Universität Hamburg

Universität Hamburg

SVS - Security in Distributed Systems
MIN Faculty.Informatics.SVS
   UHH  >  Dept. of Informatics  >  SVS  >  Teaching >  Previous Courses >  WS 2007/08 > Projekt: Softwaresicherheit (I)      SiteMapSitemap  SearchSearch Seitenende
*SVS Homepage
*General Information
*Events and Conferences
*People
*Research
*Teaching
 - WS 2008/09
 - Previous Courses
   - SS 2008
   - WS 2007/08
     - Praktikum: IT Sicherheit
     - Vorlesung: Datenschutz
     - Vorlesung: Mobile Sys.
     - Vorlesung: VIS
     - Seminar
     - Oberseminar
     - Projekt: Softwaresicherheit (I)
     - Practical Insecurities
   - SS 2007
   - WS 2006/07
   - SS 2006
   - WS 2005/06
   - SS 2005
   - WS 2004/05
   - SS 2004
*For Students
*Open Positions

PROJEKT: Softwaresicherheit - WS 2007/08

18.334 Projekt: Softwaresicherheit (Teil 1)
Time:
 Wednesday 14-18 Uhr (4 SWS)
Location:
 F-027 [SVS Lab]
Organisers:
 Joachim Posegga; Bastian Braun, Robert Olotu, Henrich C. Pöhls

Registration and Preparatory Meeting

STiNERegister in STiNE (registration will be open until 27.10.2007 23:59) and attend the Mandatory Meeting:
(as a diploma student, it may be necessary to register as 'Hörer' via the Humboldt-Button)
Wednesday, 17th of October 2007, 2 pm, F-027 [SVS Lab]

First you need to register for the project in STiNE. Then taking part in the meeting is obligatory for participating in this class. The program and workload of the project will be presented and preparing literature will be specified. Additionally, the final binding registration will take place during this meeting, but only if you registered through STiNE first you will be able to attend.
If more students register than we have seats, we will choose the students according to predefined rules, if we still have more registrants than seats we will finally draw.

Prerequisites

  • Vordiplom (for diploma students)
  • Good programming skills
  • Basic knowledge of operating systems
  • Basic knowledge of web applications

Project Outline

The project spreads over two semesters. In the first semester, selected topics in the realm of software security will be discussed. It will cover four semester hours and represents the introductory part of this class where you will learn about common challenges, methods for their resolution, and you will need to provide answers to the given problems.

On the basis of the acquired knowledge, you will have to choose among several distinct projects. In groups of three to four students you will work independently on current practical issues in software security. In the second semester of the project, covering two semester hours, regular meetings with your assigned tutor will guide you to a final presentation of your project.

Topics covered

Here are some topics covered in this course. Note, that this list is not exhaustive:
  • Web-service security
    • SQL Injection
    • Cross-Site Scripting
    • Session Hijacking
    • Remote Code Injection
    • Input Filtering
  • Common vulnerabilites (buffer overflows, integer overflows, signedness problems, format strings problems)
    • how do they work
    • how to exploit them
    • how to detect them
    • how to prevent them
  • Software analysis tools

More information

For more information please contact Bastian Braun.
Vernard Luxe
Files are available for download only from within the university network in PDFPDF format,
to view them you need the Acrobat Reader version 5 or higher.
  
Click to download Acrobat Reader

 

  Impressum Last modified: 29/10/2007 - 10:01:26 by bb Seitenanfang