TU Wien:Systems and Applications Security VU (Lindorfer)

Aus VoWi
Zur Navigation springen Zur Suche springen

Daten[Bearbeiten | Quelltext bearbeiten]

Vortragende Jakob BleierMartina Lindorfer
ECTS 6,0
Alias System and Application Security (en)
Ersetzt Advanced Internet Security VU (Dabrowski), Software Security VU (Weippl)
Letzte Abhaltung 2024S
Sprache English
Mattermost systems-and-applications-securityRegisterMattermost-Infos
Links tiss:192112, eLearning
Masterstudium Data Science Modul FDS/EX - Fundamentals of Data Science - Extension (Gebundenes Wahlfach)
Masterstudium Business Informatics Modul ISE/EXT - Information Systems Engineering Extension (Gebundenes Wahlfach)
Masterstudium Software Engineering & Internet Computing Modul Advanced Security (Gebundenes Wahlfach)

Inhalt[Bearbeiten | Quelltext bearbeiten]

Kombination aus den LVAs Advanced Internet Security und Software Security

Lectures WS21: covered a wide range of different topics. Imo most of them were interesting and well presented. The topics were: IoT & hardware, binary, web, mobile, malware, combinatorial testing, internet measurement, power grid

Challenges WS21: (each split into multiple sub-challenges)

  • Binary (reverse engineering, heap exploitation, shellcoding, kernel exploitation)
  • Web (XSS, XS-Search)
  • Android (reverse engineering, JS-Java-Binary exploit thingy)
  • Combinatorial Testing (evaluating test cases, creating test cases)

Challenges: WS20 Android, Binary Reversing, Web

Ablauf[Bearbeiten | Quelltext bearbeiten]

WS2021: Over the semester there were weekly lectures, 2 online Tuwel Tests and 4 challenges.

WS22: Same as WS2021, Challenges were partly created new and reordered.

Benötigte/Empfehlenswerte Vorkenntnisse[Bearbeiten | Quelltext bearbeiten]

noch offen

Vortrag[Bearbeiten | Quelltext bearbeiten]

WS20 Self-study with weekly Q&A.

WS22 There are weekly lectures which are also livestreamed and made available to watch later.

Übungen[Bearbeiten | Quelltext bearbeiten]

4 Challenges with a variing number of Flags to get.

Prüfung, Benotung[Bearbeiten | Quelltext bearbeiten]

WS21: 60% challenges, 40% tests

Requirement to be positive: 50% Overall (Tests + Challenges)

Dauer der Zeugnisausstellung[Bearbeiten | Quelltext bearbeiten]

noch offen

Zeitaufwand[Bearbeiten | Quelltext bearbeiten]

Some challenges are really hard, however if you are stuck, you can always ask a tutor or other LVA member in the lectures Mattermost chat for tipps. For me, some Challenges took a pretty long time, so I definitely exceeded the 6 ECTS of the course. However if you are only going for a positive/average grade, the needed time should be in line with the 6 ECTS. In WS22, the challenges were made slightly more humane, and reordered, such that the students are not already frustrated during the first challenge (1 (Android) and 2 (IoT) were ok, 3 was hard (--> binary exploiting), 4 (Web) was kind of hard, but doable)

Unterlagen[Bearbeiten | Quelltext bearbeiten]

noch offen

Tipps[Bearbeiten | Quelltext bearbeiten]

  • in WS21 the first challenge was really hard for me, the last one really easy. Hence, they are not equally hard so better start early
  • doing challenges as two people is much less frustrating (but check the Collaboration Policy on what's allowed)
  • If you are stuck at a challenge/flag, ask for help in the lectures mattermost chat.

Highlights / Lob[Bearbeiten | Quelltext bearbeiten]

noch offen

Verbesserungsvorschläge / Kritik[Bearbeiten | Quelltext bearbeiten]

noch offen