System Security Lab

  1. System Security Lab:

    Hands-on-exercises in Cyber Security

  1. Lecturer:
    Assoc.Prof. Dipl.-Ing. Dr. Peter Schartner
    Course dates:
    The preliminary meeting will be announced per E-Mail
    In this course, sub-areas of system security will be examined in depth using practical examples. Smartcards are already being used massively in the area of system security and SmartPhones offer an entry into the interesting research area ''Mobile Security'', which is becoming more and more important. In addition, security tools such as GPG, RFID components, dongles or port scanners are used.
      • Theoretcal part (lecture, fixed date):
        • Comming soon ...
        • Optional, no obligation to attend
      • Practical part (blocked lectures, 0900-1200 and 1300-1700 , S.1.37)
        After arrangement in the preliminary meeting, 5 days have to be booked.
        • 05/06 and 12/13 December 2019
        • 09/10 and 16/17 January 2020
      • Ideally, the lab-exercises should be solved in groups of 2 persons.
    Completion of the lab-examples and submission of the minutes (75%) + short oral examination on the lab-examples (25%). Both parts have to be positive!
    System Security Lab
  1. Theoretical Part

    1. Prerequisites – Basisc of System Security (for individual repetition!)
    2. Lab hardware (smartphhones, tablets, smart cards, RFID, NFC, degausser, …)
    3. JavaCard programming basics

  1. Practical Part (S.1.37)

    Please read the exercises you have chosen before starting the practical part. Printing is not necessary, you will receive a handout at the beginning of the day.
  1. Topics

    P01: Programming JavaCards (mandatory for all participants!)
    P02: Security-relevant Smartphone/Tablet-Application (mandatory for all participants!)
    W01: Programming and Testing of cryptographic Algorithms
    W02: Smart cards, Certificates, Login and Passwords
    W04: CrypTool, Network Tools, and GPG

    W07: Sicherer Umgang mit Dokumenten (sorry, German only!)
    W10: Netzwerksicherheit 101 (sorry, German only!)
    Basic knowledge of Linux not necessary, but helpful
    W14: RFID und NFC (sorry, German only!)

    W99: New ideas are welcome!  
    • Description on one DIN-A4 page
    • No risk to life, limb or (if possible) equipment
    • Duration: 2 days max.
    • Approval by the lecturer

    Available Hardware:
    • Rubber Ducky & Bash Bunny
    • Proxmark3
    • WiFi Pineapple
    • ...
    • Lenovo Yoga Book