Universität Hamburg

Universität Hamburg

SVS - Security in Distributed Systems
MIN Faculty.Informatics.SVS
   UHH  >  Dept. of Informatics  >  SVS  >  Teaching >  Previous Courses >  SS 2008 > Fortgeschrittene IT-Sicherheit      SiteMapSitemap  SearchSearch Seitenende
*SVS Homepage
*General Information
*Events and Conferences
*People
*Research
*Teaching
 - WS 2008/09
 - Previous Courses
   - SS 2008
     - Praktikum: IT Sicherheit
     - Vorlesung
     - Oberseminar
     - Projekt: Netzwerksicherheit
     - Projekt: Softwaresicherheit (II)
   - WS 2007/08
   - SS 2007
   - WS 2006/07
   - SS 2006
   - WS 2005/06
   - SS 2005
   - WS 2004/05
   - SS 2004
*For Students
*Open Positions

Fortgeschrittene IT-Sicherheit - SS 2008

18.484   Oberseminar: Fortgeschrittene IT-Sicherheit
Organisers:
 Dieter Gollmann (TU)
Time:
 Tuesday, 18 - 20 c.t. (2 SWS)
Location:
 to be announced

Contact

Please contact Bastian Braun for further questions and for scheduling your talk.

Schedule

Date Speaker Location Title
 29.04.2008  Zheng Lei ESA 1 W,
room 221		 PhP Tainting
 24.06.2008  Jan Kohlrausch
(DFN-CERT)		 ESA 1 W,
room 221		 NoAH

Abstracts

29.04.2008 - Zheng Lei - PhP Tainting

PHP tainting is an automated approach to protect PHP web applications from web application vulnerabilities such as: Cross-Site Scripting (XSS), SQL Injection, Code Injection and Command Injection. These vulnerabilities share a common characteristic that web application uses malicious inputs from attackers without validation. The motivation of this master thesis is to introduce the principle of PHP tainting and assess the current state of existing PHP tainting implementations.

24.06.2008 - Jan Kohlrausch - NoAH

NoAH is a three-year project of the funded by the European Union to gather and analyse information about the nature of Internet cyberattacks. It will also develop an infrastructure to detect and provide early warning of such attacks, so that appropriate countermeasures may be taken to combat them.
Objectives are:
* Design a state-of-the-art infrastructure of honeypots which will gather and correlate data on cyberattacks.
* Develop techniques for the automatic identification of attacks, and for the automatic generation of their signatures. Mechanisms to distribute these signatures to firewalls and other containment systems will also be investigated.
* Install and operate a pilot honeypot infrastructure to demonstrate the usefulness and effectiveness of distributed security monitoring systems. This will be operated for at least one year, with the eventual aim of rolling out a full-scale infrastructure across Europe.
The talk will give an overview on the state-of-the-art of honeypot technologies focusing on the Argos sensor and the lessons learned by the operation of the honeypot testbed.

______________________________
Auszug aus dem KVV:

Sicherheitsrelevante Themen von Informatiksystemen werden anhand von aktuellen Projekt-, Baccalaureats- und Diplomarbeiten und Dissertationsvorhaben vorgestellt und intensiv diskutiert. Das Seminar wird gemeinsam vom Arbeitsbereich SVA der Technischen Universität Hamburg-Harburg und dem Arbeitsbereich SVS des Fachbereichs Informatik der Universität Hamburg angeboten und soll auch dem Austausch der aktuellen Forschungsergebnisse zwischen den beiden Arbeitsbereichen dienen und die Zusammenarbeit vertiefen.

Das Oberseminar soll Studierenden und Promovierenden, die sich im Fachgebiet IT- Sicherheit vertiefen, eine Plattform bieten, um aktuelle Probleme und Forschungsarbeiten im Bereich IT-Sicherheit vorzustellen und zu diskutieren. Gastvorträge sind im Programm ebenfalls vorgesehen.

Most Presentations are made available for download in PDFPDF format,
to view them you need the Acrobat Reader version 5 or higher.
  
Click to download Acrobat Reader

 

  Impressum Last modified: 03/06/2008 - 15:24:40 by bb Seitenanfang