Trusted Systems Group

Summer term 2018

Selected Topics in Mobile Security SS 18

  • Proseminar
  • Wed, 12 – 14
  • E9 1, room 0.06
  • Sven Bugiel and Abdallah Dawoud

In this proseminar, the participants will learn at the example of selected topics from the area of mobile security how to find, summarise, present, and discuss relevant scientific papers. The focus of the selected papers lies on Android, given its high popularity among researchers. The topics include usability aspects of Android's permission system and security-relevant APIs, security extensions at different levels of Android's software stack, app analysis, and newly identified attack vectors.

Registration and more information can be found in the course management system.

Trusted and Secure Computing SS 18

  • Seminar
  • Thu, 14 – 16
  • E9 1, room 0.06
  • Sven Bugiel and Dhiman Chakraborty

In this seminar, the participants will be introduced to essential concepts in the domain of secure, trusted, and trustworthy computing. The focus is particularly on hardware-based security architectures in different settings like server, network, cloud, or embedded device security. Examples for such hardware security primitives are Trusted Platform Modules, Intel SGX, or ARM TrustZone. The participants should be additionally enabled to discuss and evaluate state-of-the-art research solutions in this domain.

Registration and more information can be found in the course management system.

Past terms

Mobile Security WS 17/18

  • Advanced lecture
  • Wed, 10 – 12
  • E9 1, 0.01
  • Sven Bugiel

This advanced lecture deals with different, fundamental aspects of mobile operating system and application security, with a strong focus on the popular, open-source Android OS and its ecosystem. In general, the awareness and understanding of the students for security and privacy problems in the area of smartphones is increased and they learn to tackle current security and privacy issues on smartphones from the perspectives of different security principals in the smartphone ecosystem: end-users, app developers, market operators, sytem vendors, third parties (like companies).

Registration will be done soon through the CISPA course management system.

Hacking SS 17

  • Proseminar
  • varies
  • E9 1, 0.06
  • Sven Bugiel

Goal of this Proseminar is to give students a deeper understanding of the typical security problems and weaknesses that pervade all kinds of IT systems today. To provide a more solid understanding of the discussed attack techniques, this seminar strongly mixes theoretical and practical aspects. On the one hand, participants are conveyed the typical Proseminar learning contents (e.g., presentation techniques, etc.). On the other hand, the participants are required to also learn and apply established tools for exploiting and attacking IT systems in the context of capture-the-flag styled exercises.

More information on the course website.

Trusted and Secure Computing SS 17

  • Seminar
  • block course (Sep 11 – Sep 22)
  • E9 1, lecture hall
  • Sven Bugiel

In this two-week lecture, the participants will be introduced to essential concepts in the domain of secure, trusted, and trustworthy computing. The focus is particularly on hardware-based security architectures in different settings like server, network, cloud, or embedded device security. Examples for such hardware security primitives are Trusted Platform Modules, Intel SGX, or ARM TrustZone. In addition to the lecture, the participants should gather some hands-on experience with these technologies through two compact projects (one TPM based, one about hardware-isolated execution environments) and thus provides a perfect opportunity to understand hardware-based security architectures more deeply in theory and practice. Based on this experience, the participants should be additionally enabled to discuss and evaluate state-of-the-art research solutions in this domain. Given the fashionability of those primitives in modern system designs, this course will also have a strong connection to current system security research topcis, e.g., through discussion of relevant research results.

The course will offered as a two weeks block course at the end of the summer term 2017, between Sep 11 and Sep 22.

More information on the course website and the course management system.

Practical Aspects of Cybersecurity WS 16/17

  • Proseminar
  • varies
  • E9 1, 0.06
  • Sven Bugiel

This Proseminar conveys students a basic competence in understanding, evaluating, and presenting scientific articles. This is done at the example of two selected areas of practical cybersecurity. The seminar will be held "conference style", i.e., students take on the roles of academic reviewers of scientific papers, which have to understand and evaluate the scientific contributions of papers and discuss the papers' contents, as well as of authors, which have to present scientific results in a precise and clear way to an audience.

More information on the course website.

Mobile Security WS 16/17

  • Advanced lecture
  • Tue, 16 – 18
  • E3 1, HS001
  • Sven Bugiel

This advanced lecture deals with different, fundamental aspects of mobile operating system and application security, with a strong focus on the popular, open-source Android OS and its ecosystem. In general, the awareness and understanding of the students for security and privacy problems in the area of smartphones is increased and they learn to tackle current security and privacy issues on smartphones from the perspectives of different security principals in the smartphone ecosystem: end-users, app developers, market operators, sytem vendors, third parties (like companies).

More information on the course website.

Android Security Lab SS 16

  • Full-day course
  • Everyday 09:30 - 16:30
  • E9 1, 3.08
  • Sven Bugiel

Together with the Information Security & Cryptography group at CISPA, the Trusted Systems Group is offering a full-day course ("Blockkurs") on Android security.

For further information on the course schedule and modus, please refer to the course page at the IS&C website.