Vorlesung Resilient Networking
Vorlesung auf Englisch.
The lecture is going to be given on Tuesdays, 12:00 - 13:30, starting from November 3rd! It will be streamed and the videos will be available for download, online, subsequent to the corresponding lecture. We will organize the reading group during the first lecture, so please try to make sure that you participate in this event, at least.
Alike the past years there's a limit of 15 students who can participate in this course, as the reading group does not scale to larger groups.
The lecture resilient networking provides an overview on the basics of secure networks as well as on current threats and respective countermeasures. Especially bandwidth-depleting Denial of Service attacks represent a serious threat. Moreover, over the last years the number of targeted and highly sophisticated attacks on company and governmental networks increased. To make it worse, as a new trend at the moment, the interconnection of the Internet with cyber physical systems takes place. Such systems, e.g., the energy network (smart grid), trans- portation systems and large industrial facilities, are critical infrastructures with severe results in case of their failure. Thus, the Internet that interconnects these systems has evolved to a critical infrastructure as well.
The lecture introduces the current state-of-the-art in the research towards resilient networks. Resilience-enhancing techniques can be generally classified in proactive and reactive methods. Proactive techniques are redundancy and compartmentalization. Redundancy allows to tolerate attacks to a certain extent, while compartmentalization attempts to restrict the attack locally and preventing its expansion across the whole system. Reactive techniques follow a three step approach by comprising the phases of detecting an attack, mitigate its impacts, and finally restore a system's usual operation.
- excursus to graph theorie
- overview on BGP routing and the Domain Name Service
- Denial of Service attacks and their mitigation
- mechanism for increasing the resilience of P2P networks
- Intrusion Detection system
Tuesdays 12:00 hybrid:
Grashoff lecture hall and online at our bbb server (contactus for the pass code)
Thursdays 10:00 online
Access to online lectures through ILIAS: https://ilias.studium.kit.edu/goto.php?target=crs_1278878&client_id=produktiv
The course will consist of a lecture (3SWS) and an exercise course (1SWS). The exercise course consists of two parts: we will hold a biweekly reading group and there will be a task assignment. We will read papers from the context of the topics in class in the reading group. Everybody is expected to read all mandatory papers (around 9), and we will choose volunteers for each paper to briefly summarize the content, before the entire group discusses their questions and comments regarding the paper. We hope to discuss two papers during each session. The implementation task will be introduced in the context of the class discussing database publication and differential privacy. Each participant of the course will be tasked to implement a simple solution for data sharing with differential privacy, and the results will be presented and discussed during the last exercise course.
Here is the list of mandatory and optional reading material (publications regarding the topics in class).
The reading group will mainly cover the mandatory reading, potentially some additional papers of interest (depending on the number of students who enrol in the course).