99 KB) | protected pageSolution Template (TEX, 6 KB) | protected pageSolution (PDF, 142 KB)

02.10.2014
No submission - No Exercise

09.10.2014
protected pageSlides (PDF, 958 KB) | protected pageExercise (PDF, 90 KB) | protected pageVM Notes (TXT, 1 KB) | external pageVM (MD5: cc2beed438373f17db90770845ef9aed) | protected pageSolution (PDF, 101 KB)

16.10.2014
protected pageSlides (PDF, 55 KB) | protected pageGroup Schedule (PDF, 38 KB)

23.10.2014
protected pageSlides (PDF, 144 KB) | protected pageExercise (PDF, 86 KB) | protected pageSolution (PDF, 120 KB)

30.10.2014
protected pageSlides (PDF, 120 KB) | protected pageExercise (PDF, 147 KB) | protected pageSolution (PDF, 180 KB)

06.11.2014
protected pageSlides (PDF, 151 KB) | protected pageExercise (PDF, 128 KB) | protected pageExercise Folder (PW:0000) (ZIP, 13 KB) | protected pageSolution (PDF, 158 KB)

13.11.2014
No Submission - No Exercise

20.11.2014
protected pageSlides (PDF, 111 KB) | protected pageExercise (PDF, 82 KB) | protected pageSolution (PDF, 95 KB)

27.11.2014
protected pageSlides (PDF, 111 KB) | protected pageExercise (PDF, 82 KB) | protected pageSolution (PDF, 95 KB)

04.12.2014
protected pageSlides (PDF, 102 KB) | protected pageExercise (PDF, 85 KB) | protected pageExercise Folder (PW:0000) (ZIP, 9.6 MB)
protected pageSolution (PDF, 240 KB)

11.12.2014
DownloadSlides | DownloadExercise| DownloadExercise Folder

18.12.2014
--

Learning objectives

After this course you will be able to (1) classify and describe vulnerabilities and protection mechanisms of secure hardware (smartcards, crypto-coprocessors), operating systems and software systems (2) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.

Content Description

The lecture covers the security of individual computer systems, including personal computers, smart cards and dedicated platforms. The course starts with considerations of cryptosystem implementations and side channel attacks, security of widely used computer platforms and tamper resistant hardware. The course continues with the examination of operating system and application related security mechanisms, from their security architectures to malware; this part also cover virtualization and sandboxing mechanism, and modern virtualization platforms. Finally, the course ends with a set of selected security topics like biometrics and computer forensics.

Lecture schedule and material

Lectures are accessible with your ETH id and password. Please use Mozilla/Firefox to download them!

22.09.2014: W1 - Srdjan Capkun: protected pageIntroduction (PDF, 401 KB)

29.09.2014: W2 - Srdjan Capkun: protected pageSide channel attacks (PDF, 1.7 MB)

06.10.2014: W3 - Srdjan Capkun: protected pageSide channel attacks, Tamper Resilience, Smartcards, API attacks (PDF, 4.9 MB)

13.10.2014: W4 - Claudio Marforio: protected pageHardware security (PDF, 6.6 MB)

20.10.2014: W5 - Srdjan Capkun: protected pageSecurity of x86-based systems (PDF, 19 MB)

27.10.2014: W6 - Srdjan Capkun: Security of x86-based systems continued (slides above)

03.11.2014: W7 - Srdjan Capkun: Security of x86-based systems continued (slides above)

10.11.2014: W8 - Adrian Perrig: protected pageAttestation (PDF, 5.4 MB)

17.11.2014: W9 - Adrian Perrig: protected pageSoftware-based attestation Pioneer paper (PDF, 1.2 MB)

24.11.2014: W10 - David Barrera: protected pageOS Security Introduction (PDF, 787 KB) | Additional reading: protected pageAccess control fundamentals (PDF, 130 KB)

01.12.2014: W11 - Adrian Perrig: protected pageLinux and Windows Security (updated) (PDF, 1.2 MB) | Additional Reading: protected pageSecurity in ordinary operating systems (PDF, 157 KB)

08.12.2014: W12 - David Barrera: protected pageSELinux (PDF, 2.6 MB) | Additional reading: protected pageSecuring commerical OSes (PDF, 107 KB) and protected pageCase study: SELinux (PDF, 193 KB)

15.12.2014: W13 - David Barrera: protected pageAndroid security (PDF, 2.5 MB)

JavaScript has been disabled in your browser