 |
|
||||||||||
System Security SS09
News / Recent Events
- 4.5.2012 Joel Reardon presents the paper "User-level Secure Deletion on Log-structured File Systems" at ASIACCS in Seoul, Korea.
- 16.4.2012 Aanjhan Ranganathan presents the paper "Physical-Layer Attacks on Chirp-based Ranging Systems" at WiSec in Tucson, Arizona.
- 2.4.2012 Nils Ole Tippenhauer is interviewed for students.ch regarding the risk of cyber attacks.
- 23.12.2011 Christina Pöpper is interviewed for WRS regarding the recent U.S. drone captured in Iran and the GPS spoofing claims.
- 8.12.2011 Boris Danev presents the paper "Enabling Secure VM-vTPM Migration in Private Clouds" at ACSAC in Orlando, Florida.
- 21.10.2011 Ghassan Karame presents the paper "Privacy-Preserving Outsourcing of Brute-Force Key Searches" at CCSW in Chicago, IL.
- 18.10.2011 Nils Ole Tippenhauer presents the paper "On the Requirements for Successful GPS Spoofing Attacks" at CCS in Chicago, IL.
The webpage of System Security SS08 is archived here.
The webpage of System Security '07 is archived here.
Lecture: Thu, 13:15-15:00, IFW A36
Exercises: Fri, 13:15-15:00, IFW A32.1 (must be handed in on the following Thursday, no later than 13:30)
Course
responsible: Prof. Srdjan Capkun, ETHZ, (capkuns@inf.ethz.ch)
Teaching Assistants: Boris Danev, Nils Ole Tippenhauer
Lecture start: Thursday, 19.02.09
Lecture end: Friday, 28.05.09
No lectures on: 16.04 (Easter),21.05 (Ascension)
Duration: 13 weeks
Exercises start: Friday, 27.02.09
Exercises end: Friday, 22.05.09
No exercises on: 10./17.04 (Easter),1.05 (Labor Day)
10 Exercise sessions in total.
Testat: 80% of exercices. If an examination is taken, exercises will count towards 20% of the exam grade.
Exam: oral, 20 minutes
Literature recommendations: Security in Computing, Pfleeger; Security Engineering, Anderson; plus special on literature list
Oral exam schedule
The oral exams are going to take 20 minutes each. The oral exam is not necessary if you don't need a grade ("Schein").
The exam will take place in IFW C41.2. In the case that you cannot make it to the exam for any reason, please contact the Pruefungsplanstelle (+41 44 632 20 68).
Exercise schedule and material
The solutions must be handed in on Thursdays, no later than 13:30. Exceptions to this rule are explicitely stated below. After the lecture on Thursdays the solutions to that weeks exercises will be online (below) and so we can't accept any more solutions from you.
Please be aware that these are just the preliminary contents, they might still change
| Date | Exercises and slides | Note | Solution |
| 27.02.2009 | Exercise 1 | Slides 1 | Solutions 1 | |
| 06.03.2009 | Exercise 2 | Slides 2 | Solutions 2 | |
| 13.03.2009 | Lab Guide |
Solution lab |
|
| 20.03.2009 | Exercise 3 | Slides 3 |
dumped binary |
Solutions 3 |
| 27.03.2009 | Exercise 4 | Slides 4 | vulnapp_ex4.tar | Solutions 4 |
| 03.04.2009 | Exercise 5 | Slides 5 | Solutions 5 | |
| 24.04.2009 | Exercise 6 | Slides 6 | biometric_matchers.tar | Solutions 6 |
| 08.05.2009 | Exercise 7 | Slides 7 | Solutions 7 | |
| 15.05.2009 | Exercise 8 | Slides 8 | Eve.Image.tar.gz | Solutions 8 |
| 22.05.2008 | Exam Preparation |
Learning objectives
After this course you will be able to (1) classify and describe vulnerabilities and protection mechanisms of secure hardware (smartcards, crypto-coprocessors), operating systems and software systems (2) analyze / reason about basic protection mechanisms for modern OSs, software and hardware systems.
Content Description
The lecture covers the security of individual computer systems, including personal computers, smart cards and dedicated platforms. The course starts with considerations of cryptosystem implementations and side channel attacks, security of widely used computer platforms and tamper resistant hardware. The course continues with the examination of operating system and application related security mechanisms, from their security architectures to malware; this part also cover virtualization and sandboxing mechanism, and modern virtualization platforms. Finally, the course ends with a set of selected security topics like biometrics and computer forensics.
Lecture schedule and material
Lectures are accessible with your ETH id and password. Please use Mozilla/Firefox to download them!
Please be aware that these are just the preliminary contents, they might still change
| Date | W | Who | Lecture |
| 19.02.09 | 1 | Srdjan Capkun |
System Security: Introduction and main principles. Cryptography |
| 26.02.09 | 2 | Srdjan Capkun |
Hardware Security I |
| 05.03.09 | 3 | Srdjan Capkun | Hardware Security II |
| 12.03.09 | 4 | Srdjan Capkun | Operating Systems I: Principles and security |
| 19.03.09 | 5 | Nathalie Weiler | Operating Systems II: Windows Vista case study |
| 26.03.09 | 6 | Srdjan Capkun | Operating Systems III: Authentication, Access Control, Linux Security |
| 02.04.09 | 7 |
Srdjan Capkun / Boris Danev / Nils Tippenhauer |
Biometrics |
| 09.04.09 | 8 | Srdjan Capkun | Electronic Passports |
| 23.04.09 | 9 | Srdjan Capkun | Malware (1) |
| 30.04.09 | 10 | Nathalie Weiler |
Developing Large Secure Systems in Practice |
| 07.05.09 | 11 | Srdjan Capkun | - |
| 14.05.09 | 12 | Germano Caronni (Google) |
guest lecture |
| 28.05.09 | 13 | Srdjan Capkun | Malware (2) |
Wichtiger Hinweis:
Diese Website wird in älteren Versionen von Netscape ohne
graphische Elemente dargestellt. Die Funktionalität der
Website ist aber trotzdem gewährleistet. Wenn Sie diese
Website regelmässig benutzen, empfehlen wir Ihnen, auf
Ihrem Computer einen aktuellen Browser zu installieren. Weitere
Informationen finden Sie auf
folgender
Seite.
Important Note:
The content in this site is accessible to any browser or
Internet device, however, some graphics will display correctly
only in the newer versions of Netscape. To get the most out of
our site we suggest you upgrade to a newer browser.
More
information
